Newbie here. Thanks so much for your help in advance, I appreciate it.
Computer started taking a lifetime to boot, over 45 minutes, in all modes.
Here are the 5-step logs:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.30.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: HOME [administrator]
1/30/2012 12:12:52 AM
mbam-log-2012-01-29 (13-20-16).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 455874
Time elapsed: 13 hour(s), 57 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
Z:\Documents\Application Setups\Ultimate Add-In SetUp.exe (Adware.Onlinegames) -> No action taken.
(end)
Note on GMER - I had to uninstall AVG because it would only let me disable it for a short time.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-02-01 07:31:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 rev.
Running: m G E R Rootkit Malware cqe3jsku.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pxtdipow.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs GBFSHook.SYS (Norton GoBack File System Hook Driver/Symantec Corporation)
---- Services - GMER 1.0.15 ----
Service system32\DRIVERS\AVGIDSDriver.Sys (*** hidden *** ) [DISABLED] AVGIDSDriver <-- ROOTKIT !!!
Service system32\DRIVERS\AVGIDSEH.Sys (*** hidden *** ) [DISABLED] AVGIDSEH <-- ROOTKIT !!!
Service system32\DRIVERS\AVGIDSFilter.Sys (*** hidden *** ) [DISABLED] AVGIDSFilter <-- ROOTKIT !!!
Service system32\DRIVERS\AVGIDSShim.Sys (*** hidden *** ) [DISABLED] AVGIDSShim <-- ROOTKIT !!!
Service system32\DRIVERS\avgrkx86.sys (*** hidden *** ) [DISABLED] Avgrkx86 <-- ROOTKIT !!!
Service system32\DRIVERS\avgtdix.sys (*** hidden *** ) [DISABLED] Avgtdix <-- ROOTKIT !!!
Service C:\WINDOWS\System32\drivers\ws2ifsl.sys (*** hidden *** ) [DISABLED] WS2IFSL <-- ROOTKIT !!!
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Owner at 9:14:46 on 2012-02-01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1407.753 [GMT -7:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\vtigercrm-5.3.0\apache\bin\Apache.exe
C:\Program Files\vtigercrm-5.3.0\apache\bin\Apache.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Stickies\stickies.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Windows Internet Explorer provided by MSN & Bing
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {00000000-0000-0000-0000-000000000000} - No File
EB: DzSoft Favorites Search: {4dc701a0-93ad-11d4-a15b-af07886e4a07} - c:\progra~1\dzsoft\favori~1\FavSeek.dll
uRun: [Norton SystemWorks] "c:\program files\norton systemworks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /Manual
mRun: [tsnpstd3] c:\windows\tsnpstd3.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [snpstd3] c:\windows\vsnpstd3.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [readericon] c:\program files\digital media reader\readericon45G.exe
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [CHotkey] zHotkey.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\stickies.lnk - c:\program files\stickies\stickies.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\norton~1.lnk - c:\program files\norton systemworks\norton goback\GBTray.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoWinKeys = 01000000
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {FF925300-80E6-11D4-A15B-FFF9086C1A3C} - {4DC701A0-93AD-11D4-A15B-AF07886E4A07} - c:\progra~1\dzsoft\favori~1\FavSeek.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} - hxxps://quickplace.udayton.edu/qp2.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxps://a248.e.akamai.net/f/248/14778/2h/dlmanager.download.akamai.com/14778/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262723239101
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxps://www.nationalcreditors.com/WebSys/ClientView/ImgUpload/WebResource.axd?d=GytY9R4STKzC3lLU1wlNZ4r-HV8_ZLkisQPFodoEh16IQJmykBiJoAXQCHkacZRiWR348vHa2qDByU-ViUxqFBil0Ix2bk5X8NznN4ub8XziVq0SUvgsY9WnoUXQa4hwKL-hgBj1EHiPkHDF0IIGWa-Vkbq7nTHfCBTmwz1RUJMIKTQq0&t=633888745160000000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8A6CF531-58D6-443C-BB7A-D36A313A8590} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\8xpjm4e6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.wsj.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20111101&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Toolbar Buttons: {03B08592-E5B4-45ff-A0BE-C1D975458688} - %profile%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
.
