CarolinaChuck
Posts: 8 +0
Hello,
First problem stared with an random ding dong sound like I pluged in a USB device. I tried to figure it out on my own by removing unused aplication in Add/Remove Progams and msconfig start up; I may have done more harm than good. After a week, Internet Explorer 8 started to redirect me when opening links and then started to open new windows and going to sell/medical/BS type sites on its own. Also, AVG threats while off line WINDOW\system32\ping.exe
To keep it short, here are the logs:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.14.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: SUPER-CHUCKIE [administrator]
6/14/2012 11:50:51 AM
mbam-log-2012-06-14 (11-50-51).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224426
Time elapsed: 11 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
C:\Win.Msi (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Settings (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
Files Detected: 5
C:\Win.Msi\3proxy.cfg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Win.Msi\alg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\rs.dat (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Log\2009 Jan 20 - 01_29_47 AM_453.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Settings\ScanResults.pie (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-06-14 12:45:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5 WDC_WD2500YD-01NVB1 rev.10.02E01
Running: 6ncm6eom.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\agtorfod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Ntfs \Ntfs InCDRec.sys (InCD File System Recognizer/Nero AG)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Fastfat \Fat InCDRec.sys (InCD File System Recognizer/Nero AG)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- Processes - GMER 1.0.15 ----
Process C:\WINDOWS\system32\ping.exe (*** hidden *** ) 3892
---- EOF - GMER 1.0.15 ----
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Administrator at 12:57:24 on 2012-06-14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2773 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\dKEYUSBCradle\SyncService.exe
C:\dKEYUSBCradle\ProxyDaemon.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\dKEYUSBCradle\stunnel-4.10.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\OCZ Technology\Mouse\Amoumain.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\dKEYUSBCradle\SyncInfoApp.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Start WingMan Profiler] "c:\program files\logitech\profiler\lwemon.exe" /noui
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [PowerArchiver Tray] c:\program files\powerarchiver\PASTARTER.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [WheelMouse] c:\program files\ocz technology\mouse\Amoumain.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\nikonm~1.lnk - c:\program files\common files\nikon\monitor\NkMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\displa~1.lnk - c:\dkeyusbcradle\SyncInfoApp.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Locate Spot on Map by GPS - c:\program files\opanda\iexif 2.3\IExifMap.htm
IE: Lookup on Merriam Webster
IE: Lookup on Wikipedia
IE: View Exif/GPS/IPTC with IExif - c:\program files\opanda\iexif 2.3\IExifCom.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
LSP: mswsock.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227396431828
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\0l4hw7l5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc6d1b5&v=6.010.006.004&I=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\npjpi160_32.dll
FF - plugin: c:\program files\java\jre6\bin\npoji610.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 AvgLdx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 AvgMfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 AvgTdiX;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 silabenm;GE Supra DisplayKey USB Cradle Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2011-7-6 24584]
R3 silabser;GE Supra DisplayKey USB Cradle Driver;c:\windows\system32\drivers\silabser.sys [2011-7-6 69256]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe --> c:\progra~1\avg\avg8\avgemc.exe [?]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe --> c:\progra~1\avg\avg8\avgwdsvc.exe [?]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-11 136176]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero 7\incd\nbhregincdsrv.exe --> c:\program files\nero\nero 7\incd\NBHRegInCDSrv.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 257224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-11 136176]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
.
=============== Created Last 30 ================
.
2012-06-14 15:46:02 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2012-06-14 15:38:19 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-06-14 15:38:18 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-14 15:38:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-13 13:34:01 1409 ----a-w- c:\windows\QTFont.for
2012-06-12 16:30:30 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-06-12 16:30:30 -------- d-----w- c:\windows\system32\wbem\Repository
2012-06-08 15:30:35 -------- d-----w- c:\documents and settings\administrator\local settings\application data\PCHealth
2012-06-08 15:28:26 -------- dc-h--w- c:\windows\ie8
2012-06-08 14:52:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-08 14:52:47 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-06 16:39:18 -------- d-----w- c:\documents and settings\administrator\application data\AVG
2012-06-06 16:31:25 -------- d-----w- c:\documents and settings\administrator\application data\AVG2012
2012-06-06 16:29:51 -------- d-----w- c:\windows\system32\drivers\AVG
2012-06-06 16:29:51 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin7.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin6.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2012-05-31 17:48:56 -------- d-----w- c:\program files\EZ Fonts
.
