Hello.
Today my system was running normal with no abnormal symptoms when my Microsoft Security Essentials started barking at me about a threat it had detected. So I ran a full scan and it detected and quarantined sirefef (there were a couple od sirefefs listed as AG, AK and AB I believe). After the scan was done (3 hours later) I was about to run MBAM when MSE popped another message at me that it had quarantined a threat (sirefef again). At that time I updated and ran MBAM and it seems to have stopped but I would really appreciate it if someone could take a look.
Thanks in advance!
P.S. - I used to have AVG installed on the system before switching to MSE but had problems with the uninstall.
I did go through the standard initial steps and the logs are as follows:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.28.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Buddy Lee :: APEVIA [limited]
5/28/2012 1:41:32 AM
mbam-log-2012-05-28 (01-41-32).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 242648
Time elapsed: 12 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rfdvpn (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\DOCUME~1\BUDDYL~1\LOCALS~1\Temp\rfdvpn.dll",SteamUser -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|danonc (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\DOCUME~1\BUDDYL~1\LOCALS~1\Temp\danonc.dll",ConvertMeshSubsetToStrips -> Quarantined and deleted successfully.
Registry Data Items Detected: 1
HKCR\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Bad: (C:\Documents and Settings\Buddy Lee\Local Settings\Application Data\{2f1cbfb4-f416-fa3a-0185-147727087505}\n.) Good: (%SystemRoot%\system32\shdocvw.dll) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\WINDOWS\assembly\GAC\Desktop.ini (Trojan.0access) -> Delete on reboot.
C:\Documents and Settings\Buddy Lee\Local Settings\Temp\rfdvpn.dll (Trojan.Agent.LTGen) -> Delete on reboot.
C:\Documents and Settings\Buddy Lee\Local Settings\Temp\danonc.dll (Trojan.Agent.LTGen) -> Delete on reboot.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-05-28 02:08:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 rev.
Running: tqj56rvl.exe; Driver: C:\DOCUME~1\BUDDYL~1\LOCALS~1\Temp\pwtdrpod.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Buddy Lee at 2:20:31 on 2012-05-28
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2614 [GMT -4:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\Documents and Settings\Buddy Lee\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Documents and Settings\Buddy Lee\Local Settings\Application Data\Akamai\netsession_win.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = 127.0.0.1;127.0.0.1:9421;*.local;<local>
uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Google Update] "c:\documents and settings\buddy lee\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Akamai NetSession Interface] "c:\documents and settings\buddy lee\local settings\application data\akamai\netsession_win.exe"
uRun: [Sonic RecordNow! Deluxe]
mRun: [EasyTuneVI] c:\program files\gigabyte\et6\ETcall.exe
mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260049794531
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\buddy lee\application data\mozilla\firefox\profiles\xmqrti8r.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\buddy lee\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\buddy lee\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-6 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-6 243024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-4-30 218688]
R1 MpKsl0127d349;MpKsl0127d349;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9d908845-8389-41ec-a3e9-3315fcd05ce1}\MpKsl0127d349.sys [2012-5-28 29904]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2001-8-23 14336]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-5-25 785344]
R2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2009-12-5 68136]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-5-18 2348352]
R3 AODDriver;AODDriver;c:\program files\gigabyte\et6\i386\AODDriver.sys [2009-2-23 7168]
R3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2009-12-6 24944]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-6 216400]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-5 1691480]
S3 etdrv;etdrv;c:\windows\etdrv.sys [2009-12-6 17488]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S4 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-15 921952]
S4 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
.
=============== Created Last 30 ================
.