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-11-15 497496]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-1-31 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2012-1-31 269480]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2012-1-31 428200]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2004-8-28 197992]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-8-28 181608]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2012-1-16 198136]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-27 2214504]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2010-1-5 819352]
R2 vtigercrmApache530;vtigercrmApache530;c:\program files\vtigercrm-5.3.0\apache\bin\Apache.exe [2009-5-8 20541]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-14 136176]
S3 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-9-10 18432]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2004-8-28 79208]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-1-20 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-14 136176]
S3 postgresql-9.1;postgresql-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N "postgresql-9.1" -D "C:/Program Files/PostgreSQL/9.1/data" -w --> C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-9.1 [?]
S3 Tomcat6;Apache Tomcat 6.0 Tomcat6;c:\program files\apache software foundation\tomcat 6.0\bin\Tomcat6.exe [2011-11-28 74752]
S3 UWS HiPriv Services;UWS HiPriv Services;c:\program files\ultidev\web server\UWS.HighPrivilegeUtilities.exe [2011-12-4 48128]
S3 UWS LoPriv Services;UWS LoPriv Services;c:\program files\ultidev\web server\UWS.LowPrivilegeUtilities.exe [2011-12-4 44032]
S3 vtigercrmMysql530;vtigercrmMysql530;"c:\program files\vtigercrm-5.3.0\mysql\bin\mysqld-nt" "--defaults-file=c:\program files\vtigercrm-5.3.0\mysql\my.ini" vtigercrmmysql530 --> c:\program files\vtigercrm-5.3.0\mysql\bin\mysqld-nt [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2010-1-5 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 DTADataTransfer;DTADataTransfer;c:\program files\latitude software\active assets suite\DTADataTransfer.exe [2006-3-14 45056]
S4 DTAEngine;DTAEngine;c:\program files\latitude software\active assets suite\DTAEngine.exe [2006-6-2 585728]
S4 DTATaskProcessorNET;DTATaskProcessorNET;c:\program files\latitude software\dtataskprocessornet\DTATaskProcessorNET.exe [2006-6-29 114688]
S4 UltiDev Web Server Pro;UltiDev Web Server Pro;c:\program files\ultidev\web server\UltiDev.WebServer.Monitor.exe [2011-12-4 64512]
.
=============== Created Last 30 ================
.
2012-02-01 14:33:42 -------- d-----w- c:\documents and settings\owner\application data\AskToolbar
2012-02-01 01:38:46 -------- d-----w- c:\documents and settings\owner\local settings\application data\AskToolbar
2012-01-31 23:14:07 -------- d-----w- c:\program files\Ask.com
2012-01-31 20:32:48 -------- d-----w- c:\documents and settings\owner\application data\Avira
2012-01-31 20:23:08 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-01-31 20:22:57 -------- d-----w- c:\program files\Avira
2012-01-31 20:22:57 -------- d-----w- c:\documents and settings\all users\application data\Avira
2012-01-28 22:55:54 -------- d-----w- c:\program files\PodSync.com
2012-01-28 02:28:34 -------- d-----w- C:\xampp
2012-01-27 19:43:30 114 ----a-w- c:\windows\restartSQL.cmd
2012-01-27 17:28:57 -------- d-----w- c:\program files\BillP Studios
2012-01-27 04:49:52 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-01-27 00:49:51 -------- d-----w- c:\program files\Microsoft SQL Server
2012-01-26 06:42:14 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2012-01-25 23:14:31 -------- d-----w- c:\documents and settings\owner\local settings\application data\UltiDev_LLC
2012-01-25 20:40:41 -------- d-----w- c:\documents and settings\all users\application data\Caphyon
2012-01-25 20:40:21 -------- d-----w- c:\documents and settings\all users\application data\UltiDev
2012-01-25 20:40:10 -------- d-----w- c:\program files\UltiDev
2012-01-25 06:45:49 -------- d-----w- c:\windows\system32\Resources
2012-01-25 06:45:22 -------- d-----w- c:\program files\Latitude Software
2012-01-25 06:45:22 -------- d-----w- c:\program files\Crystal Decisions
2012-01-25 06:45:22 -------- d-----w- c:\program files\common files\Crystal Decisions
2012-01-25 06:31:28 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2012-01-25 00:29:06 89952 ----a-w- c:\windows\system32\SQSRVRES.DLL
