ComboFix 09-10-27.08 - The Earl 10/28/2009 15:10.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3838.3183 [GMT -5:00]
Running from: c:\documents and settings\The Earl.LAPPY\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system\msvbvm60.dll
c:\windows\system32\iepjb\ATIDLL_plwqacvfk.dll
c:\windows\system32\iepjb\AWTKernel32_fqqqzbrmd.dll
.
((((((((((((((((((((((((( Files Created from 2009-09-28 to 2009-10-28 )))))))))))))))))))))))))))))))
.
2009-10-26 18:39 . 2004-08-04 10:00 9216 ----a-w- c:\windows\system32\kbdnecAT.dll
2009-10-26 18:38 . 2004-08-04 10:00 57398 ----a-w- c:\windows\system32\dllcache\imjpdadm.exe
2009-10-25 19:37 . 2009-10-25 19:37 -------- d-----w- C:\ERDNT
2009-10-25 19:37 . 2009-10-25 19:37 -------- d-----w- c:\program files\ERUNT
2009-10-25 19:18 . 2009-10-25 19:18 -------- d-----w- c:\program files\Trend Micro
2009-10-25 19:00 . 2009-10-25 19:00 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-25 18:39 . 2006-06-19 18:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-10-25 18:39 . 2006-05-25 20:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-10-25 18:39 . 2005-08-26 06:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-10-25 18:39 . 2003-02-03 01:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2009-10-25 18:39 . 2002-03-06 06:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-10-25 18:39 . 2009-10-25 18:39 -------- d-----w- c:\program files\Trojan Remover
2009-10-25 18:39 . 2009-10-25 18:39 -------- d-----w- c:\documents and settings\The Earl.LAPPY\Application Data\Simply Super Software
2009-10-25 18:39 . 2009-10-25 18:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-10-19 16:12 . 2005-06-14 16:50 24576 ----a-w- c:\windows\ACP50GUID.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-28 19:54 . 2008-08-05 21:03 102684 ----a-w- c:\windows\system32\nvModes.dat
2009-10-28 17:51 . 2009-08-10 04:03 59 ----a-w- c:\windows\wpd99.drv
2009-10-28 17:51 . 2009-08-10 04:03 -------- d-----w- c:\documents and settings\All Users\Application Data\pdf995
2009-10-25 18:51 . 2008-08-05 21:39 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-19 16:12 . 2008-08-05 21:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-18 02:33 . 2008-08-05 21:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-25 14:24 . 2008-08-05 21:32 -------- d-----w- c:\program files\Google
2009-09-23 12:55 . 2009-03-31 15:54 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-22 16:12 . 2009-09-20 17:54 -------- d-----w- c:\program files\SimpleOCR
2009-09-22 16:12 . 2009-09-20 18:02 -------- d-----w- c:\program files\PDF Converter XP
2009-09-21 16:05 . 2008-09-30 16:35 -------- d-----w- c:\program files\MozyHome
2009-09-20 17:29 . 2009-09-20 17:29 -------- d-----w- c:\program files\O Imaging Corporation
2009-09-14 18:04 . 2008-09-30 16:35 54776 ----a-w- c:\windows\system32\drivers\mozy.sys
2009-09-11 14:03 . 2004-08-11 22:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 01:15 . 2008-08-15 04:06 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-04 20:45 . 2004-08-11 22:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 09:17 . 2009-03-31 20:50 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-30 17:15 . 2009-08-30 17:15 -------- d-----w- c:\documents and settings\The Earl.LAPPY\Application Data\CyberLink
2009-08-29 07:36 . 2004-08-11 22:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2009-08-20 16:54 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-11 22:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:16 . 2004-08-11 22:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 03:12 . 2009-08-26 03:12 13696 ----a-w- c:\windows\system32\drivers\wpsnuio.sys
2009-08-24 18:33 . 2008-08-15 03:59 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-22 03:25 . 2008-08-05 21:39 27752 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-18 04:33 . 2009-08-18 04:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-15 19:23 . 2008-08-15 04:06 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-15 19:23 . 2008-08-15 04:06 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-15 19:23 . 2008-08-15 04:06 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-14 08:15 . 2009-08-15 00:17 196608 ----a-w- C:\{F2F974A1-F546-4E82-A281-0E7F7650768E}.dll
