Yesterday Avg showed that the Kingdoms.exe of the Total War Kingdoms expansion were infected as well as two system restore points. It had also show one other .exe as infected but that was reported as a false alarm and removed today a 1:30
Here are the logs
Internet Explorer 8.0.6001.18702
3/9/2011 3:12:26 PM
mbam-log-2011-03-09 (15-12-25).txt
Scan type: Quick scan
Objects scanned: 174610
Time elapsed: 6 minute(s), 20 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
========================
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-09 16:11:38
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-1f WDC_WD2000BB-22GUC0 rev.08.02D08
Running: wezip68e.exe; Driver: C:\DOCUME~1\NICKCL~1\LOCALS~1\Temp\kxtdqpow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB84C26C0]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB84C2770]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB84C2810]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB84C28B0]
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\System32\Drivers\sunkfilt.sys entry point in "init" section [0xF656C300]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Nick Clark at 16:14:05.28 on Wed 03/09/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.177 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\zHotkey.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\SanDisk\SanDisk Media Manager\SanDiskMediaManager-Launcher.EXE
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.emachines.com/
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\nick clark\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [CHotkey] zHotkey.exe
mRun: [ShowWnd] ShowWnd.exe
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [SunKistEM] c:\program files\digital media reader\shwiconem.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\SANDIS~1.LNK -
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://aolsvc.aol.com/onlinegames/luxor/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_3_1_07-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\nickcl~1\applic~1\mozilla\firefox\profiles\o0lkqy6k.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\nick clark\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
FF - Ext: AVG Security Toolbar em:version=5.008.027.003 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: GameFOX: {6dd0bdba-0a02-429e-b595-87a7dfdca7a1} - %profile%\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
R3 WUSB54GSCV2;Compact Wireless-G USB Network Adapter with SpeedBooster Service;c:\windows\system32\drivers\WUSB54GSCV2.sys [2007-10-9 198144]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-10-2 488776]
.
=============== Created Last 30 ================
.
2011-03-06 09:09:13 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\ArmA 2 Demo
2011-03-04 05:23:38 -------- d-----w- c:\docume~1\nickcl~1\applic~1\OpenOffice.org
2011-02-19 02:44:17 -------- d-----w- c:\program files\Gmask 1.70 English
2011-02-18 19:30:08 -------- d-----w- c:\program files\iTunes
2011-02-16 19:41:42 -------- d-----w- c:\program files\iPod
2011-02-16 02:15:16 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-02-16 02:15:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-10 02:23:24 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\Temp
2011-02-10 02:23:01 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\Google
2011-02-07 22:02:11 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\Adobe
.
==================== Find3M ====================
.
2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-14 02:16:11 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
.
============= FINISH: 16:14:52.17 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/26/2009 2:55:53 PM
System Uptime: 3/9/2011 3:01:55 PM (1 hours ago)
.