2012-01-24 23:33:33 -------- d-----w- c:\documents and settings\owner\local settings\application data\Microsoft_Corporation
2012-01-24 22:52:53 348256 ----a-w- c:\documents and settings\all users\application data\microsoft\vstahost\ssis_scriptcomponent\9.0\1033\ResourceCache.dll
2012-01-24 22:52:23 348256 ----a-w- c:\documents and settings\all users\application data\microsoft\vstahost\ssis_scripttask\9.0\1033\ResourceCache.dll
2012-01-24 22:27:56 416 ----a-w- c:\documents and settings\all users\application data\microsoft\msdn\9.0\1033\ResourceCache.dll
2012-01-24 18:33:46 -------- d-----w- c:\documents and settings\owner\application data\Mael
2012-01-24 18:29:39 -------- d-----w- c:\program files\HxD
2012-01-23 05:58:01 -------- d-----w- c:\program files\Brain Workshop
2012-01-22 21:57:24 -------- d-----w- c:\program files\Jello.Dashboard 5
2012-01-20 02:06:25 -------- d-----w- c:\documents and settings\owner\application data\WinPatrol
2012-01-19 06:08:33 -------- d-----w- c:\program files\PowerISO
2012-01-16 23:08:04 -------- d-----w- C:\wamp
2012-01-16 19:29:59 -------- d-----w- c:\program files\Apache Software Foundation
2012-01-16 18:55:59 -------- d-----w- c:\documents and settings\owner\application data\postgresql
2012-01-16 18:49:11 -------- d-----w- c:\program files\PostgreSQL
2012-01-16 18:01:29 -------- d-----w- c:\program files\common files\Nitro PDF
2012-01-12 23:42:41 -------- d-----w- c:\program files\VS Revo Group 2 Vtiger stuff
2012-01-11 21:03:55 -------- d-----w- c:\program files\vtigercrm-5.3.0
2012-01-07 00:08:02 -------- d-----w- c:\program files\WTF
2012-01-06 00:14:39 -------- d-----w- c:\documents and settings\owner\DoctorWeb
2012-01-05 00:22:53 -------- d-----w- c:\documents and settings\owner\local settings\application data\CutePDF Writer
2012-01-05 00:20:43 -------- d-----w- c:\program files\GPLGS
2012-01-05 00:19:59 87552 ----a-w- c:\windows\system32\cpwmon2k.dll
2012-01-05 00:18:39 -------- d-----w- c:\program files\Acro Software
2012-01-05 00:17:56 -------- d-----w- c:\documents and settings\owner\local settings\application data\APN
2012-01-04 21:54:10 -------- d-----w- c:\documents and settings\owner\application data\.jxProject
2012-01-04 21:53:42 -------- d-----w- c:\program files\jxProject_2.6.1.2
2012-01-04 20:44:19 -------- d-----w- c:\documents and settings\owner\application data\OpenOffice.org
2012-01-04 20:31:55 -------- d-----w- c:\program files\OpenOffice.org 3
2012-01-04 20:17:55 -------- d-----w- c:\program files\PlotSoft
2012-01-03 13:10:44 182672 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2012-01-27 19:29:29 134 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-01-16 15:43:40 18936 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-10 17:11:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-12 03:49:39 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-12-10 22:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-07 17:24:11 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-07 17:24:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 22:19:57 200 ----a-w- c:\documents and settings\owner\advanced_ip_scanner_MAC.bin
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-11 22:26:56 94720 ----a-w- c:\windows\MsiZap.exe
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe GoBack2K.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
c:\windows\system32\drivers\GoBack2K.sys Symantec Corporation Norton GoBack
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8DEE8388]
3 CLASSPNP[0xBA168FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000096[0x8DF76D38]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8DEBE940]
kernel: MBR read successfully
_asm { CALL 0x56; }
user != kernel MBR !!!
.
============= FINISH: 9:16:50.02 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/5/2010 12:10:40 PM
System Uptime: 1/31/2012 6:56:38 PM (15 hours ago)
.
Motherboard: To be filled by O.E.M. | | MS-7207G
Processor: AMD Athlon(tm) 64 Processor 3500+ | CPU 1 | 2210/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 49 GiB total, 5.882 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 26 GiB total, 15.99 GiB free.
J: is CDROM ()
K: is CDROM ()
Z: is FIXED (NTFS) - 74 GiB total, 5.827 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: USB camera
Device ID: USB\VID_0C45&PID_60FE&MI_00\6&21D47361&1&0000
Manufacturer:
Name: USB camera
PNP Device ID: USB\VID_0C45&PID_60FE&MI_00\6&21D47361&1&0000
Service:
.
==== System Restore Points ===================
.
