Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7687
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
9/9/2011 6:00:42 PM
mbam-log-2011-09-09 (18-00-41).txt
Scan type: Quick scan
Objects scanned: 160283
Time elapsed: 17 minute(s), 14 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 11
Memory Processes Infected:
c:\programdata\eijpfppfocpjj.exe (Trojan.FakeAlert) -> 2808 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eiJpFPPFocPJj (Trojan.FakeAlert) -> Value: eiJpFPPFocPJj -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\programdata\19106724 (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
c:\programdata\eijpfppfocpjj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\programdata\p1kalmig2kb7fz.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\fir5F93.tmp (PUP.Casino.Gen) -> Not selected for removal.
c:\Users\Soo\AppData\Local\Temp\tmp3EC6.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\zod780C.tmp (PUP.Casino.Gen) -> Not selected for removal.
c:\users\soo\appdata\local\temp\mrt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\users\soo\appdata\local\temp\69db.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Roaming\microsoft\Windows\start menu\Programs\security tool.lnk (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\0.11255946783874682.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\0.47482561174311644.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\0.6399410075394842.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-09 18:22:51
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\0000005a Hitachi_ rev.FB2O
Running: s9xhdv6s.exe; Driver: C:\Users\Soo\AppData\Local\Temp\uwldypow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514
Run by Soo at 18:26:07 on 2011-09-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2813.2096 [GMT -7:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.dslextreme.com/
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {E84CC2C1-B722-48FC-A39C-EDB8B525C777} - No File
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\soo\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linkedinwebinar.webex.com/client/T27LB/event/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 66.51.205.100 66.51.206.100
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084} : DhcpNameServer = 66.51.205.100 66.51.206.100
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\05C41445F4F40303 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\34F6E666562756E636560225F6F6D6 : DhcpNameServer = 12.127.17.71 12.127.16.67
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\4716C696E6 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\75C414E4E45445 : DhcpNameServer = 172.16.0.1
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\B43502759664960284F6473707F647 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\D416272796F6474704075726C69636 : DhcpNameServer = 172.16.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-1-17 11608]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-7-2 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-1-17 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-1-17 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-1-17 56816]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2009-5-20 59904]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-1-22 171008]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-2 139776]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-1-22 28344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-5 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-5 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-9-9 41272]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-23 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-4 1343400]
.
=============== Created Last 30 ================
.
2011-09-10 00:25:46 -------- d--h--w- c:\users\soo\appdata\roaming\Malwarebytes
2011-09-10 00:25:35 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-10 00:25:32 -------- d--h--w- c:\programdata\Malwarebytes
2011-09-10 00:25:28 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-10 00:25:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-09 20:39:48 7152464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{df5711d9-4311-4404-82d4-5e3321c3f154}\mpengine.dll
2011-08-24 10:22:07 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-11 02:45:42 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-11 02:45:39 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-11 02:45:34 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-11 02:45:19 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-21 03:50:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-06-24 04:27:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22:20 271360 ----a-w- c:\windows\system32\conhost.exe
2011-06-21 05:28:33 981504 ----a-w- c:\windows\system32\wininet.dll
2011-06-15 08:55:19 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- c:\windows\system32\odbccp32.dll
.
============= FINISH: 18:26:46.19 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/1/2009 12:38:42 PM
System Uptime: 9/9/2011 6:01:42 PM (0 hours ago)
.
Motherboard: Quanta | | 3045
Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-74 | Socket M2/S1G1 | 550/1800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 138 GiB total, 21.301 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.141 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: USB\VID_1B96&PID_0001&MI_02\6&45DD6D5&0&0002
Manufacturer:
Name:
PNP Device ID: USB\VID_1B96&PID_0001&MI_02\6&45DD6D5&0&0002
Service:
.
==== System Restore Points ===================
.