2012-05-28 06:13:2829904----a-w-c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9d908845-8389-41ec-a3e9-3315fcd05ce1}\MpKsl0127d349.sys
2012-05-28 06:10:096737808----a-w-c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9d908845-8389-41ec-a3e9-3315fcd05ce1}\mpengine.dll
2012-05-27 14:44:38--------d-----w-c:\documents and settings\buddy lee\local settings\application data\{61292E35-A7F7-11E1-8270-B8AC6F996F26}
2012-05-27 12:27:55--------d-----w-c:\documents and settings\buddy lee\local settings\application data\{6128FC19-A7F7-11E1-8270-B8AC6F996F26}
2012-05-26 01:22:286737808----a-w-c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-05-26 01:12:35--------d-----w-c:\documents and settings\buddy lee\application data\Search Settings
2012-05-26 01:12:30--------d-----w-c:\program files\Application Updater
2012-05-26 01:12:29--------d-----w-c:\program files\YouTube Downloader Toolbar
2012-05-26 01:12:29--------d-----w-c:\program files\common files\Spigot
2012-05-18 20:55:57881984----a-w-c:\windows\system32\nvgenco32.dll
2012-05-18 20:55:571000256----a-w-c:\windows\system32\nvdispco32.dll
2012-05-18 16:06:09--------d-----w-c:\documents and settings\buddy lee\application data\DDMSettings
2012-05-18 16:04:539200------w-c:\windows\system32\drivers\cdralw2k.sys
2012-05-18 16:04:539072------w-c:\windows\system32\drivers\cdr4_xp.sys
2012-05-18 16:04:53133616------w-c:\windows\system32\pxafs.dll
2012-05-18 16:04:53126448------w-c:\windows\system32\pxinsi64.exe
2012-05-18 16:04:53123888------w-c:\windows\system32\pxcpyi64.exe
2012-05-18 16:04:24--------d-----w-c:\program files\common files\DivX Shared
2012-05-18 15:29:26--------d-----w-c:\program files\DivX
2012-05-18 15:27:46--------d-----w-c:\documents and settings\all users\application data\DivX
2012-05-16 03:48:37--------d-----w-c:\program files\Diablo III
2012-05-16 03:45:04--------d-----w-c:\documents and settings\all users\application data\Battle.net
2012-05-11 02:26:05102248----a-w-c:\documents and settings\buddy lee\GoToAssistDownloadHelper.exe
2012-05-11 02:17:40--------d-----w-c:\documents and settings\buddy lee\local settings\application data\Citrix
2012-05-04 20:39:57419488----a-w-c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-05-28 05:58:3024944----a-w-c:\windows\system32\drivers\GVTDrv.sys
2012-05-28 05:58:0117488----a-w-c:\windows\gdrv.sys
2012-05-18 20:56:33293992----a-w-c:\windows\system32\nvdrsdb0.bin
2012-05-18 20:56:331----a-w-c:\windows\system32\nvdrssel.bin
2012-05-18 20:56:31293992----a-w-c:\windows\system32\nvdrsdb1.bin
2012-05-04 20:39:5770304----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:14:412148352----a-w-c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12:061862272----a-w-c:\windows\system32\win32k.sys
2012-04-11 12:35:512026496----a-w-c:\windows\system32\ntkrnlpa.exe
2012-04-04 19:56:4022344----a-w-c:\windows\system32\drivers\mbam.sys
2012-03-21 00:44:12171064----a-w-c:\windows\system32\drivers\MpFilter.sys
2012-03-03 04:53:2317488----a-w-c:\windows\etdrv.sys
2012-03-01 11:01:32916992----a-w-c:\windows\system32\wininet.dll
2012-03-01 11:01:3243520----a-w-c:\windows\system32\licmgr10.dll
2012-03-01 11:01:321469440------w-c:\windows\system32\inetcpl.cpl
2012-02-29 23:58:0065536----a-w-c:\windows\system32\OpenCL.dll
2012-02-29 23:58:005918720----a-w-c:\windows\system32\nvcuda.dll
2012-02-29 23:58:004309760----a-w-c:\windows\system32\nv4_disp.dll
2012-02-29 23:58:002522944----a-w-c:\windows\system32\nvcuvid.dll
2012-02-29 23:58:002437440----a-w-c:\windows\system32\nvcuvenc.dll
2012-02-29 23:58:002291712----a-w-c:\windows\system32\nvapi.dll
2012-02-29 23:58:0018624512----a-w-c:\windows\system32\nvoglnt.dll
2012-02-29 23:58:0017534976----a-w-c:\windows\system32\nvcompiler.dll
2012-02-29 23:58:0013417632----a-w-c:\windows\system32\drivers\nv4_mini.sys
2012-02-29 20:30:3154272----a-w-c:\windows\system32\nvwddi.dll
2012-02-29 20:30:2415494464----a-w-c:\windows\system32\nvcpl.dll
2012-02-29 20:30:24143680----a-w-c:\windows\system32\nvcolor.exe
2012-02-29 20:30:23164160----a-w-c:\windows\system32\nvsvc32.exe
2012-02-29 20:30:23108352----a-w-c:\windows\system32\nvmctray.dll
2012-02-29 14:10:16177664----a-w-c:\windows\system32\wintrust.dll
2012-02-29 14:10:16148480----a-w-c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40385024----a-w-c:\windows\system32\html.iec
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\Harddisk0\DR0[0x8B037030]
3 CLASSPNP[0xB8118FD7] -> ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\0000006e[0x8B026490]
5 ACPI[0xB7F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8B039940]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 2:20:37.93 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/4/2009 11:32:03 PM
System Uptime: 5/28/2012 1:57:24 AM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP45-UD3R
Processor: Intel Pentium III Xeon processor | Socket 775 | 2999/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 354.491 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&33BA0C0F&0&00E4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&33BA0C0F&0&00E4
Service: RTLE8023xp
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\241D7B0DB0
Manufacturer: Microsoft
Name: 1394 Net Adapter #2
PNP Device ID: V1394\NIC1394\241D7B0DB0
Service: NIC1394
.
==== System Restore Points ===================
.