2009-08-14 08:15 . 2009-08-15 00:17 196608 ----a-w- C:\{E9FA206A-ECB3-4D66-9D23-CD2D05D3F426}.dll
2009-08-14 08:15 . 2009-08-15 00:17 196608 ----a-w- C:\{A079443A-797B-4770-8568-9A14AB12E99D}.dll
2009-08-14 08:15 . 2009-08-15 00:17 196608 ----a-w- C:\{7CD7AAFF-55DF-45C7-917D-8392834DCA28}.dll
2009-08-14 08:15 . 2009-08-15 00:17 196608 ----a-w- C:\{6B17DE66-FFD5-4113-A398-941E5E61CEBB}.dll
2009-08-14 08:15 . 2009-08-15 00:17 196608 ----a-w- C:\{43F97D4E-D4F7-466C-8E59-2B56E75CEB08}.dll
2009-08-10 04:06 . 2009-08-10 04:03 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2009-08-10 04:06 . 2009-08-10 04:03 249856 ----a-w- c:\windows\system32\pdfmona.dll
2009-08-05 23:55 . 2009-08-15 00:17 192512 ----a-w- C:\{D2AFDFB0-FF1A-4E40-BBC3-030D4C568442}.dll
2009-08-05 23:55 . 2009-08-15 00:17 86016 ----a-w- C:\{C7F0503A-FD83-45F4-B5CA-036018C2D351}.dll
2009-08-05 23:35 . 2009-08-15 00:17 118784 ----a-w- C:\{DFFC1932-B3A2-4D62-996D-8A8D38CD9F4D}.dll
2009-08-05 23:35 . 2009-08-15 00:17 77824 ----a-w- C:\{FDF70C8E-F9BC-4D4E-9400-659A4522642E}.dll
2009-08-05 09:11 . 2004-08-11 22:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 12:49 . 2004-08-11 22:00 2142720 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 12:02 . 2004-08-04 03:59 2020864 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-26 03:12 . 2009-08-26 03:12 2170200 ----a-w- c:\program files\mozilla firefox\components\1328874.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-16 23:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-07-24 14:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-16 333192]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-16 333192]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]
@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"
[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]
2009-09-14 18:04 2847032 ----a-w- c:\program files\MozyHome\mozyshell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]
@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"
[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]
2009-09-14 18:04 2847032 ----a-w- c:\program files\MozyHome\mozyshell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-11-09 159744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-30 8491008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-30 81920]
"systray"="c:\program files\Dell\Dell Mobile Broadband\systray.exe" [2007-06-15 331851]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-17 2025752]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-10-25 781656]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-15 198160]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-10-18 1070984]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"NVHotkey"="nvHotkey.dll" - c:\windows\system32\nvhotkey.dll [2008-03-30 86016]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2007-11-08 405504]
c:\documents and settings\The Earl.LAPPY\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-5-17 568176]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-8-5 50688]
MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2009-9-14 2891576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-15 19:23 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^The Earl.LAPPY^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\The Earl.LAPPY\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R?2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [6/9/2008 4:58 AM 65536]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [3/31/2009 10:54 AM 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/14/2008 11:06 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/14/2008 11:06 PM 108552]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [8/24/2009 1:33 PM 464264]
R2 atisvc_vmuducuje;atisvc_vmuducuje;c:\windows\system32\iepjb\atisvc_vmuducuje.exe [8/25/2009 10:12 PM 460061]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/15/2009 2:23 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/15/2009 2:23 PM 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 6:17 AM 1170768]