==================== Find3M ====================
.
2012-06-13 17:44:44 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 17:44:44 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-08 14:52:35 472864 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-19 08:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-03-19 09:17:28 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 12:57:49.76 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/22/2008 4:55:26 PM
System Uptime: 6/14/2012 12:17:45 PM (0 hours ago)
.
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | MS-7550
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5400+ | CPU1 | 2800/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 112 GiB total, 66.875 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP881: 3/17/2012 2:09:56 AM - System Checkpoint
RP882: 3/18/2012 2:37:54 AM - System Checkpoint
RP883: 3/19/2012 3:35:03 AM - System Checkpoint
RP884: 3/20/2012 3:37:54 AM - System Checkpoint
RP885: 3/21/2012 4:37:54 AM - System Checkpoint
RP886: 3/22/2012 5:37:57 AM - System Checkpoint
RP887: 3/23/2012 6:37:54 AM - System Checkpoint
RP888: 3/24/2012 7:57:43 AM - System Checkpoint
RP889: 3/25/2012 8:38:59 AM - System Checkpoint
RP890: 3/26/2012 9:37:54 AM - System Checkpoint
RP891: 3/27/2012 6:39:42 PM - System Checkpoint
RP892: 3/28/2012 8:34:13 PM - System Checkpoint
RP893: 3/29/2012 8:37:51 PM - System Checkpoint
RP894: 3/30/2012 9:44:43 PM - System Checkpoint
RP895: 3/31/2012 10:27:14 PM - System Checkpoint
RP896: 4/1/2012 11:27:14 PM - System Checkpoint
RP897: 4/2/2012 11:28:36 PM - System Checkpoint
RP898: 4/4/2012 12:36:10 AM - System Checkpoint
RP899: 4/5/2012 2:36:41 AM - System Checkpoint
RP900: 4/6/2012 3:11:30 AM - System Checkpoint
RP901: 4/7/2012 4:11:30 AM - System Checkpoint
RP902: 4/8/2012 5:11:09 AM - System Checkpoint
RP903: 4/9/2012 5:11:30 AM - System Checkpoint
RP904: 4/10/2012 6:11:25 AM - System Checkpoint
RP905: 4/11/2012 7:11:25 AM - System Checkpoint
RP906: 4/12/2012 8:11:25 AM - System Checkpoint
RP907: 4/13/2012 8:21:16 AM - System Checkpoint
RP908: 4/14/2012 9:11:25 AM - System Checkpoint
RP909: 4/15/2012 10:56:03 AM - System Checkpoint
RP910: 4/16/2012 4:22:30 PM - System Checkpoint
RP911: 4/16/2012 6:50:17 PM - Removed HP Software Update
RP912: 4/16/2012 7:23:44 PM - Printer Driver HP Officejet 4500 G510n-z fax Installed
RP913: 4/17/2012 7:44:45 PM - System Checkpoint
RP914: 4/18/2012 8:51:19 PM - System Checkpoint
RP915: 4/19/2012 10:27:09 PM - System Checkpoint
RP916: 4/20/2012 11:51:29 PM - System Checkpoint
RP917: 4/22/2012 12:44:45 AM - System Checkpoint
RP918: 4/23/2012 12:46:09 AM - System Checkpoint
RP919: 4/24/2012 2:00:36 AM - System Checkpoint
RP920: 4/25/2012 2:57:11 AM - System Checkpoint
RP921: 4/26/2012 3:44:41 AM - System Checkpoint
RP922: 4/27/2012 4:44:41 AM - System Checkpoint
RP923: 4/28/2012 5:44:41 AM - System Checkpoint
RP924: 4/29/2012 6:44:43 AM - System Checkpoint
RP925: 4/30/2012 7:44:41 AM - System Checkpoint
RP926: 5/1/2012 2:30:31 PM - System Checkpoint
RP927: 5/2/2012 6:58:18 PM - System Checkpoint
RP928: 5/3/2012 7:45:22 PM - System Checkpoint
RP929: 5/4/2012 8:44:22 PM - System Checkpoint
RP930: 5/5/2012 9:57:52 PM - System Checkpoint
RP931: 5/6/2012 10:44:22 PM - System Checkpoint
RP932: 5/8/2012 12:36:53 AM - System Checkpoint
RP933: 5/9/2012 12:56:25 AM - System Checkpoint
RP934: 5/10/2012 1:44:25 AM - System Checkpoint
RP935: 5/11/2012 2:44:25 AM - System Checkpoint
RP936: 5/12/2012 3:44:25 AM - System Checkpoint
RP937: 5/13/2012 4:44:25 AM - System Checkpoint
RP938: 5/14/2012 5:44:25 AM - System Checkpoint
RP939: 5/15/2012 5:45:30 AM - System Checkpoint
RP940: 5/16/2012 6:44:24 AM - System Checkpoint
RP941: 5/17/2012 7:44:25 AM - System Checkpoint
RP942: 5/18/2012 8:57:25 AM - System Checkpoint
RP943: 5/19/2012 9:44:25 AM - System Checkpoint
RP944: 5/28/2012 11:49:42 AM - System Checkpoint