RP746: 2/28/2012 6:14:02 PM - System Checkpoint
RP747: 2/29/2012 6:16:06 PM - Software Distribution Service 3.0
RP748: 3/1/2012 6:39:09 PM - Software Distribution Service 3.0
RP749: 3/2/2012 10:34:03 PM - Software Distribution Service 3.0
RP750: 3/3/2012 11:29:47 PM - System Checkpoint
RP751: 3/4/2012 1:59:30 AM - Software Distribution Service 3.0
RP752: 3/5/2012 1:57:32 PM - Software Distribution Service 3.0
RP753: 3/6/2012 2:16:15 PM - Software Distribution Service 3.0
RP754: 3/7/2012 2:17:36 PM - System Checkpoint
RP755: 3/8/2012 7:04:21 PM - Software Distribution Service 3.0
RP756: 3/9/2012 7:07:54 PM - System Checkpoint
RP757: 3/9/2012 10:38:05 PM - Software Distribution Service 3.0
RP758: 3/10/2012 8:38:05 AM - Installed DirectX
RP759: 3/11/2012 11:30:06 AM - Software Distribution Service 3.0
RP760: 3/12/2012 8:08:30 PM - Software Distribution Service 3.0
RP761: 3/14/2012 8:13:00 PM - Software Distribution Service 3.0
RP762: 3/14/2012 11:15:33 PM - Software Distribution Service 3.0
RP763: 3/16/2012 3:04:08 PM - Software Distribution Service 3.0
RP764: 3/16/2012 3:17:39 PM - Software Distribution Service 3.0
RP765: 3/17/2012 3:52:59 PM - System Checkpoint
RP766: 3/18/2012 9:50:06 AM - Software Distribution Service 3.0
RP767: 3/19/2012 6:13:19 PM - Software Distribution Service 3.0
RP768: 3/20/2012 7:19:29 PM - Software Distribution Service 3.0
RP769: 3/21/2012 9:26:33 PM - Software Distribution Service 3.0
RP770: 3/23/2012 11:19:09 AM - Software Distribution Service 3.0
RP771: 3/24/2012 2:55:57 PM - Software Distribution Service 3.0
RP772: 3/25/2012 4:21:13 PM - System Checkpoint
RP773: 3/25/2012 4:59:17 PM - Software Distribution Service 3.0
RP774: 3/26/2012 8:51:56 PM - Software Distribution Service 3.0
RP775: 3/28/2012 9:27:43 AM - Software Distribution Service 3.0
RP776: 3/29/2012 9:39:44 PM - Software Distribution Service 3.0
RP777: 3/30/2012 11:08:36 PM - System Checkpoint
RP778: 3/31/2012 9:41:22 AM - Software Distribution Service 3.0
RP779: 4/1/2012 9:45:09 AM - System Checkpoint
RP780: 4/2/2012 8:11:52 PM - Software Distribution Service 3.0
RP781: 4/4/2012 8:28:52 PM - Software Distribution Service 3.0
RP782: 4/6/2012 5:55:54 PM - Software Distribution Service 3.0
RP783: 4/7/2012 6:53:28 PM - Software Distribution Service 3.0
RP784: 4/9/2012 8:33:36 PM - Software Distribution Service 3.0
RP785: 4/11/2012 12:46:39 PM - Software Distribution Service 3.0
RP786: 4/12/2012 12:48:37 PM - System Checkpoint
RP787: 4/13/2012 10:54:10 AM - Software Distribution Service 3.0
RP788: 4/13/2012 11:24:51 AM - Software Distribution Service 3.0
RP789: 4/15/2012 10:44:30 AM - Software Distribution Service 3.0
RP790: 4/16/2012 8:36:22 PM - Software Distribution Service 3.0
RP791: 4/17/2012 9:08:07 PM - Software Distribution Service 3.0
RP792: 4/19/2012 8:27:09 PM - Software Distribution Service 3.0
RP793: 4/21/2012 5:43:35 PM - Software Distribution Service 3.0
RP794: 4/22/2012 6:14:05 PM - System Checkpoint
RP795: 4/26/2012 9:24:42 PM - Software Distribution Service 3.0
RP796: 4/28/2012 3:58:03 PM - Software Distribution Service 3.0
RP797: 5/2/2012 8:57:16 PM - Software Distribution Service 3.0
RP798: 5/4/2012 2:18:23 PM - Software Distribution Service 3.0
RP799: 5/5/2012 7:05:59 PM - Software Distribution Service 3.0
RP800: 5/6/2012 8:01:45 PM - System Checkpoint
RP801: 5/10/2012 9:46:52 PM - Software Distribution Service 3.0
RP802: 5/13/2012 7:14:55 PM - System Checkpoint
RP803: 5/14/2012 12:04:38 PM - Software Distribution Service 3.0
RP804: 5/14/2012 6:24:07 PM - Software Distribution Service 3.0
RP805: 5/15/2012 6:35:17 PM - Software Distribution Service 3.0
RP806: 5/15/2012 6:58:24 PM - Software Distribution Service 3.0
RP807: 5/16/2012 8:10:55 PM - Software Distribution Service 3.0
RP808: 5/17/2012 8:40:46 PM - Software Distribution Service 3.0
RP809: 5/18/2012 9:03:37 PM - System Checkpoint
RP810: 5/19/2012 10:20:00 AM - Software Distribution Service 3.0
RP811: 5/20/2012 10:20:57 PM - Software Distribution Service 3.0
RP812: 5/21/2012 9:14:50 PM - Software Distribution Service 3.0
RP813: 5/21/2012 11:06:12 PM - Software Distribution Service 3.0
RP814: 5/22/2012 5:39:47 PM - Software Distribution Service 3.0
RP815: 5/23/2012 2:18:15 AM - Software Distribution Service 3.0
RP816: 5/23/2012 5:36:40 PM - Software Distribution Service 3.0