RP1143: 1/28/2012 7:17:09 PM - Revo Uninstaller Pro's restore point - Avira AntiVir Personal - Free Antivirus
RP1144: 1/29/2012 8:00:04 PM - System Checkpoint
RP1145: 1/30/2012 8:02:08 PM - System Checkpoint
RP1146: 1/30/2012 11:33:55 PM - Revo Uninstaller Pro's restore point - AVG 2012
RP1147: 1/30/2012 11:38:51 PM - Removed AVG 2012
RP1148: 1/30/2012 11:42:16 PM - Removed AVG 2012
RP1149: 1/31/2012 1:22:57 PM - Avira AntiVir Personal - 1/31/2012 13:21
.
==== Installed Programs ======================
.
7-Zip 9.20
Active Assets Suite
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
Advanced IP Scanner
Advanced SystemCare 5
Amazon MP3 Downloader 1.0.12
Apache Tomcat 6.0 Tomcat6 (remove only)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASAP Utilities
Ask Toolbar
Audacity 1.2.6
Auslogics Disk Defrag
Auslogics Duplicate File Finder
AutoHotkey 1.1.03.00
Avira AntiVir Personal - Free Antivirus
Avira SearchFree Toolbar plus Web Protection Updater
BackRex Internet Explorer Backup
Belarc Advisor 8.2
BitTorrent
Bonjour
Brain Workshop 4.8.1
ccCommon
Cisco Network Magic
ConvertHelper 2.2
CPUID CPU-Z 1.58
CutePDF Writer 2.8
Digital Media Reader
Duplicate Cleaner 2.0.6
DVD Solution
DzSoft Favorites Search 2.1
FastStone Image Viewer 4.2
Fiesta
FileOpenPatcher
FileWizard
Foxit PDF IFilter
Foxit Reader
Google Chrome
Google Desktop
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Product Detection
HxD Hex Editor version 1.7.7.0
Image Resizer Powertoy Clone for Windows
Internet Explorer (Enable DEP)
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 29
Jello.Dashboard 5.25.2 beta (Astral)
jxProject_2.6.1.2
Karen's Directory Printer
Karen's Registry Pruner
Kernel Outlook PST Viewer ver 10.09.01
LAME v3.98.3 for Audacity
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Local Port Scanner v1.2.2
Malwarebytes Anti-Malware version 1.60.0.1800
MapleStory
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Bootvis
Microsoft IntelliPoint 7.1
Microsoft IntelliType Pro 8.0
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft Office 2003 Resource Kit
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Converter Pack
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 (BITROCKMSSQL)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Basic PowerPacks 1.2
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Module for JSON Format
MozBackup 1.4.10
Mozilla Firefox (3.6.25)
MRU-Blaster v1.5 (Database 3/28/2004)
MSRedist
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Keyboard Driver
Network Magic
Nexon Game Manager
Nitro Reader 2
Norton GoBack 4.02 (Symantec Corporation)
Norton SystemWorks
Norton SystemWorks 2005
Norton SystemWorks 2005 (Symantec Corporation)
NSW_DRM_COLLECTION
NVIDIA Control Panel 275.33
NVIDIA Drivers
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA Update 1.3.5
NVIDIA Update Components
OpenOffice.org 3.3
Outlook Times Addin 1.1
OutlookTools 2
Pale Moon 7.0.1 (x86 en-US)
Pando Media Booster
PandoraRecovery (Remove Only)
PDFill FREE PDF Tools
PostgreSQL 9.1
Power2Go 4.0
PowerDVD
PowerISO
PrimoPDF -- brought to you by Nitro PDF Software
Pure Networks Platform
QuickTime
Real Estate Finance and Investments
Realtek High Definition Audio Driver
RegToy 0.7.4.1
Revo Uninstaller 1.92
Revo Uninstaller Pro 2.5.7
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SIW version 2011.05.26
Skype web features
Skype™ 4.2
SlimDrivers
Spybot - Search & Destroy
Stickies 7.1a
System Requirements Lab
Tiny Time Tracker
TreeSize Free V2.5
Tweak UI
TweakGDS version 1.1.3
UltiDev Web Server Pro
Uninstall Startup Inspector
Universal Viewer
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
V CAST Music with Rhapsody
VirtualLab Client 5.7.5
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VLC media player 1.1.8
vtigercrm-5.3.0
W Photo Studio
WAPT
WebFldrs XP
What's Running 3.0
Windows Backup Utility
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Service Pack 3
Wizard101
WonderKing
XAMPP 1.7.7
Xvid 1.2.2 final uninstall
Yu-Gi-Oh! ONLINE 3
.