RP945: 5/29/2012 3:24:08 PM - System Checkpoint
RP946: 5/30/2012 8:18:44 PM - System Checkpoint
RP947: 5/31/2012 9:17:29 PM - System Checkpoint
RP948: 6/1/2012 10:17:29 PM - System Checkpoint
RP949: 6/2/2012 11:17:30 PM - System Checkpoint
RP950: 6/4/2012 12:17:30 AM - System Checkpoint
RP951: 6/5/2012 1:17:30 AM - System Checkpoint
RP952: 6/6/2012 1:40:38 AM - System Checkpoint
RP953: 6/6/2012 12:19:30 PM - Removed Ask Toolbar.
RP954: 6/6/2012 12:29:17 PM - Installed AVG 2012
RP955: 6/6/2012 12:29:34 PM - Installed AVG 2012
RP956: 6/7/2012 2:05:31 PM - System Checkpoint
RP957: 6/8/2012 10:35:17 AM - Restore Operation
RP958: 6/8/2012 10:52:09 AM - Removed Java(TM) 6 Update 23
RP959: 6/8/2012 10:52:30 AM - Installed Java(TM) 6 Update 32
RP960: 6/8/2012 11:24:36 AM - Software Distribution Service 3.0
RP961: 6/8/2012 11:29:54 AM - Installed Windows Internet Explorer 8.
RP962: 6/8/2012 11:30:46 AM - Software Distribution Service 3.0
RP963: 6/8/2012 4:07:07 PM - Restore Operation
RP964: 6/8/2012 4:14:48 PM - Installed AVG 2012
RP965: 6/8/2012 4:14:59 PM - Removed AVG 2012
RP966: 6/8/2012 4:19:17 PM - Installed AVG 2012
RP967: 6/8/2012 4:19:27 PM - Removed AVG 2012
RP968: 6/12/2012 12:29:44 PM - Restore Operation
RP969: 6/12/2012 1:19:01 PM - Installed AVG 2012
RP970: 6/12/2012 1:19:12 PM - Removed AVG 2012
RP971: 6/12/2012 6:29:16 PM - Installed AVG 2012
RP972: 6/12/2012 6:29:29 PM - Removed AVG 2012
RP973: 6/13/2012 7:38:22 AM - Installed AVG 2012
RP974: 6/13/2012 7:38:38 AM - Installed AVG 2012
.
==== Installed Programs ======================
.
7200
7200_Help
7200Trb
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe Acrobat 8.1.4 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 9 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AGEIA PhysX v2.3.3
AHV content for Acrobat and Flash
AiO_Scan
AiOSoftware
AMD Processor Driver
Ask Toolbar
ATI - Software Uninstall Utility
ATI Display Driver
AVG 2012
Bing Bar Platform
BufferChm
Call of Duty(R) 2
Call of Duty(TM) Game of the Year Edition
Chinese Traditional Fonts Support For Adobe Reader 9
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CutePDF Writer 2.8
DD Tournament Poker 1.2
Destinations
Director
DisplayKEY USB Cradle
dKeyUSBCradleDriver_x86
DocProc
DocumentViewer
DVD Suite
Fax
File Uploader
Ghost Recon Advanced Warfighter
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Image Zone 4.7
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HPSystemDiagnostics
InstantShare
Java Auto Updater
Java(TM) 6 Update 29
Just Learn Morse Code
LightScribe System Software 1.12.29.2
LightScribe Template Designs - 9 to 5 Pack 1
LightScribe Template Designs - Bonus Pack 1
LightScribe Template Designs - Fantasy Pack 1
LightScribe Template Designs - Kids Korner Pack 1
LightScribe Template Designs - Mythology Pack 1
LightScribe Template Designs - Tattoo Pack 1
LightScribeTemplateLabeler
Logitech Gaming Software
Malwarebytes Anti-Malware version 1.61.0.1400
Marine Aquarium 2, Sharks & Carousel Bundle
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Publisher 2002
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox (3.5.5)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NASCAR® Racing 2003 Season
Nero 7 Essentials
neroxml
Nikon Message Center
Nikon Message Center 2
Nikon Movie Editor
Nikon Transfer
Notepad++
OCZ Technology Laser Gaming Mouse
PanoStandAlone
PC Wizard 2008.1.87
PDF Settings
PhotoGallery
Picture Control Utility
PowerArchiver 2009
PowerDVD
PowerProducer
ProductContext
QFolder
QuickTime
Readme
RealFlight G2 Simulator
Realtek High Definition Audio Driver
Scan
ScannerCopy
SecurDisc Viewer
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
ViewNX 2
WebFldrs XP
WebReg
Windows Driver Package - GE Security (silabenm) Ports (12/10/2008 5.4.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
6/14/2012 2:38:49 AM, error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).