R3 NWDellModem;Dell Wireless Mobile Broadband Modem Driver;c:\windows\system32\drivers\nwdelmdm.sys [8/5/2008 3:56 PM 92288]
R3 NWDellPort;Dell Wireless Mobile Broadband Status Port Driver;c:\windows\system32\drivers\nwdelser.sys [8/5/2008 3:56 PM 92288]
S?2 gupdate1c98be4da0db7ca;Google Update Service (gupdate1c98be4da0db7ca);c:\program files\Google\Update\GoogleUpdate.exe [2/10/2009 8:05 PM 133104]
S3 ADM851X;ADM851X USB To Fast Ethernet Adapter; [x]
S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [8/24/2008 8:28 PM 2077840]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder
2009-10-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 19:00]
2009-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 01:05]
2009-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 01:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.drudgereport.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\The Earl.LAPPY\Application Data\Mozilla\Firefox\Profiles\7jk76vlv.default\
FF - prefs.js: browser.startup.homepage -
www.drudgereport.com
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff30\gears.dll
FF - component: c:\program files\Mozilla Firefox\components\1328874.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-10-28 15:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4c,91,19,7d,a0,e1,e2,41,94,a0,70,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,4c,91,19,7d,a0,e1,e2,41,94,a0,70,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(1572)
c:\windows\system32\WININET.dll
c:\windows\system32\iepjb\mcie_adirnmomt.dll
c:\windows\system32\iepjb\mcapp_hbgfbtbbu.dll
c:\windows\system32\iepjb\mcgc_diejfgcfi.dll
c:\program files\MozyHome\mozyshell.dll
c:\windows\system32\btmmhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\program files\Common Files\Roxio Shared\9.0\DLLShared\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\MozyHome\mozybackup.exe
c:\windows\system32\nvsvc32.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\PostgreSQL\8.3\bin\postgres.exe
c:\program files\PostgreSQL\8.3\bin\postgres.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\PostgreSQL\8.3\bin\postgres.exe
c:\program files\PostgreSQL\8.3\bin\postgres.exe
c:\combofix\CF2694.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Completion time: 2009-10-28 15:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-28 20:36
Pre-Run: 81,006,280,704 bytes free
Post-Run: 81,043,255,296 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 4763C7F56F9575B8D8675FC52C02BD72
DDS (Ver_09-10-26.01) - NTFSx86
Run by The Earl at 15:41:57.35 on Wed 10/28/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3838.2931 [GMT -5:00]
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\WINDOWS\system32\iepjb\atisvc_vmuducuje.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\iepjb\atisvc_vmuducuje.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\iepjb\atisvc_vmuducuje.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Dell\Dell Mobile Broadband\systray.exe
C:\Program Files\DellTPad\HidFind.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MozyHome\mozystat.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\The Earl.LAPPY\My Documents\Download\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.drudgereport.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/
uURLSearchHooks: H - No File
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.32.0\gears.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: ZoneAlarm Spy Blocker Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [systray] c:\program files\dell\dell mobile broadband\systray.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [KADxMain] c:\windows\system32\KADxMain.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
StartupFolder: c:\docume~1\theear~1.lap\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mozyho~1.lnk - c:\program files\mozyhome\mozystat.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - c:\program files\ultimatebet\UltimateBet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.32.0\gears.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\theear~1.lap\applic~1\mozilla\firefox\profiles\7jk76vlv.default\