Motherboard: MICRO-STAR | | MS-7145
Processor: AMD Athlon(tm) 64 Processor 3400+ | Socket 754 | 2392/199mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 182 GiB total, 113.753 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 0.992 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_145C1462&REV_10\4&2E26DDEC&0&18A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_145C1462&REV_10\4&2E26DDEC&0&18A4
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP166: 12/9/2010 12:27:13 PM - Installed Google SketchUp 8
RP167: 12/10/2010 1:23:36 PM - System Checkpoint
RP168: 12/12/2010 1:25:11 PM - Installed Medieval II Total War : Kingdoms : Teutonic
RP169: 12/16/2010 7:41:18 PM - System Checkpoint
RP170: 12/17/2010 10:26:01 PM - System Checkpoint
RP171: 12/19/2010 8:53:49 PM - System Checkpoint
RP172: 12/20/2010 10:03:57 PM - System Checkpoint
RP173: 12/21/2010 10:11:36 PM - System Checkpoint
RP174: 12/25/2010 12:03:24 PM - System Checkpoint
RP175: 12/26/2010 7:15:53 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP176: 12/26/2010 7:18:35 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP177: 12/26/2010 7:20:50 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP178: 12/26/2010 7:21:17 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP179: 12/26/2010 7:24:19 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP180: 12/26/2010 7:25:10 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP181: 12/26/2010 7:29:05 PM - Removed Norton Security Center
RP182: 12/26/2010 7:30:18 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP183: 12/26/2010 7:33:17 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP184: 12/26/2010 7:41:46 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP185: 12/27/2010 1:48:28 AM - Software Distribution Service 3.0
RP186: 12/27/2010 2:39:03 PM - Software Distribution Service 3.0
RP187: 12/27/2010 5:40:47 PM - Software Distribution Service 3.0
RP188: 12/28/2010 1:51:48 AM - Software Distribution Service 3.0
RP189: 12/28/2010 8:01:11 PM - Software Distribution Service 3.0
RP190: 12/28/2010 8:56:55 PM - Printer Driver Microsoft XPS Document Writer Installed
RP191: 12/29/2010 3:00:44 AM - Software Distribution Service 3.0
RP192: 12/29/2010 3:59:29 PM - Software Distribution Service 3.0
RP193: 12/29/2010 4:07:40 PM - Software Distribution Service 3.0
RP194: 12/29/2010 4:42:32 PM - Software Distribution Service 3.0
RP195: 12/30/2010 7:50:37 PM - System Checkpoint
RP196: 12/31/2010 8:17:25 PM - System Checkpoint
RP197: 1/1/2011 10:16:01 PM - System Checkpoint
RP198: 1/3/2011 1:52:04 AM - System Checkpoint
RP199: 1/4/2011 6:53:19 PM - Removed Medieval II Total War : Kingdoms : Britannia
RP200: 1/4/2011 6:54:43 PM - Removed Medieval II Total War : Kingdoms : Teutonic
RP201: 1/4/2011 6:55:35 PM - Removed Medieval II Total War
RP202: 1/4/2011 7:00:47 PM - Installed Medieval II Total War
RP203: 1/4/2011 7:15:32 PM - Installed DirectX
RP204: 1/5/2011 2:37:36 AM - Configured Medieval II Total War
RP205: 1/5/2011 2:38:58 AM - Installed DirectX
RP206: 1/5/2011 5:23:15 PM - Removed Medieval II Total War
RP207: 1/5/2011 5:28:49 PM - Installed Medieval II Total War
RP208: 1/5/2011 5:47:54 PM - Installed DirectX
RP209: 1/5/2011 6:17:45 PM - Configured Medieval II Total War
RP210: 1/5/2011 6:19:17 PM - Installed DirectX
RP211: 1/7/2011 2:59:37 AM - System Checkpoint
RP212: 1/8/2011 3:59:07 AM - System Checkpoint
RP213: 1/9/2011 8:18:02 PM - System Checkpoint
RP214: 1/11/2011 2:10:54 PM - System Checkpoint
RP215: 1/12/2011 1:26:29 PM - Software Distribution Service 3.0
RP216: 1/13/2011 3:44:41 PM - System Checkpoint
RP217: 1/14/2011 9:52:41 PM - System Checkpoint
RP218: 1/17/2011 11:27:11 AM - System Checkpoint
RP219: 1/17/2011 5:20:45 PM - Configured Medieval II Total War
RP220: 1/17/2011 5:22:26 PM - Installed Medieval II Total War : Kingdoms : Teutonic
RP221: 1/18/2011 5:23:03 PM - Removed Medieval II Total War : Kingdoms : Teutonic
RP222: 1/18/2011 5:25:48 PM - Installed Medieval II Total War : Kingdoms : Crusades