6/13/2012 8:41:37 AM, error: DCOM [10000] - Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}. The error: "%3" Happened while starting this command: "C:\Program Files\Google\Update\1.3.21.65\GoogleUpdateOnDemand.exe" -Embedding
6/13/2012 3:03:54 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
6/13/2012 12:05:49 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 002185995894 has been denied by the DHCP server 192.168.254.254 (The DHCP Server sent a DHCPNACK message).
6/13/2012 1:30:32 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
6/13/2012 1:30:32 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The system cannot find the path specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The system cannot find the path specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The system cannot find the file specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The Nero Registry InCD Service service failed to start due to the following error: The system cannot find the file specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The AVG Free8 WatchDog service failed to start due to the following error: The system cannot find the path specified.
6/12/2012 12:32:05 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The system cannot find the file specified.
6/12/2012 12:32:05 PM, error: Service Control Manager [7000] - The AVG Free8 WatchDog service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
I hope you can help
First problem stared with an random ding dong sound like I pluged in a USB device. I tried to figure it out on my own by removing unused aplication in Add/Remove Progams and msconfig start up; I may have done more harm than good. After a week, Internet Explorer 8 started to redirect me when opening links and then started to open new windows and going to sell/medical/BS type sites on its own. Also, AVG threats while off line WINDOW\system32\ping.exe
To keep it short, here are the logs:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.14.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: SUPER-CHUCKIE [administrator]
6/14/2012 11:50:51 AM
mbam-log-2012-06-14 (11-50-51).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224426
Time elapsed: 11 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
C:\Win.Msi (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Settings (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
Files Detected: 5
C:\Win.Msi\3proxy.cfg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Win.Msi\alg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\rs.dat (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Log\2009 Jan 20 - 01_29_47 AM_453.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\AntispywareBot\Settings\ScanResults.pie (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-06-14 12:45:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5 WDC_WD2500YD-01NVB1 rev.10.02E01
Running: 6ncm6eom.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\agtorfod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Ntfs \Ntfs InCDRec.sys (InCD File System Recognizer/Nero AG)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Fastfat \Fat InCDRec.sys (InCD File System Recognizer/Nero AG)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- Processes - GMER 1.0.15 ----
Process C:\WINDOWS\system32\ping.exe (*** hidden *** ) 3892
---- EOF - GMER 1.0.15 ----
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Administrator at 12:57:24 on 2012-06-14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2773 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\dKEYUSBCradle\SyncService.exe
C:\dKEYUSBCradle\ProxyDaemon.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\dKEYUSBCradle\stunnel-4.10.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\OCZ Technology\Mouse\Amoumain.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\dKEYUSBCradle\SyncInfoApp.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Start WingMan Profiler] "c:\program files\logitech\profiler\lwemon.exe" /noui
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [PowerArchiver Tray] c:\program files\powerarchiver\PASTARTER.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [WheelMouse] c:\program files\ocz technology\mouse\Amoumain.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\nikonm~1.lnk - c:\program files\common files\nikon\monitor\NkMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\displa~1.lnk - c:\dkeyusbcradle\SyncInfoApp.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Locate Spot on Map by GPS - c:\program files\opanda\iexif 2.3\IExifMap.htm
IE: Lookup on Merriam Webster
IE: Lookup on Wikipedia
IE: View Exif/GPS/IPTC with IExif - c:\program files\opanda\iexif 2.3\IExifCom.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
LSP: mswsock.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227396431828
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\0l4hw7l5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc6d1b5&v=6.010.006.004&I=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\npjpi160_32.dll
FF - plugin: c:\program files\java\jre6\bin\npoji610.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 AvgLdx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 AvgMfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 AvgTdiX;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 silabenm;GE Supra DisplayKey USB Cradle Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2011-7-6 24584]
R3 silabser;GE Supra DisplayKey USB Cradle Driver;c:\windows\system32\drivers\silabser.sys [2011-7-6 69256]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe --> c:\progra~1\avg\avg8\avgemc.exe [?]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe --> c:\progra~1\avg\avg8\avgwdsvc.exe [?]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-11 136176]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero 7\incd\nbhregincdsrv.exe --> c:\program files\nero\nero 7\incd\NBHRegInCDSrv.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 257224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-11 136176]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
.