FF - prefs.js: browser.startup.homepage -
www.drudgereport.com
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff30\gears.dll
FF - component: c:\program files\mozilla firefox\components\1328874.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-31 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-8-14 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-8-14 108552]
R1 mozyFilter;mozyFilter;c:\windows\system32\drivers\mozy.sys [2008-9-30 54776]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-8-24 464264]
R2 atisvc_vmuducuje;atisvc_vmuducuje;c:\windows\system32\iepjb\atisvc_vmuducuje.exe [2009-8-25 460061]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-8-15 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-15 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1170768]
R3 NWDellModem;Dell Wireless Mobile Broadband Modem Driver;c:\windows\system32\drivers\nwdelmdm.sys [2008-8-5 92288]
R3 NWDellPort;Dell Wireless Mobile Broadband Status Port Driver;c:\windows\system32\drivers\nwdelser.sys [2008-8-5 92288]
S2 gupdate1c98be4da0db7ca;Google Update Service (gupdate1c98be4da0db7ca);c:\program files\google\update\GoogleUpdate.exe [2009-2-10 133104]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-6-9 65536]
S3 ADM851X;ADM851X USB To Fast Ethernet Adapter; [x]
S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2008-8-24 2077840]
=============== Created Last 30 ================
2009-10-28 20:08:09 0 d-sha-r- C:\cmdcons
2009-10-28 20:05:58 98816 ----a-w- c:\windows\sed.exe
2009-10-28 20:05:58 77312 ----a-w- c:\windows\MBR.exe
2009-10-28 20:05:58 236544 ----a-w- c:\windows\PEV.exe
2009-10-28 20:05:58 161792 ----a-w- c:\windows\SWREG.exe
2009-10-26 18:39:13 47066 ----a-w- c:\windows\system32\ksc.nls
2009-10-26 18:38:57 57398 ----a-w- c:\windows\system32\dllcache\imjpdadm.exe
2009-10-25 19:18:20 0 d-----w- c:\program files\Trend Micro
2009-10-25 19:00:16 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-25 18:39:42 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-10-25 18:39:42 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-10-25 18:39:42 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-10-25 18:39:42 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-10-25 18:39:42 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2009-10-25 18:39:40 0 d-----w- c:\program files\Trojan Remover
2009-10-25 18:39:40 0 d-----w- c:\docume~1\theear~1.lap\applic~1\Simply Super Software
2009-10-25 18:39:40 0 d-----w- c:\docume~1\alluse~1\applic~1\Simply Super Software
2009-10-19 16:12:01 24576 ----a-w- c:\windows\ACP50GUID.exe
==================== Find3M ====================
2009-10-28 19:54:07 102684 ----a-w- c:\windows\system32\nvModes.dat
2009-10-26 18:36:45 4682183 ----a-w- c:\windows\fonts\HDZB_36.TTF
2009-09-23 12:55:23 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-14 18:04:28 54776 ----a-w- c:\windows\system32\drivers\mozy.sys
2009-09-11 14:03:37 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:03:37 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 20:45:26 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 20:45:26 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-09-03 09:17:47 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-29 08:08:21 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-08-29 08:08:17 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-28 10:28:59 70656 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-28 10:28:59 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2009-08-27 05:18:44 634648 ----a-w- c:\windows\system32\dllcache\iexplore.exe
2009-08-27 05:18:41 161792 ----a-w- c:\windows\system32\dllcache\ieakui.dll
2009-08-26 08:16:37 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:16:37 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2009-08-24 18:33:08 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-18 04:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-15 19:23:49 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-14 08:15:09 196608 ----a-w- C:\{F2F974A1-F546-4E82-A281-0E7F7650768E}.dll