RP223: 1/20/2011 1:09:08 PM - System Checkpoint
RP224: 1/21/2011 2:02:06 PM - System Checkpoint
RP225: 1/22/2011 5:40:03 PM - System Checkpoint
RP226: 1/23/2011 8:13:47 PM - System Checkpoint
RP227: 1/25/2011 1:19:39 AM - System Checkpoint
RP228: 1/27/2011 4:10:20 AM - System Checkpoint
RP229: 1/28/2011 4:24:53 AM - System Checkpoint
RP230: 1/29/2011 5:24:53 AM - System Checkpoint
RP231: 1/30/2011 6:24:54 AM - System Checkpoint
RP232: 1/31/2011 3:16:41 PM - System Checkpoint
RP233: 2/1/2011 1:20:49 PM - Installed DirectX
RP234: 2/2/2011 3:32:20 PM - System Checkpoint
RP235: 2/3/2011 6:28:40 PM - System Checkpoint
RP236: 2/5/2011 1:05:59 AM - System Checkpoint
RP237: 2/6/2011 2:45:36 AM - System Checkpoint
RP238: 2/7/2011 2:50:02 AM - System Checkpoint
RP239: 2/8/2011 7:19:02 AM - System Checkpoint
RP240: 2/9/2011 10:04:45 PM - System Checkpoint
RP241: 2/10/2011 3:00:24 AM - Software Distribution Service 3.0
RP242: 2/10/2011 10:11:05 PM - Removed Adobe Reader 7.0
RP243: 2/10/2011 10:11:39 PM - Installed Adobe Reader X (10.0.1).
RP244: 2/12/2011 1:47:38 AM - System Checkpoint
RP245: 2/13/2011 2:53:24 AM - System Checkpoint
RP246: 2/14/2011 4:29:11 AM - System Checkpoint
RP247: 2/15/2011 2:46:26 PM - System Checkpoint
RP248: 2/15/2011 9:14:10 PM - Removed Java(TM) 6 Update 17
RP249: 2/15/2011 9:14:48 PM - Installed Java(TM) 6 Update 21
RP250: 2/16/2011 2:09:06 PM - Installed Java(TM) 6 Update 24
RP251: 2/17/2011 4:56:05 PM - System Checkpoint
RP252: 2/18/2011 2:28:25 PM - Removed iTunes
RP253: 2/19/2011 4:25:02 PM - System Checkpoint
RP254: 2/20/2011 7:03:00 PM - System Checkpoint
RP255: 2/21/2011 7:22:17 PM - System Checkpoint
RP256: 2/23/2011 3:41:11 PM - System Checkpoint
RP257: 2/24/2011 6:52:37 PM - System Checkpoint
RP258: 2/24/2011 11:07:21 PM - Software Distribution Service 3.0
RP259: 2/25/2011 11:14:25 PM - System Checkpoint
RP260: 2/27/2011 12:30:48 AM - System Checkpoint
RP261: 2/28/2011 1:06:04 AM - System Checkpoint
RP262: 3/1/2011 2:39:53 AM - System Checkpoint
RP263: 3/2/2011 10:14:31 PM - System Checkpoint
RP264: 3/3/2011 11:34:24 PM - System Checkpoint
RP265: 3/4/2011 12:11:52 AM - Installed Java(TM) 6 Update 22
RP266: 3/4/2011 12:13:07 AM - Installed OpenOffice.org 3.3
RP267: 3/4/2011 10:45:20 AM - Installed HP Product Assistant
RP268: 3/5/2011 12:44:21 PM - System Checkpoint
RP269: 3/6/2011 4:07:38 AM - Installed DirectX
RP270: 3/7/2011 5:11:41 PM - System Checkpoint
RP271: 3/8/2011 5:27:08 PM - System Checkpoint
RP272: 3/9/2011 1:45:21 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
2570
2570_Help
2570Trb
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
AiO_Scan_CDA
AiOSoftwareNPI
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Spyware Protection
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aspell English Dictionary-0.50-2
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG 2011
BitTorrent
Bonjour
BufferChm
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
CueTour
CustomerResearchQFolder
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
Digital Media Reader
DivX Setup
DocProc
DocumentViewer
DocumentViewerQFolder
ESET Online Scanner v3
eSupportQFolder
Fax_CDA
FullDPAppQFolder
GIMP 2.6.11
Gmask 1.70 English
GNU Aspell 0.50-3
Google Chrome
Google SketchUp 8
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Product Assistant
HP PSC & OfficeJet 5.3.A
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
InstantShareDevices
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 2
Java 2 Runtime Environment Standard Edition v1.3.1_07
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 6 Update 22
Java(TM) 6 Update 24
JDownloader
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MarketResearch
McAfee AntiSpyware
Medieval II Total War
Medieval II Total War : Kingdoms : Crusades
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Digital Image Library 9 - Blocker
Microsoft Money 2005