Balance of log in next post
Computer started taking a lifetime to boot, over 45 minutes, in all modes.
Here are the 5-step logs:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.30.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: HOME [administrator]
1/30/2012 12:12:52 AM
mbam-log-2012-01-29 (13-20-16).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 455874
Time elapsed: 13 hour(s), 57 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
Z:\Documents\Application Setups\Ultimate Add-In SetUp.exe (Adware.Onlinegames) -> No action taken.
(end)
Note on GMER - I had to uninstall AVG because it would only let me disable it for a short time.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-02-01 07:31:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 rev.
Running: m G E R Rootkit Malware cqe3jsku.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pxtdipow.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs GBFSHook.SYS (Norton GoBack File System Hook Driver/Symantec Corporation)
---- Services - GMER 1.0.15 ----
Service system32\DRIVERS\AVGIDSDriver.Sys (*** hidden *** ) [DISABLED] AVGIDSDriver <-- ROOTKIT !!!
Service system32\DRIVERS\AVGIDSEH.Sys (*** hidden *** ) [DISABLED] AVGIDSEH <-- ROOTKIT !!!
Service system32\DRIVERS\AVGIDSFilter.Sys (*** hidden *** ) [DISABLED] AVGIDSFilter <-- ROOTKIT !!!
Service system32\DRIVERS\AVGIDSShim.Sys (*** hidden *** ) [DISABLED] AVGIDSShim <-- ROOTKIT !!!
Service system32\DRIVERS\avgrkx86.sys (*** hidden *** ) [DISABLED] Avgrkx86 <-- ROOTKIT !!!
Service system32\DRIVERS\avgtdix.sys (*** hidden *** ) [DISABLED] Avgtdix <-- ROOTKIT !!!
Service C:\WINDOWS\System32\drivers\ws2ifsl.sys (*** hidden *** ) [DISABLED] WS2IFSL <-- ROOTKIT !!!
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Owner at 9:14:46 on 2012-02-01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1407.753 [GMT -7:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\vtigercrm-5.3.0\apache\bin\Apache.exe
C:\Program Files\vtigercrm-5.3.0\apache\bin\Apache.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Stickies\stickies.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Windows Internet Explorer provided by MSN & Bing
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {00000000-0000-0000-0000-000000000000} - No File
EB: DzSoft Favorites Search: {4dc701a0-93ad-11d4-a15b-af07886e4a07} - c:\progra~1\dzsoft\favori~1\FavSeek.dll
uRun: [Norton SystemWorks] "c:\program files\norton systemworks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /Manual
mRun: [tsnpstd3] c:\windows\tsnpstd3.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [snpstd3] c:\windows\vsnpstd3.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [readericon] c:\program files\digital media reader\readericon45G.exe
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [CHotkey] zHotkey.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\stickies.lnk - c:\program files\stickies\stickies.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\norton~1.lnk - c:\program files\norton systemworks\norton goback\GBTray.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoWinKeys = 01000000
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {FF925300-80E6-11D4-A15B-FFF9086C1A3C} - {4DC701A0-93AD-11D4-A15B-AF07886E4A07} - c:\progra~1\dzsoft\favori~1\FavSeek.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} - hxxps://quickplace.udayton.edu/qp2.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxps://a248.e.akamai.net/f/248/14778/2h/dlmanager.download.akamai.com/14778/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262723239101
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxps://www.nationalcreditors.com/WebSys/ClientView/ImgUpload/WebResource.axd?d=GytY9R4STKzC3lLU1wlNZ4r-HV8_ZLkisQPFodoEh16IQJmykBiJoAXQCHkacZRiWR348vHa2qDByU-ViUxqFBil0Ix2bk5X8NznN4ub8XziVq0SUvgsY9WnoUXQa4hwKL-hgBj1EHiPkHDF0IIGWa-Vkbq7nTHfCBTmwz1RUJMIKTQq0&t=633888745160000000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8A6CF531-58D6-443C-BB7A-D36A313A8590} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\8xpjm4e6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.wsj.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20111101&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Toolbar Buttons: {03B08592-E5B4-45ff-A0BE-C1D975458688} - %profile%\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
.