=============== Created Last 30 ================
.
2012-06-14 15:46:02 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2012-06-14 15:38:19 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-06-14 15:38:18 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-14 15:38:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-13 13:34:01 1409 ----a-w- c:\windows\QTFont.for
2012-06-12 16:30:30 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-06-12 16:30:30 -------- d-----w- c:\windows\system32\wbem\Repository
2012-06-08 15:30:35 -------- d-----w- c:\documents and settings\administrator\local settings\application data\PCHealth
2012-06-08 15:28:26 -------- dc-h--w- c:\windows\ie8
2012-06-08 14:52:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-08 14:52:47 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-06 16:39:18 -------- d-----w- c:\documents and settings\administrator\application data\AVG
2012-06-06 16:31:25 -------- d-----w- c:\documents and settings\administrator\application data\AVG2012
2012-06-06 16:29:51 -------- d-----w- c:\windows\system32\drivers\AVG
2012-06-06 16:29:51 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin7.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin6.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2012-06-06 15:31:02 131072 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2012-05-31 17:48:56 -------- d-----w- c:\program files\EZ Fonts
.
==================== Find3M ====================
.
2012-06-13 17:44:44 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 17:44:44 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-08 14:52:35 472864 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-19 08:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-03-19 09:17:28 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 12:57:49.76 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/22/2008 4:55:26 PM
System Uptime: 6/14/2012 12:17:45 PM (0 hours ago)
.
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | MS-7550
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5400+ | CPU1 | 2800/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 112 GiB total, 66.875 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP881: 3/17/2012 2:09:56 AM - System Checkpoint
RP882: 3/18/2012 2:37:54 AM - System Checkpoint
RP883: 3/19/2012 3:35:03 AM - System Checkpoint
RP884: 3/20/2012 3:37:54 AM - System Checkpoint
RP885: 3/21/2012 4:37:54 AM - System Checkpoint
RP886: 3/22/2012 5:37:57 AM - System Checkpoint
RP887: 3/23/2012 6:37:54 AM - System Checkpoint
RP888: 3/24/2012 7:57:43 AM - System Checkpoint
RP889: 3/25/2012 8:38:59 AM - System Checkpoint
RP890: 3/26/2012 9:37:54 AM - System Checkpoint
RP891: 3/27/2012 6:39:42 PM - System Checkpoint
RP892: 3/28/2012 8:34:13 PM - System Checkpoint
RP893: 3/29/2012 8:37:51 PM - System Checkpoint
RP894: 3/30/2012 9:44:43 PM - System Checkpoint
RP895: 3/31/2012 10:27:14 PM - System Checkpoint
RP896: 4/1/2012 11:27:14 PM - System Checkpoint
RP897: 4/2/2012 11:28:36 PM - System Checkpoint
RP898: 4/4/2012 12:36:10 AM - System Checkpoint