RP223: 5/31/2011 7:50:17 PM - Windows Update
RP224: 6/2/2011 8:40:33 PM - Windows Update
RP225: 6/7/2011 8:53:40 PM - Windows Update
RP226: 6/11/2011 8:46:37 PM - Windows Update
RP227: 6/15/2011 9:57:43 PM - Windows Update
RP228: 6/16/2011 1:47:02 AM - Windows Update
RP229: 6/18/2011 3:00:18 AM - Windows Update
RP230: 6/21/2011 8:52:47 PM - Windows Update
RP231: 6/24/2011 7:03:10 PM - Windows Update
RP232: 6/28/2011 7:33:45 PM - Windows Update
RP233: 6/29/2011 8:37:52 PM - Windows Update
RP234: 7/4/2011 3:34:37 PM - Windows Update
RP235: 7/5/2011 7:49:03 PM - Windows Update
RP236: 7/11/2011 11:04:35 PM - Windows Update
RP237: 7/14/2011 1:51:30 AM - Windows Update
RP238: 7/19/2011 7:55:30 PM - Windows Update
RP239: 7/22/2011 8:07:40 PM - Windows Update
RP240: 7/26/2011 6:55:24 PM - Windows Update
RP241: 7/29/2011 9:35:22 PM - Windows Update
RP242: 8/2/2011 7:41:53 PM - Windows Update
RP243: 8/10/2011 7:37:08 PM - Windows Update
RP244: 8/11/2011 3:00:29 AM - Windows Update
RP245: 8/16/2011 8:55:12 PM - Windows Update
RP246: 8/23/2011 3:13:45 AM - Windows Update
RP247: 8/25/2011 3:00:27 AM - Windows Update
RP248: 8/30/2011 8:36:08 PM - Windows Update
RP249: 9/6/2011 3:20:11 PM - Windows Update
RP250: 9/7/2011 3:00:14 AM - Windows Update
RP252: 9/9/2011 3:19:56 PM - Restore Operation
RP254: 9/9/2011 5:40:56 PM - Windows Defender Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.5
AMD USB Filter Driver
ATI Catalyst Install Manager
Avira AntiVir Personal - Free Antivirus
Broadcom 802.11 Wireless LAN Adapter
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Coupon Printer for Windows
ENE CIR Receiver Driver
Facebook Plug-In
Google Earth
Google Update Helper
Java(TM) 6 Update 17
Korean Fonts Support For Adobe Reader 9
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Web Access S/MIME
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
OGA Notifier 2.0.0048.0
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shopping InContext
Synaptics Pointing Device Driver
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
VLC media player 0.9.2
WebEx
WinPoker 6
WinZip 15.0
.
==== Event Viewer Messages From Past Week ========
.
9/9/2011 4:10:27 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
.
==== End Of File ===========================
www.malwarebytes.org
Database version: 7687
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
9/9/2011 6:00:42 PM
mbam-log-2011-09-09 (18-00-41).txt
Scan type: Quick scan
Objects scanned: 160283
Time elapsed: 17 minute(s), 14 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 11
Memory Processes Infected:
c:\programdata\eijpfppfocpjj.exe (Trojan.FakeAlert) -> 2808 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eiJpFPPFocPJj (Trojan.FakeAlert) -> Value: eiJpFPPFocPJj -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\programdata\19106724 (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
c:\programdata\eijpfppfocpjj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\programdata\p1kalmig2kb7fz.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\fir5F93.tmp (PUP.Casino.Gen) -> Not selected for removal.
c:\Users\Soo\AppData\Local\Temp\tmp3EC6.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\zod780C.tmp (PUP.Casino.Gen) -> Not selected for removal.
c:\users\soo\appdata\local\temp\mrt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\users\soo\appdata\local\temp\69db.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Roaming\microsoft\Windows\start menu\Programs\security tool.lnk (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\0.11255946783874682.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\0.47482561174311644.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Soo\AppData\Local\Temp\0.6399410075394842.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-09 18:22:51
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\0000005a Hitachi_ rev.FB2O
Running: s9xhdv6s.exe; Driver: C:\Users\Soo\AppData\Local\Temp\uwldypow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514
Run by Soo at 18:26:07 on 2011-09-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2813.2096 [GMT -7:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.dslextreme.com/
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {E84CC2C1-B722-48FC-A39C-EDB8B525C777} - No File
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\soo\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linkedinwebinar.webex.com/client/T27LB/event/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 66.51.205.100 66.51.206.100
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084} : DhcpNameServer = 66.51.205.100 66.51.206.100
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\05C41445F4F40303 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\34F6E666562756E636560225F6F6D6 : DhcpNameServer = 12.127.17.71 12.127.16.67
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\4716C696E6 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\75C414E4E45445 : DhcpNameServer = 172.16.0.1
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\B43502759664960284F6473707F647 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{5268D306-83FA-496F-A1B9-C0E3AE33D084}\D416272796F6474704075726C69636 : DhcpNameServer = 172.16.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-1-17 11608]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-7-2 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-1-17 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-1-17 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-1-17 56816]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2009-5-20 59904]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-1-22 171008]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-2 139776]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-1-22 28344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-5 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-5 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-9-9 41272]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-23 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-4 1343400]
.