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-11-15 497496]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-1-31 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2012-1-31 269480]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2012-1-31 428200]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2004-8-28 197992]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-8-28 181608]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2012-1-16 198136]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-27 2214504]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2010-1-5 819352]
R2 vtigercrmApache530;vtigercrmApache530;c:\program files\vtigercrm-5.3.0\apache\bin\Apache.exe [2009-5-8 20541]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-14 136176]
S3 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-9-10 18432]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2004-8-28 79208]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-1-20 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-14 136176]
S3 postgresql-9.1;postgresql-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N "postgresql-9.1" -D "C:/Program Files/PostgreSQL/9.1/data" -w --> C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-9.1 [?]
S3 Tomcat6;Apache Tomcat 6.0 Tomcat6;c:\program files\apache software foundation\tomcat 6.0\bin\Tomcat6.exe [2011-11-28 74752]
S3 UWS HiPriv Services;UWS HiPriv Services;c:\program files\ultidev\web server\UWS.HighPrivilegeUtilities.exe [2011-12-4 48128]
S3 UWS LoPriv Services;UWS LoPriv Services;c:\program files\ultidev\web server\UWS.LowPrivilegeUtilities.exe [2011-12-4 44032]
S3 vtigercrmMysql530;vtigercrmMysql530;"c:\program files\vtigercrm-5.3.0\mysql\bin\mysqld-nt" "--defaults-file=c:\program files\vtigercrm-5.3.0\mysql\my.ini" vtigercrmmysql530 --> c:\program files\vtigercrm-5.3.0\mysql\bin\mysqld-nt [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2010-1-5 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 DTADataTransfer;DTADataTransfer;c:\program files\latitude software\active assets suite\DTADataTransfer.exe [2006-3-14 45056]
S4 DTAEngine;DTAEngine;c:\program files\latitude software\active assets suite\DTAEngine.exe [2006-6-2 585728]
S4 DTATaskProcessorNET;DTATaskProcessorNET;c:\program files\latitude software\dtataskprocessornet\DTATaskProcessorNET.exe [2006-6-29 114688]
S4 UltiDev Web Server Pro;UltiDev Web Server Pro;c:\program files\ultidev\web server\UltiDev.WebServer.Monitor.exe [2011-12-4 64512]
.
=============== Created Last 30 ================
.
2012-02-01 14:33:42 -------- d-----w- c:\documents and settings\owner\application data\AskToolbar
2012-02-01 01:38:46 -------- d-----w- c:\documents and settings\owner\local settings\application data\AskToolbar
2012-01-31 23:14:07 -------- d-----w- c:\program files\Ask.com
2012-01-31 20:32:48 -------- d-----w- c:\documents and settings\owner\application data\Avira
2012-01-31 20:23:08 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-01-31 20:22:57 -------- d-----w- c:\program files\Avira
2012-01-31 20:22:57 -------- d-----w- c:\documents and settings\all users\application data\Avira
2012-01-28 22:55:54 -------- d-----w- c:\program files\PodSync.com
2012-01-28 02:28:34 -------- d-----w- C:\xampp
2012-01-27 19:43:30 114 ----a-w- c:\windows\restartSQL.cmd
2012-01-27 17:28:57 -------- d-----w- c:\program files\BillP Studios
2012-01-27 04:49:52 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-01-27 00:49:51 -------- d-----w- c:\program files\Microsoft SQL Server
2012-01-26 06:42:14 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2012-01-25 23:14:31 -------- d-----w- c:\documents and settings\owner\local settings\application data\UltiDev_LLC
2012-01-25 20:40:41 -------- d-----w- c:\documents and settings\all users\application data\Caphyon
2012-01-25 20:40:21 -------- d-----w- c:\documents and settings\all users\application data\UltiDev
2012-01-25 20:40:10 -------- d-----w- c:\program files\UltiDev
2012-01-25 06:45:49 -------- d-----w- c:\windows\system32\Resources
2012-01-25 06:45:22 -------- d-----w- c:\program files\Latitude Software
2012-01-25 06:45:22 -------- d-----w- c:\program files\Crystal Decisions
2012-01-25 06:45:22 -------- d-----w- c:\program files\common files\Crystal Decisions
2012-01-25 06:31:28 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2012-01-25 00:29:06 89952 ----a-w- c:\windows\system32\SQSRVRES.DLL
