My W7 desktop is infected with persistent and elusive malware.
The intrusion came while I was installing Norton Internet Security 2011 last Monday. I had--foolishly--turned off the pre-installed McAfee security suite for the installation and got a blizzard of pop ups for updates to Java, Adobe Reader, Acrobat and Win 7. I accepted them, and when the pop ups disappeared, every short cut on the desktop and the pop-up start list said something like this:
"Shortcut no longer points to iexplore.exe. Application has been moved or deleted. Delete shortcut?"
Windows explorer could not find most of the applications that had been installed.
The problem exists in all identities on the system.
A full-system scan with Norton Internet Security 2011 found two suspicious files and dealt with them. I rebooted and found the programs did not return. I apparently had only one restore point--two weeks old--and restored the system, only to find the same disappearing program phenomenon.
I downloaded some free web tools. Avira Free and GMER found nothing; Malwarebytes found a Trojan, whose name I did not record, and removed it. I rescanned with Norton and found nothing; restored the system and rebooted, and the phenomenon returned.
Another, possibly related problem: A popup that says a “runtime error” forced an unusal termination of “C:\Windows\System32\nvvsvc.exe”.
I have followed the Updated 8 Steps and the problem persists. As I noted above, I used system repair after apparently having cleaned the system and so may have lost my only restore point.
Since the browser is deleted or disabled by the malware—which does not disrupt the network connection, I had to download the various programs required on my laptop, copied them to a DVD and ran the programs from Windows Explorer. The various logs were saved to my desktop and copied to a thumb drive which I have connected to my laptop so I can attach or cut and pasted the various logs required by the Eight Steps.
Step 1: full system scan with updated Norton Internet Security 2011 found nothing.
Step 2. Download and run TFC. Done.
Step 3. Run Malwarebytes Anti-Malware. This was done three times, twice before I followed the eight steps. Here is the text of the quick scan I performed as part of Step 3.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5971
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
3/5/2011 9:46:24 PM
mbam-log-2011-03-05 (21-46-24).txt
Scan type: Quick scan
Objects scanned: 237384
Time elapsed: 3 minute(s), 32 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Step 4. Run GMER. The log file saved as GMER to my desktop and to the thumb drive is blank. (“Properties . . .Size: 0 bytes.”)
Step 5. Run DDS and paste texts of DDS.txt and Attach.txt.
Note that when these files opened, a popup also opened that said: “Windows Script Host can’t find script engine ‘VBSCRIPT’ for script “C:\Users\Hal\App Data\Local\Temp\MSGB.PIF”
DDS.txt:
.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Hal at 22:44:47.77 on Sat 03/05/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
.
============== Running Processes ===============
.
C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Windows\SysWOW64\DllHost.exe
D:\dds.scr
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101020142509.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [UTW7Updater] "C:\Program Files (x86)\Parallels\Parallels Desktop\Application\prl_up2date_app.exe" check -u desktop_wl -nr -sa --mode silent
mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: <NO NAME> =
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper20073151.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130563530265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab
DPF: {E856B973-45FD-4559-8F82-EAB539144667} - hxxp://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - C:\PROGRA~2\WINDOW~3\MpShHook.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101020142509.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
IFEO-X64: Your Image File Name Here without a path - ntsd -d
.
============= SERVICES / DRIVERS ===============
.