RP817: 5/24/2012 6:07:33 PM - Software Distribution Service 3.0
RP818: 5/25/2012 9:22:25 PM - Software Distribution Service 3.0
RP819: 5/26/2012 9:27:44 PM - System Checkpoint
RP820: 5/27/2012 8:12:48 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Acala DVD Ripper Professional 6.1.8
Acrobat.com
Activision(R)
Adobe AIR
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader 9.4.4
Akamai NetSession Interface
Akamai NetSession Interface Service
Any Video Converter 3.3.4
AoA DVD Ripper
APB Reloaded
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
AVG Free 9.0
Battlefield Heroes
Blur(TM)
Bonjour
Borderlands
Browser Configuration Utility
calibre
Citrix Presentation Server Client
Counter-Strike: Source
Curse Client
DAEMON Tools Lite
Dawn of War - Dark Crusade
DC Universe Online Live
Defcon Demo
Diablo III
DivX Setup
DMIView B8.0717.01
doPDF 7.0 printer
Dual-Core Optimizer
Duke Nukem Forever Demo
DVD Shrink 3.2
Easy Tune 6 B09.0326.1
EdenEternal
Energy Saver Advance B9.0316.1
EVGA Precision 1.8.0
Fantasy Earth Zero
Far Cry 2
FlatOut Ultimate Carnage
Fraps (remove only)
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.3
Get the Picture!
Gigabyte Raid Configurer
Google Chrome
Google SketchUp 8
Handbrake 0.9.4
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp instant support
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1100 series
hp psc 1100 series
IGG Web3D Player version 1.0.0.37
iTunes
Java Auto Updater
Java(TM) 6 Update 29
League of Legends
Logitech GamePanel Software 3.03.133
Magic: The Gathering — Duels of the Planeswalkers 2012 - Demo
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mini Ninjas 1.0
Mozilla Firefox 5.0.1 (x86 en-US)
Nero Suite
NVIDIA Control Panel 296.10
NVIDIA Graphics Driver 296.10
NVIDIA Install Application
NVIDIA nView 136.18
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0213
NVIDIA Update 1.7.11
NVIDIA Update Components
OpenAL
Orcs Must Die! Demo
Pando Media Booster
PDF Settings CS5
Pepakura Viewer 3
Plants vs. Zombies(TM)
Portal
Portal 2
PowerDVD
PunkBuster Services
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
RIFT
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic Audio Module
Sonic CinePlayer
Sonic Copy Module
Sonic Data Module
Sonic MyDVD Studio Deluxe
Sonic RecordNow! Deluxe
Sonic Update Manager
SpeechRedist
Spelling Dictionaries Support For Adobe Reader 9
SPORE™
Star Wars: The Old Republic
StarCraft
Steam
STOIK Video Converter 3
System Requirements Lab
System Requirements Lab CYRI
Tablet
Team Fortress 2
Tornado Jockey
Uninstall 1.0.0.1
Unity Web Player
Unreal Tournament 2004
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Service Pack 3
World of Logs Client
World of Warcraft
Wow Web Stats Client v3.0
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall
YouTube Downloader 3.5
YouTube Downloader Toolbar v5.8
.
==== Event Viewer Messages From Past Week ========
.
5/26/2012 4:22:15 PM, error: nv [108] - The driver nv4_disp for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
5/25/2012 10:02:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86
5/24/2012 5:56:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.42 for the Network Card with network address 00241DC033FA has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).
5/23/2012 8:46:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/23/2012 8:39:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 Cinemsup Fips intelppm MpFilter
5/23/2012 8:12:03 PM, error: Dhcp [1002] - The IP address lease 10.0.0.3 for the Network Card with network address 00241DC033FA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
5/21/2012 7:06:28 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 10.0.0.3 with the system having network hardware address 4C:B1:99:2C:92:87. Network operations on this system may be disrupted as a result.
5/21/2012 6:36:13 PM, error: System Error [1003] - Error code 000000ea, parameter1 89e19da0, parameter2 8afbff60, parameter3 8ab75150, parameter4 00000001.
5/21/2012 6:33:56 PM, error: Dhcp [1002] - The IP address lease 10.0.0.2 for the Network Card with network address 00241DC033FA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
5/21/2012 6:06:48 PM, error: JRAID [9] - The device, \Device\Scsi\JRAID1, did not respond within the timeout period.
5/21/2012 6:05:39 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
.