2012-01-24 23:33:33 -------- d-----w- c:\documents and settings\owner\local settings\application data\Microsoft_Corporation
2012-01-24 22:52:53 348256 ----a-w- c:\documents and settings\all users\application data\microsoft\vstahost\ssis_scriptcomponent\9.0\1033\ResourceCache.dll
2012-01-24 22:52:23 348256 ----a-w- c:\documents and settings\all users\application data\microsoft\vstahost\ssis_scripttask\9.0\1033\ResourceCache.dll
2012-01-24 22:27:56 416 ----a-w- c:\documents and settings\all users\application data\microsoft\msdn\9.0\1033\ResourceCache.dll
2012-01-24 18:33:46 -------- d-----w- c:\documents and settings\owner\application data\Mael
2012-01-24 18:29:39 -------- d-----w- c:\program files\HxD
2012-01-23 05:58:01 -------- d-----w- c:\program files\Brain Workshop
2012-01-22 21:57:24 -------- d-----w- c:\program files\Jello.Dashboard 5
2012-01-20 02:06:25 -------- d-----w- c:\documents and settings\owner\application data\WinPatrol
2012-01-19 06:08:33 -------- d-----w- c:\program files\PowerISO
2012-01-16 23:08:04 -------- d-----w- C:\wamp
2012-01-16 19:29:59 -------- d-----w- c:\program files\Apache Software Foundation
2012-01-16 18:55:59 -------- d-----w- c:\documents and settings\owner\application data\postgresql
2012-01-16 18:49:11 -------- d-----w- c:\program files\PostgreSQL
2012-01-16 18:01:29 -------- d-----w- c:\program files\common files\Nitro PDF
2012-01-12 23:42:41 -------- d-----w- c:\program files\VS Revo Group 2 Vtiger stuff
2012-01-11 21:03:55 -------- d-----w- c:\program files\vtigercrm-5.3.0
2012-01-07 00:08:02 -------- d-----w- c:\program files\WTF
2012-01-06 00:14:39 -------- d-----w- c:\documents and settings\owner\DoctorWeb
2012-01-05 00:22:53 -------- d-----w- c:\documents and settings\owner\local settings\application data\CutePDF Writer
2012-01-05 00:20:43 -------- d-----w- c:\program files\GPLGS
2012-01-05 00:19:59 87552 ----a-w- c:\windows\system32\cpwmon2k.dll
2012-01-05 00:18:39 -------- d-----w- c:\program files\Acro Software
2012-01-05 00:17:56 -------- d-----w- c:\documents and settings\owner\local settings\application data\APN
2012-01-04 21:54:10 -------- d-----w- c:\documents and settings\owner\application data\.jxProject
2012-01-04 21:53:42 -------- d-----w- c:\program files\jxProject_2.6.1.2
2012-01-04 20:44:19 -------- d-----w- c:\documents and settings\owner\application data\OpenOffice.org
2012-01-04 20:31:55 -------- d-----w- c:\program files\OpenOffice.org 3
2012-01-04 20:17:55 -------- d-----w- c:\program files\PlotSoft
2012-01-03 13:10:44 182672 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2012-01-27 19:29:29 134 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-01-16 15:43:40 18936 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-10 17:11:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-12 03:49:39 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-12-10 22:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-07 17:24:11 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-07 17:24:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 22:19:57 200 ----a-w- c:\documents and settings\owner\advanced_ip_scanner_MAC.bin
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-11 22:26:56 94720 ----a-w- c:\windows\MsiZap.exe
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe GoBack2K.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
c:\windows\system32\drivers\GoBack2K.sys Symantec Corporation Norton GoBack
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8DEE8388]
3 CLASSPNP[0xBA168FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000096[0x8DF76D38]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8DEBE940]
kernel: MBR read successfully
_asm { CALL 0x56; }
user != kernel MBR !!!
.
============= FINISH: 9:16:50.02 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/5/2010 12:10:40 PM
System Uptime: 1/31/2012 6:56:38 PM (15 hours ago)
.
Motherboard: To be filled by O.E.M. | | MS-7207G
Processor: AMD Athlon(tm) 64 Processor 3500+ | CPU 1 | 2210/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 49 GiB total, 5.882 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 26 GiB total, 15.99 GiB free.
J: is CDROM ()
K: is CDROM ()
Z: is FIXED (NTFS) - 74 GiB total, 5.827 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: USB camera
Device ID: USB\VID_0C45&PID_60FE&MI_00\6&21D47361&1&0000
Manufacturer:
Name: USB camera
PNP Device ID: USB\VID_0C45&PID_60FE&MI_00\6&21D47361&1&0000
Service:
.
==== System Restore Points ===================
.