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? DockLoginService;Dock Login Service
R? EraserUtilRebootDrv;EraserUtilRebootDrv
R? McComponentHostService;McAfee Security Scan Component Host Service
R? McShield;McShield
R? mfefire;McAfee Firewall Core Service
R? mferkdet;McAfee Inc. mferkdet
R? MpNWMon;Microsoft Malware Protection Network Driver
R? NisDrv;Microsoft Network Inspection System
R? NisSrv;NisSrv
R? Parallels Networking Service;Parallels Networking Service
R? Parallels Virtualization Service;Parallels Virtualization Service
R? PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver
R? pmxdrv;pmxdrv
R? prl_dsk;Parallels Loopback Driver
R? prl_mount_svc;Parallels Mount Service
R? RoxMediaDB10;RoxMediaDB10
R? SessionLauncher;SessionLauncher
R? Stereo Service;NVIDIA Stereoscopic 3D Driver Service
R? WatAdminSvc;Windows Activation Technologies Service
S? BHDrvx64;BHDrvx64
S? IDSVia64;IDSVia64
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? mfeavfk;McAfee Inc. mfeavfk
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfenlfk;McAfee NDIS Light Filter
S? mfevtp;McAfee Validation Trust Protection Service
S? mfewfpk;McAfee Inc. mfewfpk
S? MpFilter;Microsoft Malware Protection Driver
S? NIS;Norton Internet Security
S? Parallels USB Device Manager;Parallels USB Device Manager
S? Parallels Virtualization Hypervisor;Parallels Virtualization Hypervisor
S? prl_net;Parallels Networking Driver
S? PRLVNIC;Parallels Virtual NIC Adapter
S? PxHlpa64;PxHlpa64
S? SymDS;Symantec Data Store
S? SymEFA;Symantec Extended File Attributes
S? SymIRON;Symantec Iron Driver
S? SymNetS;Symantec Network Security WFP Driver
S? vwififlt;Virtual WiFi Filter Driver
.
=============== Created Last 30 ================
.
2011-03-06 05:41:46 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-06 05:41:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-03 22:21:33 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-03-03 22:09:14 174640 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-03-03 22:09:14 -------- d-----w- C:\Program Files\Symantec
2011-03-03 22:09:14 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-03-03 22:08:55 802864 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\symefa64.sys
2011-03-03 22:08:55 735864 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\srtsp64.sys
2011-03-03 22:08:55 450608 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\symds64.sys
2011-03-03 22:08:55 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\srtspx64.sys
2011-03-03 22:08:55 382072 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\symnets.sys
2011-03-03 22:08:55 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\ironx64.sys
2011-03-03 22:08:38 -------- d-----w- C:\Windows\System32\drivers\NISx64\1205000.07D
2011-03-03 22:08:27 -------- d-----w- C:\Windows\System32\drivers\NISx64
2011-03-03 22:08:25 -------- d-----w- C:\Program Files (x86)\Norton Internet Security
2011-03-03 22:06:45 -------- d-----w- C:\PROGRA~3\Norton
2011-03-03 22:04:26 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2011-03-03 00:00:17 -------- d-----w- C:\Users\Hal\AppData\Roaming\Malwarebytes
2011-03-02 05:22:39 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-02 05:22:36 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-01 11:00:59 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-03-01 11:00:58 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-03-01 03:09:48 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-03-01 03:01:27 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-03-01 02:25:57 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-01 02:25:57 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-03-01 02:25:57 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-01 02:25:57 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
.
==================== Find3M ====================
.
2011-02-06 02:18:22 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-02-06 02:18:22 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-02-06 02:14:09 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-17 01:52:56 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 22:45:04.01 ===============
Attach.txt:
.
==== Installed Programs ======================
.
.
2Wire Wireless Client
32 Bit HP CIO Components Installer
Access Drivers
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
AIO_Scan
ArcSoft TotalMedia Backup & Record
AT&T Yahoo! High Speed Internet Home Networking Installer
ATT-HSI
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
AutoUpdate
Banctec Service Agreement
Battlefield: Bad Company 2
Borderlands
BufferChm
C7200
C7200_Help
calibre
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant D850 56K V.9x DFVc Modem
Conexant SmartHSFi V.9x 56K DF PCI Modem
Consumer In-Home Service Agreement
Copy
Critical Update for Windows Media Player 11 (KB959772)
D-Fend v2
D3DX10
Data Access Objects (DAO) 3.0
Dawn of War - Dark Crusade Demo
Dell DataSafe Online
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Getting Started Guide
Dell Media Experience
Dell Networking Guide
Dell Solution Center
Dell Support Center (Support Software)
DellSupport
Destinations
DeviceDiscovery
Digital Line Detect
DirectXInstallService
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DS21Patch