RP899: 4/5/2012 2:36:41 AM - System Checkpoint
RP900: 4/6/2012 3:11:30 AM - System Checkpoint
RP901: 4/7/2012 4:11:30 AM - System Checkpoint
RP902: 4/8/2012 5:11:09 AM - System Checkpoint
RP903: 4/9/2012 5:11:30 AM - System Checkpoint
RP904: 4/10/2012 6:11:25 AM - System Checkpoint
RP905: 4/11/2012 7:11:25 AM - System Checkpoint
RP906: 4/12/2012 8:11:25 AM - System Checkpoint
RP907: 4/13/2012 8:21:16 AM - System Checkpoint
RP908: 4/14/2012 9:11:25 AM - System Checkpoint
RP909: 4/15/2012 10:56:03 AM - System Checkpoint
RP910: 4/16/2012 4:22:30 PM - System Checkpoint
RP911: 4/16/2012 6:50:17 PM - Removed HP Software Update
RP912: 4/16/2012 7:23:44 PM - Printer Driver HP Officejet 4500 G510n-z fax Installed
RP913: 4/17/2012 7:44:45 PM - System Checkpoint
RP914: 4/18/2012 8:51:19 PM - System Checkpoint
RP915: 4/19/2012 10:27:09 PM - System Checkpoint
RP916: 4/20/2012 11:51:29 PM - System Checkpoint
RP917: 4/22/2012 12:44:45 AM - System Checkpoint
RP918: 4/23/2012 12:46:09 AM - System Checkpoint
RP919: 4/24/2012 2:00:36 AM - System Checkpoint
RP920: 4/25/2012 2:57:11 AM - System Checkpoint
RP921: 4/26/2012 3:44:41 AM - System Checkpoint
RP922: 4/27/2012 4:44:41 AM - System Checkpoint
RP923: 4/28/2012 5:44:41 AM - System Checkpoint
RP924: 4/29/2012 6:44:43 AM - System Checkpoint
RP925: 4/30/2012 7:44:41 AM - System Checkpoint
RP926: 5/1/2012 2:30:31 PM - System Checkpoint
RP927: 5/2/2012 6:58:18 PM - System Checkpoint
RP928: 5/3/2012 7:45:22 PM - System Checkpoint
RP929: 5/4/2012 8:44:22 PM - System Checkpoint
RP930: 5/5/2012 9:57:52 PM - System Checkpoint
RP931: 5/6/2012 10:44:22 PM - System Checkpoint
RP932: 5/8/2012 12:36:53 AM - System Checkpoint
RP933: 5/9/2012 12:56:25 AM - System Checkpoint
RP934: 5/10/2012 1:44:25 AM - System Checkpoint
RP935: 5/11/2012 2:44:25 AM - System Checkpoint
RP936: 5/12/2012 3:44:25 AM - System Checkpoint
RP937: 5/13/2012 4:44:25 AM - System Checkpoint
RP938: 5/14/2012 5:44:25 AM - System Checkpoint
RP939: 5/15/2012 5:45:30 AM - System Checkpoint
RP940: 5/16/2012 6:44:24 AM - System Checkpoint
RP941: 5/17/2012 7:44:25 AM - System Checkpoint
RP942: 5/18/2012 8:57:25 AM - System Checkpoint
RP943: 5/19/2012 9:44:25 AM - System Checkpoint
RP944: 5/28/2012 11:49:42 AM - System Checkpoint
RP945: 5/29/2012 3:24:08 PM - System Checkpoint
RP946: 5/30/2012 8:18:44 PM - System Checkpoint
RP947: 5/31/2012 9:17:29 PM - System Checkpoint
RP948: 6/1/2012 10:17:29 PM - System Checkpoint
RP949: 6/2/2012 11:17:30 PM - System Checkpoint
RP950: 6/4/2012 12:17:30 AM - System Checkpoint
RP951: 6/5/2012 1:17:30 AM - System Checkpoint
RP952: 6/6/2012 1:40:38 AM - System Checkpoint
RP953: 6/6/2012 12:19:30 PM - Removed Ask Toolbar.
RP954: 6/6/2012 12:29:17 PM - Installed AVG 2012
RP955: 6/6/2012 12:29:34 PM - Installed AVG 2012
RP956: 6/7/2012 2:05:31 PM - System Checkpoint
RP957: 6/8/2012 10:35:17 AM - Restore Operation
RP958: 6/8/2012 10:52:09 AM - Removed Java(TM) 6 Update 23
RP959: 6/8/2012 10:52:30 AM - Installed Java(TM) 6 Update 32
RP960: 6/8/2012 11:24:36 AM - Software Distribution Service 3.0
RP961: 6/8/2012 11:29:54 AM - Installed Windows Internet Explorer 8.