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Ultimate 2007 Subscription
Microsoft Office Word MUI (English) 2007
Microsoft Picture It! Library 10
Microsoft Picture It! Premium 10
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Works
Mozilla Firefox (3.6.13)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Keyboard Driver
Napster
Napster Burn Engine
Nero BurnRights
Nero OEM
NewCopy_CDA
Notepad++
OpenOffice.org 3.3
PanoStandAlone
PhotoGallery
PowerDVD
ProductContextNPI
Pure Networks Port Magic
Python 2.6
QuickTime
RandMap
Readme
RealPlayer Basic
Realtek AC'97 Audio
Recovery Software Suite eMachines
SanDisk ® Media Manager
Scan
ScannerCopy
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SkinsHP1
SoftV92 Data Fax Modem with SmartCP
SolutionCenter
Sonic Encoders
Sonic_PrimoSDK
Status
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
VC80CRTRedist - 8.0.50727.4053
Verizon Online DSL
Viewpoint Media Player
Visual C++ 9.0 CRT (x86) WinSXS MSM
Visual C++ 9.0 OpenMP (x86) WinSXS MSM
VLC media player 1.1.7
WebFldrs XP
WebReg
WinAVI MP4 Converter
WinAVI Video Converter
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB890760
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
3/8/2011 5:09:06 PM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 b7114481, parameter3 f7977a6c, parameter4 f7977768.
3/8/2011 11:54:50 AM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 b7181481, parameter3 f797ba6c, parameter4 f797b768.
.
==== End Of File ===========================
Here are the logs
Internet Explorer 8.0.6001.18702
3/9/2011 3:12:26 PM
mbam-log-2011-03-09 (15-12-25).txt
Scan type: Quick scan
Objects scanned: 174610
Time elapsed: 6 minute(s), 20 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
========================
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-09 16:11:38
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-1f WDC_WD2000BB-22GUC0 rev.08.02D08
Running: wezip68e.exe; Driver: C:\DOCUME~1\NICKCL~1\LOCALS~1\Temp\kxtdqpow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB84C26C0]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB84C2770]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB84C2810]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB84C28B0]
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\System32\Drivers\sunkfilt.sys entry point in "init" section [0xF656C300]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Nick Clark at 16:14:05.28 on Wed 03/09/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.177 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\zHotkey.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\SanDisk\SanDisk Media Manager\SanDiskMediaManager-Launcher.EXE
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nick Clark\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.emachines.com/
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\nick clark\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [CHotkey] zHotkey.exe
mRun: [ShowWnd] ShowWnd.exe
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [SunKistEM] c:\program files\digital media reader\shwiconem.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\SANDIS~1.LNK -
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://aolsvc.aol.com/onlinegames/luxor/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_3_1_07-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\nickcl~1\applic~1\mozilla\firefox\profiles\o0lkqy6k.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\nick clark\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
FF - Ext: AVG Security Toolbar em:version=5.008.027.003 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: GameFOX: {6dd0bdba-0a02-429e-b595-87a7dfdca7a1} - %profile%\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
R3 WUSB54GSCV2;Compact Wireless-G USB Network Adapter with SpeedBooster Service;c:\windows\system32\drivers\WUSB54GSCV2.sys [2007-10-9 198144]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-10-2 488776]
.