DVDSentry
EarthLink MDAC
EMC 10 Content
Fax
GPBaseService2
Greed Corp
H&R Block California 2009
H&R Block Deluxe + Efile + State 2009
Hauppauge TV Tuner Diagnostics (1.1.7057)
Hauppauge TV Tuner Driver
Help and Support Customization
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Print Diagnostic Utility
HP Update
HP_Network_UserGuide
HPPhotoGadget
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotosmartEssential
HPProductAssistant
HPSSupply
ImageMixer VCD/DVD2 for OLYMPUS
Internet Explorer Default Page
Jasc Paint Shop Photo Album
Java Auto Updater
Java(TM) 6 Update 21
Java(TM) 6 Update 22
Junk Mail filter update
Learn Windows 7
Learn2 Player (Uninstall Only)
Lernout & Hauspie TruVoice for Microsoft Agent
Malwarebytes' Anti-Malware
MarketResearch
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Calculator Plus
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Default Manager
Microsoft Encarta Encyclopedia Standard 2004
Microsoft IntelliPoint 5.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WinUsb 1.0
Microsoft XML Parser
Modem Helper
Mozilla Firefox (3.6.13)
MSN Toolbar
MSN Toolbar Platform
MSSoap
MSVCRT
MSVCRT_amd64
MSVCSetup
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
MSXML4 Parser
NetWaiting
Norton Internet Security
NVIDIA Drivers
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OLYMPUS Master
Palm Desktop
Parallels Desktop Upgrade to Windows 7
Parallels runtime modules
Parallels USB Driver
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
PhotoRecall Deluxe HP Edition
PocketMirror 3.0.2 (Standard Edition)
PowerDVD DX
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_Min
PunkBuster Services
QuickBooks Pro 2002
Quicken 2003 Deluxe
QuickTime
Reader Library by Sony
Readiris
RealOne Player
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Shockwave
SmartWebPrinting
SnapAPI
SolutionCenter
Sonic CinePlayer Decoder Pack
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Sound Blaster Live!
Spelling Dictionaries Support For Adobe Reader 8
Star Wars Battlefront II
StarCraft II
Status
Steam
Symantec Technical Support Web Controls
TaxCut 2003
TaxCut 2004
TaxCut California 2007
TaxCut California 2008
TaxCut Deluxe 2005
TaxCut Premium + State + Efile 2007
TaxCut Premium + State + Efile 2008
TaxCut Premium 2006
Times Reader
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Upgrade Assistant
WebFldrs XP
WebReg
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WordPerfect Office 11
Xiph.Org Ogg Codecs 0.82.16930 32-bit
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar
.
==== End Of File ===========================
The intrusion came while I was installing Norton Internet Security 2011 last Monday. I had--foolishly--turned off the pre-installed McAfee security suite for the installation and got a blizzard of pop ups for updates to Java, Adobe Reader, Acrobat and Win 7. I accepted them, and when the pop ups disappeared, every short cut on the desktop and the pop-up start list said something like this:
"Shortcut no longer points to iexplore.exe. Application has been moved or deleted. Delete shortcut?"
Windows explorer could not find most of the applications that had been installed.
The problem exists in all identities on the system.
A full-system scan with Norton Internet Security 2011 found two suspicious files and dealt with them. I rebooted and found the programs did not return. I apparently had only one restore point--two weeks old--and restored the system, only to find the same disappearing program phenomenon.
I downloaded some free web tools. Avira Free and GMER found nothing; Malwarebytes found a Trojan, whose name I did not record, and removed it. I rescanned with Norton and found nothing; restored the system and rebooted, and the phenomenon returned.
Another, possibly related problem: A popup that says a “runtime error” forced an unusal termination of “C:\Windows\System32\nvvsvc.exe”.
I have followed the Updated 8 Steps and the problem persists. As I noted above, I used system repair after apparently having cleaned the system and so may have lost my only restore point.
Since the browser is deleted or disabled by the malware—which does not disrupt the network connection, I had to download the various programs required on my laptop, copied them to a DVD and ran the programs from Windows Explorer. The various logs were saved to my desktop and copied to a thumb drive which I have connected to my laptop so I can attach or cut and pasted the various logs required by the Eight Steps.
Step 1: full system scan with updated Norton Internet Security 2011 found nothing.
Step 2. Download and run TFC. Done.
Step 3. Run Malwarebytes Anti-Malware. This was done three times, twice before I followed the eight steps. Here is the text of the quick scan I performed as part of Step 3.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5971
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
3/5/2011 9:46:24 PM
mbam-log-2011-03-05 (21-46-24).txt
Scan type: Quick scan
Objects scanned: 237384
Time elapsed: 3 minute(s), 32 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Step 4. Run GMER. The log file saved as GMER to my desktop and to the thumb drive is blank. (“Properties . . .Size: 0 bytes.”)