RP1143: 1/28/2012 7:17:09 PM - Revo Uninstaller Pro's restore point - Avira AntiVir Personal - Free Antivirus
RP1144: 1/29/2012 8:00:04 PM - System Checkpoint
RP1145: 1/30/2012 8:02:08 PM - System Checkpoint
RP1146: 1/30/2012 11:33:55 PM - Revo Uninstaller Pro's restore point - AVG 2012
RP1147: 1/30/2012 11:38:51 PM - Removed AVG 2012
RP1148: 1/30/2012 11:42:16 PM - Removed AVG 2012
RP1149: 1/31/2012 1:22:57 PM - Avira AntiVir Personal - 1/31/2012 13:21
.
==== Installed Programs ======================
.
7-Zip 9.20
Active Assets Suite
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
Advanced IP Scanner
Advanced SystemCare 5
Amazon MP3 Downloader 1.0.12
Apache Tomcat 6.0 Tomcat6 (remove only)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASAP Utilities
Ask Toolbar
Audacity 1.2.6
Auslogics Disk Defrag
Auslogics Duplicate File Finder
AutoHotkey 1.1.03.00
Avira AntiVir Personal - Free Antivirus
Avira SearchFree Toolbar plus Web Protection Updater
BackRex Internet Explorer Backup
Belarc Advisor 8.2
BitTorrent
Bonjour
Brain Workshop 4.8.1
ccCommon
Cisco Network Magic
ConvertHelper 2.2
CPUID CPU-Z 1.58
CutePDF Writer 2.8
Digital Media Reader
Duplicate Cleaner 2.0.6
DVD Solution
DzSoft Favorites Search 2.1
FastStone Image Viewer 4.2
Fiesta
FileOpenPatcher
FileWizard
Foxit PDF IFilter
Foxit Reader
Google Chrome
Google Desktop
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Product Detection
HxD Hex Editor version 1.7.7.0
Image Resizer Powertoy Clone for Windows
Internet Explorer (Enable DEP)
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 29
Jello.Dashboard 5.25.2 beta (Astral)
jxProject_2.6.1.2
Karen's Directory Printer
Karen's Registry Pruner
Kernel Outlook PST Viewer ver 10.09.01
LAME v3.98.3 for Audacity
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Local Port Scanner v1.2.2
Malwarebytes Anti-Malware version 1.60.0.1800
MapleStory
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Bootvis
Microsoft IntelliPoint 7.1
Microsoft IntelliType Pro 8.0
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft Office 2003 Resource Kit
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Converter Pack
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 (BITROCKMSSQL)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Basic PowerPacks 1.2
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Module for JSON Format
MozBackup 1.4.10
Mozilla Firefox (3.6.25)
MRU-Blaster v1.5 (Database 3/28/2004)
MSRedist
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Keyboard Driver
Network Magic
Nexon Game Manager
Nitro Reader 2
Norton GoBack 4.02 (Symantec Corporation)
Norton SystemWorks
Norton SystemWorks 2005
Norton SystemWorks 2005 (Symantec Corporation)
NSW_DRM_COLLECTION
NVIDIA Control Panel 275.33
NVIDIA Drivers
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA Update 1.3.5
NVIDIA Update Components
OpenOffice.org 3.3
Outlook Times Addin 1.1
OutlookTools 2
Pale Moon 7.0.1 (x86 en-US)
Pando Media Booster
PandoraRecovery (Remove Only)
PDFill FREE PDF Tools
PostgreSQL 9.1
Power2Go 4.0
PowerDVD
PowerISO
PrimoPDF -- brought to you by Nitro PDF Software
Pure Networks Platform
QuickTime
Real Estate Finance and Investments
Realtek High Definition Audio Driver
RegToy 0.7.4.1
Revo Uninstaller 1.92
Revo Uninstaller Pro 2.5.7
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SIW version 2011.05.26
Skype web features
Skype™ 4.2
SlimDrivers
Spybot - Search & Destroy
Stickies 7.1a
System Requirements Lab
Tiny Time Tracker
TreeSize Free V2.5
Tweak UI
TweakGDS version 1.1.3
UltiDev Web Server Pro
Uninstall Startup Inspector
Universal Viewer
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
V CAST Music with Rhapsody
VirtualLab Client 5.7.5
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VLC media player 1.1.8
vtigercrm-5.3.0
W Photo Studio
WAPT
WebFldrs XP
What's Running 3.0
Windows Backup Utility
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Service Pack 3
Wizard101
WonderKing
XAMPP 1.7.7
Xvid 1.2.2 final uninstall
Yu-Gi-Oh! ONLINE 3
.
Balance of log in next post