2009-08-14 08:15:09 196608 ----a-w- C:\{E9FA206A-ECB3-4D66-9D23-CD2D05D3F426}.dll
2009-08-14 08:15:09 196608 ----a-w- C:\{A079443A-797B-4770-8568-9A14AB12E99D}.dll
2009-08-14 08:15:09 196608 ----a-w- C:\{7CD7AAFF-55DF-45C7-917D-8392834DCA28}.dll
2009-08-14 08:15:09 196608 ----a-w- C:\{6B17DE66-FFD5-4113-A398-941E5E61CEBB}.dll
2009-08-14 08:15:09 196608 ----a-w- C:\{43F97D4E-D4F7-466C-8E59-2B56E75CEB08}.dll
2009-08-13 15:16:05 512000 ----a-w- c:\windows\system32\dllcache\jscript.dll
2009-08-10 04:06:31 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2009-08-10 04:06:31 249856 ----a-w- c:\windows\system32\pdfmona.dll
2009-08-05 23:55:44 192512 ----a-w- C:\{D2AFDFB0-FF1A-4E40-BBC3-030D4C568442}.dll
2009-08-05 23:55:22 86016 ----a-w- C:\{C7F0503A-FD83-45F4-B5CA-036018C2D351}.dll
2009-08-05 23:35:44 118784 ----a-w- C:\{DFFC1932-B3A2-4D62-996D-8A8D38CD9F4D}.dll
2009-08-05 23:35:38 77824 ----a-w- C:\{FDF70C8E-F9BC-4D4E-9400-659A4522642E}.dll
2009-08-05 09:11:47 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 09:11:47 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-04 12:51:17 2185984 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 12:49:00 2142720 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 12:49:00 2142720 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 12:02:00 2062976 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-08-04 12:02:00 2020864 ------w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 12:02:00 2020864 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
============= FINISH: 15:42:13.34 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/14/2008 6:54:49 PM
System Uptime: 10/28/2009 3:27:28 PM (0 hours ago)
Motherboard: Dell Inc. | | 0HX767
Processor: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz | Microprocessor | 1794/200mhz
Processor: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz | Microprocessor | 1794/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 109 GiB total, 75.501 GiB free.
D: is FIXED (NTFS) - 112 GiB total, 111.709 GiB free.
E: is CDROM (CDFS)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP205: 8/26/2009 12:34:46 AM - System Checkpoint
RP206: 8/26/2009 2:42:47 PM - Software Distribution Service 3.0
RP207: 8/29/2009 12:22:57 AM - Software Distribution Service 3.0
RP208: 8/30/2009 1:29:58 AM - System Checkpoint
RP209: 8/31/2009 9:27:08 AM - System Checkpoint
RP210: 8/31/2009 1:59:32 PM - Software Distribution Service 3.0
RP211: 9/1/2009 4:37:05 PM - System Checkpoint
RP212: 9/3/2009 11:33:32 PM - System Checkpoint
RP213: 9/5/2009 1:20:44 PM - Software Distribution Service 3.0
RP214: 9/6/2009 7:02:04 PM - System Checkpoint
RP215: 9/7/2009 10:03:08 PM - System Checkpoint
RP216: 9/8/2009 10:48:52 PM - System Checkpoint
RP217: 9/13/2009 9:32:26 AM - System Checkpoint
RP218: 9/13/2009 10:39:37 AM - Software Distribution Service 3.0
RP219: 9/14/2009 10:00:56 PM - System Checkpoint
RP220: 9/15/2009 10:10:25 PM - Software Distribution Service 3.0
RP221: 9/19/2009 12:44:58 PM - System Checkpoint
RP222: 9/21/2009 8:40:32 AM - System Checkpoint
RP223: 9/21/2009 11:05:02 AM - Installed MozyHome Remote Backup
RP224: 9/23/2009 9:36:30 AM - System Checkpoint
RP225: 9/23/2009 9:03:08 PM - Software Distribution Service 3.0
RP226: 9/26/2009 9:42:12 PM - System Checkpoint
RP227: 9/27/2009 10:54:58 PM - System Checkpoint
RP228: 9/29/2009 2:12:49 PM - System Checkpoint
RP229: 10/2/2009 12:14:34 AM - Software Distribution Service 3.0
RP230: 10/3/2009 1:41:43 AM - System Checkpoint
RP231: 10/4/2009 6:10:52 PM - System Checkpoint
RP232: 10/5/2009 10:03:28 AM - Avg8 Update
RP233: 10/5/2009 10:04:35 AM - Avg8 Update
RP234: 10/7/2009 11:04:54 AM - Avg8 Update
RP235: 10/7/2009 11:31:32 AM - Software Distribution Service 3.0
RP236: 10/11/2009 7:29:48 PM - System Checkpoint
RP237: 10/12/2009 10:20:47 PM - System Checkpoint
RP238: 10/15/2009 7:13:11 PM - Software Distribution Service 3.0
RP239: 10/17/2009 2:12:21 PM - Avg8 Update
RP240: 10/17/2009 9:28:15 PM - Software Distribution Service 3.0
RP241: 10/18/2009 9:33:37 PM - Software Distribution Service 3.0