Step 5. Run DDS and paste texts of DDS.txt and Attach.txt.
Note that when these files opened, a popup also opened that said: “Windows Script Host can’t find script engine ‘VBSCRIPT’ for script “C:\Users\Hal\App Data\Local\Temp\MSGB.PIF”
DDS.txt:
.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Hal at 22:44:47.77 on Sat 03/05/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
.
============== Running Processes ===============
.
C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Windows\SysWOW64\DllHost.exe
D:\dds.scr
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101020142509.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [UTW7Updater] "C:\Program Files (x86)\Parallels\Parallels Desktop\Application\prl_up2date_app.exe" check -u desktop_wl -nr -sa --mode silent
mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: <NO NAME> =
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper20073151.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130563530265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab
DPF: {E856B973-45FD-4559-8F82-EAB539144667} - hxxp://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - C:\PROGRA~2\WINDOW~3\MpShHook.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101020142509.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
IFEO-X64: Your Image File Name Here without a path - ntsd -d
.
============= SERVICES / DRIVERS ===============
.
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? DockLoginService;Dock Login Service
R? EraserUtilRebootDrv;EraserUtilRebootDrv
R? McComponentHostService;McAfee Security Scan Component Host Service
R? McShield;McShield
R? mfefire;McAfee Firewall Core Service
R? mferkdet;McAfee Inc. mferkdet
R? MpNWMon;Microsoft Malware Protection Network Driver
R? NisDrv;Microsoft Network Inspection System
R? NisSrv;NisSrv
R? Parallels Networking Service;Parallels Networking Service
R? Parallels Virtualization Service;Parallels Virtualization Service
R? PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver
R? pmxdrv;pmxdrv
R? prl_dsk;Parallels Loopback Driver
R? prl_mount_svc;Parallels Mount Service
R? RoxMediaDB10;RoxMediaDB10
R? SessionLauncher;SessionLauncher
R? Stereo Service;NVIDIA Stereoscopic 3D Driver Service
R? WatAdminSvc;Windows Activation Technologies Service
S? BHDrvx64;BHDrvx64
S? IDSVia64;IDSVia64
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? mfeavfk;McAfee Inc. mfeavfk
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfenlfk;McAfee NDIS Light Filter
S? mfevtp;McAfee Validation Trust Protection Service
S? mfewfpk;McAfee Inc. mfewfpk
S? MpFilter;Microsoft Malware Protection Driver
S? NIS;Norton Internet Security
S? Parallels USB Device Manager;Parallels USB Device Manager
S? Parallels Virtualization Hypervisor;Parallels Virtualization Hypervisor
S? prl_net;Parallels Networking Driver
S? PRLVNIC;Parallels Virtual NIC Adapter
S? PxHlpa64;PxHlpa64
S? SymDS;Symantec Data Store
S? SymEFA;Symantec Extended File Attributes
S? SymIRON;Symantec Iron Driver
S? SymNetS;Symantec Network Security WFP Driver
S? vwififlt;Virtual WiFi Filter Driver
.
=============== Created Last 30 ================
.
2011-03-06 05:41:46 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-06 05:41:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-03 22:21:33 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-03-03 22:09:14 174640 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-03-03 22:09:14 -------- d-----w- C:\Program Files\Symantec
2011-03-03 22:09:14 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-03-03 22:08:55 802864 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\symefa64.sys
2011-03-03 22:08:55 735864 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\srtsp64.sys
2011-03-03 22:08:55 450608 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\symds64.sys
2011-03-03 22:08:55 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\srtspx64.sys
2011-03-03 22:08:55 382072 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\symnets.sys
2011-03-03 22:08:55 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1205000.07D\ironx64.sys
2011-03-03 22:08:38 -------- d-----w- C:\Windows\System32\drivers\NISx64\1205000.07D
2011-03-03 22:08:27 -------- d-----w- C:\Windows\System32\drivers\NISx64
2011-03-03 22:08:25 -------- d-----w- C:\Program Files (x86)\Norton Internet Security
2011-03-03 22:06:45 -------- d-----w- C:\PROGRA~3\Norton
2011-03-03 22:04:26 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2011-03-03 00:00:17 -------- d-----w- C:\Users\Hal\AppData\Roaming\Malwarebytes
2011-03-02 05:22:39 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-02 05:22:36 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-01 11:00:59 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-03-01 11:00:58 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-03-01 03:09:48 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-03-01 03:01:27 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-03-01 02:25:57 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-01 02:25:57 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-03-01 02:25:57 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-01 02:25:57 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
.