=============== Created Last 30 ================
.
2011-03-06 09:09:13 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\ArmA 2 Demo
2011-03-04 05:23:38 -------- d-----w- c:\docume~1\nickcl~1\applic~1\OpenOffice.org
2011-02-19 02:44:17 -------- d-----w- c:\program files\Gmask 1.70 English
2011-02-18 19:30:08 -------- d-----w- c:\program files\iTunes
2011-02-16 19:41:42 -------- d-----w- c:\program files\iPod
2011-02-16 02:15:16 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-02-16 02:15:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-10 02:23:24 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\Temp
2011-02-10 02:23:01 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\Google
2011-02-07 22:02:11 -------- d-----w- c:\docume~1\nickcl~1\locals~1\applic~1\Adobe
.
==================== Find3M ====================
.
2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-14 02:16:11 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
.
============= FINISH: 16:14:52.17 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/26/2009 2:55:53 PM
System Uptime: 3/9/2011 3:01:55 PM (1 hours ago)
.
Motherboard: MICRO-STAR | | MS-7145
Processor: AMD Athlon(tm) 64 Processor 3400+ | Socket 754 | 2392/199mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 182 GiB total, 113.753 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 0.992 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_145C1462&REV_10\4&2E26DDEC&0&18A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_145C1462&REV_10\4&2E26DDEC&0&18A4
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP166: 12/9/2010 12:27:13 PM - Installed Google SketchUp 8
RP167: 12/10/2010 1:23:36 PM - System Checkpoint
RP168: 12/12/2010 1:25:11 PM - Installed Medieval II Total War : Kingdoms : Teutonic
RP169: 12/16/2010 7:41:18 PM - System Checkpoint
RP170: 12/17/2010 10:26:01 PM - System Checkpoint
RP171: 12/19/2010 8:53:49 PM - System Checkpoint
RP172: 12/20/2010 10:03:57 PM - System Checkpoint
RP173: 12/21/2010 10:11:36 PM - System Checkpoint
RP174: 12/25/2010 12:03:24 PM - System Checkpoint
RP175: 12/26/2010 7:15:53 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP176: 12/26/2010 7:18:35 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP177: 12/26/2010 7:20:50 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP178: 12/26/2010 7:21:17 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP179: 12/26/2010 7:24:19 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP180: 12/26/2010 7:25:10 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP181: 12/26/2010 7:29:05 PM - Removed Norton Security Center
RP182: 12/26/2010 7:30:18 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP183: 12/26/2010 7:33:17 PM - Installed Compact Wireless-G USB Network Adapter with SpeedBoost
RP184: 12/26/2010 7:41:46 PM - Removed Compact Wireless-G USB Network Adapter with SpeedBooster
RP185: 12/27/2010 1:48:28 AM - Software Distribution Service 3.0
RP186: 12/27/2010 2:39:03 PM - Software Distribution Service 3.0
RP187: 12/27/2010 5:40:47 PM - Software Distribution Service 3.0