==== End Of File ===========================
Today my system was running normal with no abnormal symptoms when my Microsoft Security Essentials started barking at me about a threat it had detected. So I ran a full scan and it detected and quarantined sirefef (there were a couple od sirefefs listed as AG, AK and AB I believe). After the scan was done (3 hours later) I was about to run MBAM when MSE popped another message at me that it had quarantined a threat (sirefef again). At that time I updated and ran MBAM and it seems to have stopped but I would really appreciate it if someone could take a look.
Thanks in advance!
P.S. - I used to have AVG installed on the system before switching to MSE but had problems with the uninstall.
I did go through the standard initial steps and the logs are as follows:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.28.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Buddy Lee :: APEVIA [limited]
5/28/2012 1:41:32 AM
mbam-log-2012-05-28 (01-41-32).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 242648
Time elapsed: 12 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rfdvpn (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\DOCUME~1\BUDDYL~1\LOCALS~1\Temp\rfdvpn.dll",SteamUser -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|danonc (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\DOCUME~1\BUDDYL~1\LOCALS~1\Temp\danonc.dll",ConvertMeshSubsetToStrips -> Quarantined and deleted successfully.
Registry Data Items Detected: 1
HKCR\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Bad: (C:\Documents and Settings\Buddy Lee\Local Settings\Application Data\{2f1cbfb4-f416-fa3a-0185-147727087505}\n.) Good: (%SystemRoot%\system32\shdocvw.dll) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\WINDOWS\assembly\GAC\Desktop.ini (Trojan.0access) -> Delete on reboot.
C:\Documents and Settings\Buddy Lee\Local Settings\Temp\rfdvpn.dll (Trojan.Agent.LTGen) -> Delete on reboot.
C:\Documents and Settings\Buddy Lee\Local Settings\Temp\danonc.dll (Trojan.Agent.LTGen) -> Delete on reboot.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-05-28 02:08:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 rev.
Running: tqj56rvl.exe; Driver: C:\DOCUME~1\BUDDYL~1\LOCALS~1\Temp\pwtdrpod.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Buddy Lee at 2:20:31 on 2012-05-28
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2614 [GMT -4:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\Documents and Settings\Buddy Lee\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Documents and Settings\Buddy Lee\Local Settings\Application Data\Akamai\netsession_win.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = 127.0.0.1;127.0.0.1:9421;*.local;<local>
uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\5.8\youtubedownloaderToolbarIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Google Update] "c:\documents and settings\buddy lee\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Akamai NetSession Interface] "c:\documents and settings\buddy lee\local settings\application data\akamai\netsession_win.exe"
uRun: [Sonic RecordNow! Deluxe]
mRun: [EasyTuneVI] c:\program files\gigabyte\et6\ETcall.exe
mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260049794531
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\buddy lee\application data\mozilla\firefox\profiles\xmqrti8r.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\buddy lee\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\buddy lee\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-6 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-6 243024]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-4-30 218688]
R1 MpKsl0127d349;MpKsl0127d349;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9d908845-8389-41ec-a3e9-3315fcd05ce1}\MpKsl0127d349.sys [2012-5-28 29904]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2001-8-23 14336]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-5-25 785344]
R2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2009-12-5 68136]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-5-18 2348352]
R3 AODDriver;AODDriver;c:\program files\gigabyte\et6\i386\AODDriver.sys [2009-2-23 7168]
R3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2009-12-6 24944]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-6 216400]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-5 1691480]
S3 etdrv;etdrv;c:\windows\etdrv.sys [2009-12-6 17488]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S4 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-15 921952]
S4 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
.
=============== Created Last 30 ================
.