RP962: 6/8/2012 11:30:46 AM - Software Distribution Service 3.0
RP963: 6/8/2012 4:07:07 PM - Restore Operation
RP964: 6/8/2012 4:14:48 PM - Installed AVG 2012
RP965: 6/8/2012 4:14:59 PM - Removed AVG 2012
RP966: 6/8/2012 4:19:17 PM - Installed AVG 2012
RP967: 6/8/2012 4:19:27 PM - Removed AVG 2012
RP968: 6/12/2012 12:29:44 PM - Restore Operation
RP969: 6/12/2012 1:19:01 PM - Installed AVG 2012
RP970: 6/12/2012 1:19:12 PM - Removed AVG 2012
RP971: 6/12/2012 6:29:16 PM - Installed AVG 2012
RP972: 6/12/2012 6:29:29 PM - Removed AVG 2012
RP973: 6/13/2012 7:38:22 AM - Installed AVG 2012
RP974: 6/13/2012 7:38:38 AM - Installed AVG 2012
.
==== Installed Programs ======================
.
7200
7200_Help
7200Trb
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe Acrobat 8.1.4 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 9 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AGEIA PhysX v2.3.3
AHV content for Acrobat and Flash
AiO_Scan
AiOSoftware
AMD Processor Driver
Ask Toolbar
ATI - Software Uninstall Utility
ATI Display Driver
AVG 2012
Bing Bar Platform
BufferChm
Call of Duty(R) 2
Call of Duty(TM) Game of the Year Edition
Chinese Traditional Fonts Support For Adobe Reader 9
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CutePDF Writer 2.8
DD Tournament Poker 1.2
Destinations
Director
DisplayKEY USB Cradle
dKeyUSBCradleDriver_x86
DocProc
DocumentViewer
DVD Suite
Fax
File Uploader
Ghost Recon Advanced Warfighter
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Image Zone 4.7
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HPSystemDiagnostics
InstantShare
Java Auto Updater
Java(TM) 6 Update 29
Just Learn Morse Code
LightScribe System Software 1.12.29.2
LightScribe Template Designs - 9 to 5 Pack 1
LightScribe Template Designs - Bonus Pack 1
LightScribe Template Designs - Fantasy Pack 1
LightScribe Template Designs - Kids Korner Pack 1
LightScribe Template Designs - Mythology Pack 1
LightScribe Template Designs - Tattoo Pack 1
LightScribeTemplateLabeler
Logitech Gaming Software
Malwarebytes Anti-Malware version 1.61.0.1400
Marine Aquarium 2, Sharks & Carousel Bundle
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Publisher 2002
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox (3.5.5)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NASCAR® Racing 2003 Season
Nero 7 Essentials
neroxml
Nikon Message Center
Nikon Message Center 2
Nikon Movie Editor
Nikon Transfer
Notepad++
OCZ Technology Laser Gaming Mouse
PanoStandAlone
PC Wizard 2008.1.87
PDF Settings
PhotoGallery
Picture Control Utility
PowerArchiver 2009
PowerDVD
PowerProducer
ProductContext
QFolder
QuickTime
Readme
RealFlight G2 Simulator
Realtek High Definition Audio Driver
Scan
ScannerCopy
SecurDisc Viewer
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
ViewNX 2
WebFldrs XP
WebReg
Windows Driver Package - GE Security (silabenm) Ports (12/10/2008 5.4.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
6/14/2012 2:38:49 AM, error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).
6/13/2012 8:41:37 AM, error: DCOM [10000] - Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}. The error: "%3" Happened while starting this command: "C:\Program Files\Google\Update\1.3.21.65\GoogleUpdateOnDemand.exe" -Embedding
6/13/2012 3:03:54 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
6/13/2012 12:05:49 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 002185995894 has been denied by the DHCP server 192.168.254.254 (The DHCP Server sent a DHCPNACK message).
6/13/2012 1:30:32 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
6/13/2012 1:30:32 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The system cannot find the path specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The system cannot find the path specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The system cannot find the file specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The Nero Registry InCD Service service failed to start due to the following error: The system cannot find the file specified.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/13/2012 1:30:32 PM, error: Service Control Manager [7000] - The AVG Free8 WatchDog service failed to start due to the following error: The system cannot find the path specified.
6/12/2012 12:32:05 PM, error: Service Control Manager [7001] - The AVG Free8 E-mail Scanner service depends on the AVG Free8 WatchDog service which failed to start because of the following error: The system cannot find the file specified.
6/12/2012 12:32:05 PM, error: Service Control Manager [7000] - The AVG Free8 WatchDog service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
I hope you can help