RP188: 12/28/2010 1:51:48 AM - Software Distribution Service 3.0
RP189: 12/28/2010 8:01:11 PM - Software Distribution Service 3.0
RP190: 12/28/2010 8:56:55 PM - Printer Driver Microsoft XPS Document Writer Installed
RP191: 12/29/2010 3:00:44 AM - Software Distribution Service 3.0
RP192: 12/29/2010 3:59:29 PM - Software Distribution Service 3.0
RP193: 12/29/2010 4:07:40 PM - Software Distribution Service 3.0
RP194: 12/29/2010 4:42:32 PM - Software Distribution Service 3.0
RP195: 12/30/2010 7:50:37 PM - System Checkpoint
RP196: 12/31/2010 8:17:25 PM - System Checkpoint
RP197: 1/1/2011 10:16:01 PM - System Checkpoint
RP198: 1/3/2011 1:52:04 AM - System Checkpoint
RP199: 1/4/2011 6:53:19 PM - Removed Medieval II Total War : Kingdoms : Britannia
RP200: 1/4/2011 6:54:43 PM - Removed Medieval II Total War : Kingdoms : Teutonic
RP201: 1/4/2011 6:55:35 PM - Removed Medieval II Total War
RP202: 1/4/2011 7:00:47 PM - Installed Medieval II Total War
RP203: 1/4/2011 7:15:32 PM - Installed DirectX
RP204: 1/5/2011 2:37:36 AM - Configured Medieval II Total War
RP205: 1/5/2011 2:38:58 AM - Installed DirectX
RP206: 1/5/2011 5:23:15 PM - Removed Medieval II Total War
RP207: 1/5/2011 5:28:49 PM - Installed Medieval II Total War
RP208: 1/5/2011 5:47:54 PM - Installed DirectX
RP209: 1/5/2011 6:17:45 PM - Configured Medieval II Total War
RP210: 1/5/2011 6:19:17 PM - Installed DirectX
RP211: 1/7/2011 2:59:37 AM - System Checkpoint
RP212: 1/8/2011 3:59:07 AM - System Checkpoint
RP213: 1/9/2011 8:18:02 PM - System Checkpoint
RP214: 1/11/2011 2:10:54 PM - System Checkpoint
RP215: 1/12/2011 1:26:29 PM - Software Distribution Service 3.0
RP216: 1/13/2011 3:44:41 PM - System Checkpoint
RP217: 1/14/2011 9:52:41 PM - System Checkpoint
RP218: 1/17/2011 11:27:11 AM - System Checkpoint
RP219: 1/17/2011 5:20:45 PM - Configured Medieval II Total War
RP220: 1/17/2011 5:22:26 PM - Installed Medieval II Total War : Kingdoms : Teutonic
RP221: 1/18/2011 5:23:03 PM - Removed Medieval II Total War : Kingdoms : Teutonic
RP222: 1/18/2011 5:25:48 PM - Installed Medieval II Total War : Kingdoms : Crusades
RP223: 1/20/2011 1:09:08 PM - System Checkpoint
RP224: 1/21/2011 2:02:06 PM - System Checkpoint
RP225: 1/22/2011 5:40:03 PM - System Checkpoint
RP226: 1/23/2011 8:13:47 PM - System Checkpoint
RP227: 1/25/2011 1:19:39 AM - System Checkpoint
RP228: 1/27/2011 4:10:20 AM - System Checkpoint
RP229: 1/28/2011 4:24:53 AM - System Checkpoint
RP230: 1/29/2011 5:24:53 AM - System Checkpoint
RP231: 1/30/2011 6:24:54 AM - System Checkpoint
RP232: 1/31/2011 3:16:41 PM - System Checkpoint
RP233: 2/1/2011 1:20:49 PM - Installed DirectX
RP234: 2/2/2011 3:32:20 PM - System Checkpoint
RP235: 2/3/2011 6:28:40 PM - System Checkpoint
RP236: 2/5/2011 1:05:59 AM - System Checkpoint
RP237: 2/6/2011 2:45:36 AM - System Checkpoint
RP238: 2/7/2011 2:50:02 AM - System Checkpoint
RP239: 2/8/2011 7:19:02 AM - System Checkpoint
RP240: 2/9/2011 10:04:45 PM - System Checkpoint
RP241: 2/10/2011 3:00:24 AM - Software Distribution Service 3.0
RP242: 2/10/2011 10:11:05 PM - Removed Adobe Reader 7.0
RP243: 2/10/2011 10:11:39 PM - Installed Adobe Reader X (10.0.1).