2012-05-28 06:13:2829904----a-w-c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9d908845-8389-41ec-a3e9-3315fcd05ce1}\MpKsl0127d349.sys
2012-05-28 06:10:096737808----a-w-c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9d908845-8389-41ec-a3e9-3315fcd05ce1}\mpengine.dll
2012-05-27 14:44:38--------d-----w-c:\documents and settings\buddy lee\local settings\application data\{61292E35-A7F7-11E1-8270-B8AC6F996F26}
2012-05-27 12:27:55--------d-----w-c:\documents and settings\buddy lee\local settings\application data\{6128FC19-A7F7-11E1-8270-B8AC6F996F26}
2012-05-26 01:22:286737808----a-w-c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-05-26 01:12:35--------d-----w-c:\documents and settings\buddy lee\application data\Search Settings
2012-05-26 01:12:30--------d-----w-c:\program files\Application Updater
2012-05-26 01:12:29--------d-----w-c:\program files\YouTube Downloader Toolbar
2012-05-26 01:12:29--------d-----w-c:\program files\common files\Spigot
2012-05-18 20:55:57881984----a-w-c:\windows\system32\nvgenco32.dll
2012-05-18 20:55:571000256----a-w-c:\windows\system32\nvdispco32.dll
2012-05-18 16:06:09--------d-----w-c:\documents and settings\buddy lee\application data\DDMSettings
2012-05-18 16:04:539200------w-c:\windows\system32\drivers\cdralw2k.sys
2012-05-18 16:04:539072------w-c:\windows\system32\drivers\cdr4_xp.sys
2012-05-18 16:04:53133616------w-c:\windows\system32\pxafs.dll
2012-05-18 16:04:53126448------w-c:\windows\system32\pxinsi64.exe
2012-05-18 16:04:53123888------w-c:\windows\system32\pxcpyi64.exe
2012-05-18 16:04:24--------d-----w-c:\program files\common files\DivX Shared
2012-05-18 15:29:26--------d-----w-c:\program files\DivX
2012-05-18 15:27:46--------d-----w-c:\documents and settings\all users\application data\DivX
2012-05-16 03:48:37--------d-----w-c:\program files\Diablo III
2012-05-16 03:45:04--------d-----w-c:\documents and settings\all users\application data\Battle.net
2012-05-11 02:26:05102248----a-w-c:\documents and settings\buddy lee\GoToAssistDownloadHelper.exe
2012-05-11 02:17:40--------d-----w-c:\documents and settings\buddy lee\local settings\application data\Citrix
2012-05-04 20:39:57419488----a-w-c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-05-28 05:58:3024944----a-w-c:\windows\system32\drivers\GVTDrv.sys
2012-05-28 05:58:0117488----a-w-c:\windows\gdrv.sys
2012-05-18 20:56:33293992----a-w-c:\windows\system32\nvdrsdb0.bin
2012-05-18 20:56:331----a-w-c:\windows\system32\nvdrssel.bin
2012-05-18 20:56:31293992----a-w-c:\windows\system32\nvdrsdb1.bin
2012-05-04 20:39:5770304----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:14:412148352----a-w-c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12:061862272----a-w-c:\windows\system32\win32k.sys
2012-04-11 12:35:512026496----a-w-c:\windows\system32\ntkrnlpa.exe
2012-04-04 19:56:4022344----a-w-c:\windows\system32\drivers\mbam.sys
2012-03-21 00:44:12171064----a-w-c:\windows\system32\drivers\MpFilter.sys
2012-03-03 04:53:2317488----a-w-c:\windows\etdrv.sys
2012-03-01 11:01:32916992----a-w-c:\windows\system32\wininet.dll
2012-03-01 11:01:3243520----a-w-c:\windows\system32\licmgr10.dll
2012-03-01 11:01:321469440------w-c:\windows\system32\inetcpl.cpl
2012-02-29 23:58:0065536----a-w-c:\windows\system32\OpenCL.dll
2012-02-29 23:58:005918720----a-w-c:\windows\system32\nvcuda.dll
2012-02-29 23:58:004309760----a-w-c:\windows\system32\nv4_disp.dll
2012-02-29 23:58:002522944----a-w-c:\windows\system32\nvcuvid.dll
2012-02-29 23:58:002437440----a-w-c:\windows\system32\nvcuvenc.dll
2012-02-29 23:58:002291712----a-w-c:\windows\system32\nvapi.dll
2012-02-29 23:58:0018624512----a-w-c:\windows\system32\nvoglnt.dll
2012-02-29 23:58:0017534976----a-w-c:\windows\system32\nvcompiler.dll
2012-02-29 23:58:0013417632----a-w-c:\windows\system32\drivers\nv4_mini.sys
2012-02-29 20:30:3154272----a-w-c:\windows\system32\nvwddi.dll
2012-02-29 20:30:2415494464----a-w-c:\windows\system32\nvcpl.dll
2012-02-29 20:30:24143680----a-w-c:\windows\system32\nvcolor.exe
2012-02-29 20:30:23164160----a-w-c:\windows\system32\nvsvc32.exe
2012-02-29 20:30:23108352----a-w-c:\windows\system32\nvmctray.dll
2012-02-29 14:10:16177664----a-w-c:\windows\system32\wintrust.dll
2012-02-29 14:10:16148480----a-w-c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40385024----a-w-c:\windows\system32\html.iec
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\Harddisk0\DR0[0x8B037030]
3 CLASSPNP[0xB8118FD7] -> ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\0000006e[0x8B026490]
5 ACPI[0xB7F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8B039940]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 2:20:37.93 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/4/2009 11:32:03 PM
System Uptime: 5/28/2012 1:57:24 AM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP45-UD3R
Processor: Intel Pentium III Xeon processor | Socket 775 | 2999/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 354.491 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&33BA0C0F&0&00E4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&33BA0C0F&0&00E4
Service: RTLE8023xp
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\241D7B0DB0
Manufacturer: Microsoft
Name: 1394 Net Adapter #2
PNP Device ID: V1394\NIC1394\241D7B0DB0
Service: NIC1394
.
==== System Restore Points ===================
.