RP242: 10/19/2009 11:11:56 AM - Removed TARGUS ACP50
RP243: 10/21/2009 11:02:59 AM - Avg8 Update
RP244: 10/22/2009 1:20:48 PM - System Checkpoint
RP245: 10/24/2009 12:30:17 AM - Software Distribution Service 3.0
RP246: 10/25/2009 11:56:14 AM - System Checkpoint
RP247: 10/25/2009 4:13:34 PM - Software Distribution Service 3.0
RP248: 10/26/2009 9:21:04 PM - System Checkpoint
RP249: 10/27/2009 10:27:02 PM - System Checkpoint
RP250: 10/28/2009 9:35:09 AM - Software Distribution Service 3.0
==== Installed Programs ======================
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8.1.0
AVG Free 8.5
Broadcom Management Programs
Browser Address Error Redirector
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Mobile Broadband Card Utility
Dell Support Center
Dell Touchpad
Digital Line Detect
EPSON Printer Software
ERUNT 1.1j
Google Gears
Google Talk (remove only)
Google Update Helper
GTA San Andreas
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Holdem Manager
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB934428-v2)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB937930)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
IntelliSonic Speech Enhancement
Java(TM) 6 Update 4
Java(TM) 6 Update 5
Java(TM) 6 Update 7
MediaDirect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Corporation
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Basic 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mikogo
Modem Diagnostic Tool
Mozilla Firefox (3.0.14)
MozyHome Remote Backup
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
NetWaiting
NVIDIA Drivers
OpenOffice.org 3.0
OutlookAddinSetup
Pdf995
PokerStars
PostgreSQL 8.3
QuickSet
RealPlayer
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio Update Manager
SAMSUNG Mobile Modem Driver Set
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Skype™ 3.8
Sonic CinePlayer Decoder Pack
Titan Quest
Titan Quest Immortal Throne
Trojan Remover 6.8.1
UltimateBet
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Outlook 2007 Junk Email Filter (KB974810)
Update for Windows XP (KB894391)
Update for Windows XP (KB896256)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC 9.0 Runtime
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live installer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
XML Paper Specification Shared Components Pack 1.0
ZoneAlarm
ZoneAlarm Spy Blocker Toolbar
==== Event Viewer Messages From Past Week ========
10/28/2009 3:33:44 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
10/28/2009 3:10:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
10/28/2009 3:02:11 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 4 time(s).
10/28/2009 3:02:05 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 3 time(s).
10/28/2009 3:00:08 PM, error: Service Control Manager [7034] - The MozyHome Backup Service service terminated unexpectedly. It has done this 1 time(s).
10/28/2009 2:58:48 PM, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
10/28/2009 2:58:42 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 2 time(s).
10/27/2009 8:40:00 PM, error: Dhcp [1002] - The IP address lease 192.168.2.101 for the Network Card with network address 001D09DEF8B8 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
10/25/2009 2:02:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG Free8 E-mail Scanner service to connect.
10/25/2009 2:02:00 PM, error: Service Control Manager [7000] - The AVG Free8 E-mail Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/25/2009 2:01:58 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 1 time(s).
10/25/2009 2:01:57 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
10/25/2009 11:19:45 PM, error: Dhcp [1002] - The IP address lease 192.168.2.102 for the Network Card with network address 001D09DEF8B8 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
10/23/2009 12:56:57 PM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/21/2009 4:39:28 PM, error: Dhcp [1002] - The IP address lease 192.168.2.100 for the Network Card with network address 001D09DEF8B8 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
==== End Of File ===========================