=============== Created Last 30 ================
.
2011-09-10 00:25:46 -------- d--h--w- c:\users\soo\appdata\roaming\Malwarebytes
2011-09-10 00:25:35 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-10 00:25:32 -------- d--h--w- c:\programdata\Malwarebytes
2011-09-10 00:25:28 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-10 00:25:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-09 20:39:48 7152464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{df5711d9-4311-4404-82d4-5e3321c3f154}\mpengine.dll
2011-08-24 10:22:07 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-11 02:45:42 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-11 02:45:39 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-11 02:45:34 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-11 02:45:19 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-21 03:50:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-06-24 04:27:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22:20 271360 ----a-w- c:\windows\system32\conhost.exe
2011-06-21 05:28:33 981504 ----a-w- c:\windows\system32\wininet.dll
2011-06-15 08:55:19 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- c:\windows\system32\odbccp32.dll
.
============= FINISH: 18:26:46.19 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/1/2009 12:38:42 PM
System Uptime: 9/9/2011 6:01:42 PM (0 hours ago)
.
Motherboard: Quanta | | 3045
Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-74 | Socket M2/S1G1 | 550/1800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 138 GiB total, 21.301 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.141 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: USB\VID_1B96&PID_0001&MI_02\6&45DD6D5&0&0002
Manufacturer:
Name:
PNP Device ID: USB\VID_1B96&PID_0001&MI_02\6&45DD6D5&0&0002
Service:
.
==== System Restore Points ===================
.
RP223: 5/31/2011 7:50:17 PM - Windows Update
RP224: 6/2/2011 8:40:33 PM - Windows Update
RP225: 6/7/2011 8:53:40 PM - Windows Update
RP226: 6/11/2011 8:46:37 PM - Windows Update
RP227: 6/15/2011 9:57:43 PM - Windows Update
RP228: 6/16/2011 1:47:02 AM - Windows Update
RP229: 6/18/2011 3:00:18 AM - Windows Update
RP230: 6/21/2011 8:52:47 PM - Windows Update
RP231: 6/24/2011 7:03:10 PM - Windows Update
RP232: 6/28/2011 7:33:45 PM - Windows Update
RP233: 6/29/2011 8:37:52 PM - Windows Update
RP234: 7/4/2011 3:34:37 PM - Windows Update
RP235: 7/5/2011 7:49:03 PM - Windows Update
RP236: 7/11/2011 11:04:35 PM - Windows Update
RP237: 7/14/2011 1:51:30 AM - Windows Update
RP238: 7/19/2011 7:55:30 PM - Windows Update
RP239: 7/22/2011 8:07:40 PM - Windows Update
RP240: 7/26/2011 6:55:24 PM - Windows Update
RP241: 7/29/2011 9:35:22 PM - Windows Update
RP242: 8/2/2011 7:41:53 PM - Windows Update
RP243: 8/10/2011 7:37:08 PM - Windows Update
RP244: 8/11/2011 3:00:29 AM - Windows Update
RP245: 8/16/2011 8:55:12 PM - Windows Update
RP246: 8/23/2011 3:13:45 AM - Windows Update
RP247: 8/25/2011 3:00:27 AM - Windows Update
RP248: 8/30/2011 8:36:08 PM - Windows Update
RP249: 9/6/2011 3:20:11 PM - Windows Update
RP250: 9/7/2011 3:00:14 AM - Windows Update
RP252: 9/9/2011 3:19:56 PM - Restore Operation
RP254: 9/9/2011 5:40:56 PM - Windows Defender Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.5
AMD USB Filter Driver
ATI Catalyst Install Manager
Avira AntiVir Personal - Free Antivirus
Broadcom 802.11 Wireless LAN Adapter
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Coupon Printer for Windows
ENE CIR Receiver Driver
Facebook Plug-In
Google Earth
Google Update Helper
Java(TM) 6 Update 17
Korean Fonts Support For Adobe Reader 9
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Web Access S/MIME
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
OGA Notifier 2.0.0048.0
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shopping InContext
Synaptics Pointing Device Driver
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
VLC media player 0.9.2
WebEx
WinPoker 6
WinZip 15.0
.
==== Event Viewer Messages From Past Week ========
.
9/9/2011 4:10:27 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
.
==== End Of File ===========================