RP746: 2/28/2012 6:14:02 PM - System Checkpoint
RP747: 2/29/2012 6:16:06 PM - Software Distribution Service 3.0
RP748: 3/1/2012 6:39:09 PM - Software Distribution Service 3.0
RP749: 3/2/2012 10:34:03 PM - Software Distribution Service 3.0
RP750: 3/3/2012 11:29:47 PM - System Checkpoint
RP751: 3/4/2012 1:59:30 AM - Software Distribution Service 3.0
RP752: 3/5/2012 1:57:32 PM - Software Distribution Service 3.0
RP753: 3/6/2012 2:16:15 PM - Software Distribution Service 3.0
RP754: 3/7/2012 2:17:36 PM - System Checkpoint
RP755: 3/8/2012 7:04:21 PM - Software Distribution Service 3.0
RP756: 3/9/2012 7:07:54 PM - System Checkpoint
RP757: 3/9/2012 10:38:05 PM - Software Distribution Service 3.0
RP758: 3/10/2012 8:38:05 AM - Installed DirectX
RP759: 3/11/2012 11:30:06 AM - Software Distribution Service 3.0
RP760: 3/12/2012 8:08:30 PM - Software Distribution Service 3.0
RP761: 3/14/2012 8:13:00 PM - Software Distribution Service 3.0
RP762: 3/14/2012 11:15:33 PM - Software Distribution Service 3.0
RP763: 3/16/2012 3:04:08 PM - Software Distribution Service 3.0
RP764: 3/16/2012 3:17:39 PM - Software Distribution Service 3.0
RP765: 3/17/2012 3:52:59 PM - System Checkpoint
RP766: 3/18/2012 9:50:06 AM - Software Distribution Service 3.0
RP767: 3/19/2012 6:13:19 PM - Software Distribution Service 3.0
RP768: 3/20/2012 7:19:29 PM - Software Distribution Service 3.0
RP769: 3/21/2012 9:26:33 PM - Software Distribution Service 3.0
RP770: 3/23/2012 11:19:09 AM - Software Distribution Service 3.0
RP771: 3/24/2012 2:55:57 PM - Software Distribution Service 3.0
RP772: 3/25/2012 4:21:13 PM - System Checkpoint
RP773: 3/25/2012 4:59:17 PM - Software Distribution Service 3.0
RP774: 3/26/2012 8:51:56 PM - Software Distribution Service 3.0
RP775: 3/28/2012 9:27:43 AM - Software Distribution Service 3.0
RP776: 3/29/2012 9:39:44 PM - Software Distribution Service 3.0
RP777: 3/30/2012 11:08:36 PM - System Checkpoint
RP778: 3/31/2012 9:41:22 AM - Software Distribution Service 3.0
RP779: 4/1/2012 9:45:09 AM - System Checkpoint
RP780: 4/2/2012 8:11:52 PM - Software Distribution Service 3.0
RP781: 4/4/2012 8:28:52 PM - Software Distribution Service 3.0
RP782: 4/6/2012 5:55:54 PM - Software Distribution Service 3.0
RP783: 4/7/2012 6:53:28 PM - Software Distribution Service 3.0
RP784: 4/9/2012 8:33:36 PM - Software Distribution Service 3.0
RP785: 4/11/2012 12:46:39 PM - Software Distribution Service 3.0
RP786: 4/12/2012 12:48:37 PM - System Checkpoint
RP787: 4/13/2012 10:54:10 AM - Software Distribution Service 3.0
RP788: 4/13/2012 11:24:51 AM - Software Distribution Service 3.0
RP789: 4/15/2012 10:44:30 AM - Software Distribution Service 3.0
RP790: 4/16/2012 8:36:22 PM - Software Distribution Service 3.0
RP791: 4/17/2012 9:08:07 PM - Software Distribution Service 3.0
RP792: 4/19/2012 8:27:09 PM - Software Distribution Service 3.0
RP793: 4/21/2012 5:43:35 PM - Software Distribution Service 3.0
RP794: 4/22/2012 6:14:05 PM - System Checkpoint
RP795: 4/26/2012 9:24:42 PM - Software Distribution Service 3.0
RP796: 4/28/2012 3:58:03 PM - Software Distribution Service 3.0
RP797: 5/2/2012 8:57:16 PM - Software Distribution Service 3.0
RP798: 5/4/2012 2:18:23 PM - Software Distribution Service 3.0
RP799: 5/5/2012 7:05:59 PM - Software Distribution Service 3.0
RP800: 5/6/2012 8:01:45 PM - System Checkpoint
RP801: 5/10/2012 9:46:52 PM - Software Distribution Service 3.0
RP802: 5/13/2012 7:14:55 PM - System Checkpoint
RP803: 5/14/2012 12:04:38 PM - Software Distribution Service 3.0
RP804: 5/14/2012 6:24:07 PM - Software Distribution Service 3.0
RP805: 5/15/2012 6:35:17 PM - Software Distribution Service 3.0
RP806: 5/15/2012 6:58:24 PM - Software Distribution Service 3.0
RP807: 5/16/2012 8:10:55 PM - Software Distribution Service 3.0
RP808: 5/17/2012 8:40:46 PM - Software Distribution Service 3.0
RP809: 5/18/2012 9:03:37 PM - System Checkpoint
RP810: 5/19/2012 10:20:00 AM - Software Distribution Service 3.0
RP811: 5/20/2012 10:20:57 PM - Software Distribution Service 3.0
RP812: 5/21/2012 9:14:50 PM - Software Distribution Service 3.0
RP813: 5/21/2012 11:06:12 PM - Software Distribution Service 3.0
RP814: 5/22/2012 5:39:47 PM - Software Distribution Service 3.0
RP815: 5/23/2012 2:18:15 AM - Software Distribution Service 3.0
RP816: 5/23/2012 5:36:40 PM - Software Distribution Service 3.0
RP817: 5/24/2012 6:07:33 PM - Software Distribution Service 3.0