==================== Find3M ====================
.
2011-02-06 02:18:22 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-02-06 02:18:22 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-02-06 02:14:09 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-17 01:52:56 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 22:45:04.01 ===============
Attach.txt:
.
==== Installed Programs ======================
.
.
2Wire Wireless Client
32 Bit HP CIO Components Installer
Access Drivers
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
AIO_Scan
ArcSoft TotalMedia Backup & Record
AT&T Yahoo! High Speed Internet Home Networking Installer
ATT-HSI
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
AutoUpdate
Banctec Service Agreement
Battlefield: Bad Company 2
Borderlands
BufferChm
C7200
C7200_Help
calibre
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant D850 56K V.9x DFVc Modem
Conexant SmartHSFi V.9x 56K DF PCI Modem
Consumer In-Home Service Agreement
Copy
Critical Update for Windows Media Player 11 (KB959772)
D-Fend v2
D3DX10
Data Access Objects (DAO) 3.0
Dawn of War - Dark Crusade Demo
Dell DataSafe Online
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Getting Started Guide
Dell Media Experience
Dell Networking Guide
Dell Solution Center
Dell Support Center (Support Software)
DellSupport
Destinations
DeviceDiscovery
Digital Line Detect
DirectXInstallService
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DS21Patch
DVDSentry
EarthLink MDAC
EMC 10 Content
Fax
GPBaseService2
Greed Corp
H&R Block California 2009
H&R Block Deluxe + Efile + State 2009
Hauppauge TV Tuner Diagnostics (1.1.7057)
Hauppauge TV Tuner Driver
Help and Support Customization
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Print Diagnostic Utility
HP Update
HP_Network_UserGuide
HPPhotoGadget
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotosmartEssential
HPProductAssistant
HPSSupply
ImageMixer VCD/DVD2 for OLYMPUS
Internet Explorer Default Page
Jasc Paint Shop Photo Album
Java Auto Updater
Java(TM) 6 Update 21
Java(TM) 6 Update 22
Junk Mail filter update
Learn Windows 7
Learn2 Player (Uninstall Only)
Lernout & Hauspie TruVoice for Microsoft Agent
Malwarebytes' Anti-Malware
MarketResearch
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Calculator Plus
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Default Manager
Microsoft Encarta Encyclopedia Standard 2004
Microsoft IntelliPoint 5.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WinUsb 1.0
Microsoft XML Parser
Modem Helper
Mozilla Firefox (3.6.13)
MSN Toolbar
MSN Toolbar Platform
MSSoap
MSVCRT
MSVCRT_amd64
MSVCSetup
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
MSXML4 Parser
NetWaiting
Norton Internet Security
NVIDIA Drivers
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OLYMPUS Master
Palm Desktop
Parallels Desktop Upgrade to Windows 7
Parallels runtime modules
Parallels USB Driver
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
PhotoRecall Deluxe HP Edition
PocketMirror 3.0.2 (Standard Edition)
PowerDVD DX
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_Min
PunkBuster Services
QuickBooks Pro 2002
Quicken 2003 Deluxe
QuickTime
Reader Library by Sony
Readiris
RealOne Player
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Shockwave
SmartWebPrinting
SnapAPI
SolutionCenter
Sonic CinePlayer Decoder Pack
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Sound Blaster Live!
Spelling Dictionaries Support For Adobe Reader 8
Star Wars Battlefront II
StarCraft II
Status
Steam
Symantec Technical Support Web Controls
TaxCut 2003
TaxCut 2004
TaxCut California 2007
TaxCut California 2008
TaxCut Deluxe 2005
TaxCut Premium + State + Efile 2007
TaxCut Premium + State + Efile 2008
TaxCut Premium 2006
Times Reader
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Upgrade Assistant
WebFldrs XP
WebReg
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WordPerfect Office 11
Xiph.Org Ogg Codecs 0.82.16930 32-bit
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar
.
==== End Of File ===========================