RP818: 5/25/2012 9:22:25 PM - Software Distribution Service 3.0
RP819: 5/26/2012 9:27:44 PM - System Checkpoint
RP820: 5/27/2012 8:12:48 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Acala DVD Ripper Professional 6.1.8
Acrobat.com
Activision(R)
Adobe AIR
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader 9.4.4
Akamai NetSession Interface
Akamai NetSession Interface Service
Any Video Converter 3.3.4
AoA DVD Ripper
APB Reloaded
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
AVG Free 9.0
Battlefield Heroes
Blur(TM)
Bonjour
Borderlands
Browser Configuration Utility
calibre
Citrix Presentation Server Client
Counter-Strike: Source
Curse Client
DAEMON Tools Lite
Dawn of War - Dark Crusade
DC Universe Online Live
Defcon Demo
Diablo III
DivX Setup
DMIView B8.0717.01
doPDF 7.0 printer
Dual-Core Optimizer
Duke Nukem Forever Demo
DVD Shrink 3.2
Easy Tune 6 B09.0326.1
EdenEternal
Energy Saver Advance B9.0316.1
EVGA Precision 1.8.0
Fantasy Earth Zero
Far Cry 2
FlatOut Ultimate Carnage
Fraps (remove only)
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.3
Get the Picture!
Gigabyte Raid Configurer
Google Chrome
Google SketchUp 8
Handbrake 0.9.4
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp instant support
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1100 series
hp psc 1100 series
IGG Web3D Player version 1.0.0.37
iTunes
Java Auto Updater
Java(TM) 6 Update 29
League of Legends
Logitech GamePanel Software 3.03.133
Magic: The Gathering — Duels of the Planeswalkers 2012 - Demo
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mini Ninjas 1.0
Mozilla Firefox 5.0.1 (x86 en-US)
Nero Suite
NVIDIA Control Panel 296.10
NVIDIA Graphics Driver 296.10
NVIDIA Install Application
NVIDIA nView 136.18
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0213
NVIDIA Update 1.7.11
NVIDIA Update Components
OpenAL
Orcs Must Die! Demo
Pando Media Booster
PDF Settings CS5
Pepakura Viewer 3
Plants vs. Zombies(TM)
Portal
Portal 2
PowerDVD
PunkBuster Services
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
RIFT
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic Audio Module
Sonic CinePlayer
Sonic Copy Module
Sonic Data Module
Sonic MyDVD Studio Deluxe
Sonic RecordNow! Deluxe
Sonic Update Manager
SpeechRedist
Spelling Dictionaries Support For Adobe Reader 9
SPORE™
Star Wars: The Old Republic
StarCraft
Steam
STOIK Video Converter 3
System Requirements Lab
System Requirements Lab CYRI
Tablet
Team Fortress 2
Tornado Jockey
Uninstall 1.0.0.1
Unity Web Player
Unreal Tournament 2004
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Service Pack 3
World of Logs Client
World of Warcraft
Wow Web Stats Client v3.0
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall
YouTube Downloader 3.5
YouTube Downloader Toolbar v5.8
.
==== Event Viewer Messages From Past Week ========
.
5/26/2012 4:22:15 PM, error: nv [108] - The driver nv4_disp for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
5/25/2012 10:02:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86
5/24/2012 5:56:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.42 for the Network Card with network address 00241DC033FA has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).
5/23/2012 8:46:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/23/2012 8:39:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 Cinemsup Fips intelppm MpFilter
5/23/2012 8:12:03 PM, error: Dhcp [1002] - The IP address lease 10.0.0.3 for the Network Card with network address 00241DC033FA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
5/21/2012 7:06:28 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 10.0.0.3 with the system having network hardware address 4C:B1:99:2C:92:87. Network operations on this system may be disrupted as a result.
5/21/2012 6:36:13 PM, error: System Error [1003] - Error code 000000ea, parameter1 89e19da0, parameter2 8afbff60, parameter3 8ab75150, parameter4 00000001.
5/21/2012 6:33:56 PM, error: Dhcp [1002] - The IP address lease 10.0.0.2 for the Network Card with network address 00241DC033FA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
5/21/2012 6:06:48 PM, error: JRAID [9] - The device, \Device\Scsi\JRAID1, did not respond within the timeout period.
5/21/2012 6:05:39 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
.
==== End Of File ===========================