RP244: 2/12/2011 1:47:38 AM - System Checkpoint
RP245: 2/13/2011 2:53:24 AM - System Checkpoint
RP246: 2/14/2011 4:29:11 AM - System Checkpoint
RP247: 2/15/2011 2:46:26 PM - System Checkpoint
RP248: 2/15/2011 9:14:10 PM - Removed Java(TM) 6 Update 17
RP249: 2/15/2011 9:14:48 PM - Installed Java(TM) 6 Update 21
RP250: 2/16/2011 2:09:06 PM - Installed Java(TM) 6 Update 24
RP251: 2/17/2011 4:56:05 PM - System Checkpoint
RP252: 2/18/2011 2:28:25 PM - Removed iTunes
RP253: 2/19/2011 4:25:02 PM - System Checkpoint
RP254: 2/20/2011 7:03:00 PM - System Checkpoint
RP255: 2/21/2011 7:22:17 PM - System Checkpoint
RP256: 2/23/2011 3:41:11 PM - System Checkpoint
RP257: 2/24/2011 6:52:37 PM - System Checkpoint
RP258: 2/24/2011 11:07:21 PM - Software Distribution Service 3.0
RP259: 2/25/2011 11:14:25 PM - System Checkpoint
RP260: 2/27/2011 12:30:48 AM - System Checkpoint
RP261: 2/28/2011 1:06:04 AM - System Checkpoint
RP262: 3/1/2011 2:39:53 AM - System Checkpoint
RP263: 3/2/2011 10:14:31 PM - System Checkpoint
RP264: 3/3/2011 11:34:24 PM - System Checkpoint
RP265: 3/4/2011 12:11:52 AM - Installed Java(TM) 6 Update 22
RP266: 3/4/2011 12:13:07 AM - Installed OpenOffice.org 3.3
RP267: 3/4/2011 10:45:20 AM - Installed HP Product Assistant
RP268: 3/5/2011 12:44:21 PM - System Checkpoint
RP269: 3/6/2011 4:07:38 AM - Installed DirectX
RP270: 3/7/2011 5:11:41 PM - System Checkpoint
RP271: 3/8/2011 5:27:08 PM - System Checkpoint
RP272: 3/9/2011 1:45:21 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
2570
2570_Help
2570Trb
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
AiO_Scan_CDA
AiOSoftwareNPI
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Spyware Protection
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aspell English Dictionary-0.50-2
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG 2011
BitTorrent
Bonjour
BufferChm
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
CueTour
CustomerResearchQFolder
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
Digital Media Reader
DivX Setup
DocProc
DocumentViewer
DocumentViewerQFolder
ESET Online Scanner v3
eSupportQFolder
Fax_CDA
FullDPAppQFolder
GIMP 2.6.11
Gmask 1.70 English
GNU Aspell 0.50-3
Google Chrome
Google SketchUp 8
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Product Assistant
HP PSC & OfficeJet 5.3.A
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
InstantShareDevices
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 2
Java 2 Runtime Environment Standard Edition v1.3.1_07
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 6 Update 22
Java(TM) 6 Update 24
JDownloader
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
MarketResearch
McAfee AntiSpyware
Medieval II Total War
Medieval II Total War : Kingdoms : Crusades
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Digital Image Library 9 - Blocker
Microsoft Money 2005
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Ultimate 2007 Subscription
Microsoft Office Word MUI (English) 2007
Microsoft Picture It! Library 10
Microsoft Picture It! Premium 10
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Works
Mozilla Firefox (3.6.13)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Keyboard Driver
Napster
Napster Burn Engine
Nero BurnRights
Nero OEM
NewCopy_CDA
Notepad++
OpenOffice.org 3.3
PanoStandAlone
PhotoGallery
PowerDVD
ProductContextNPI
Pure Networks Port Magic
Python 2.6
QuickTime
RandMap
Readme
RealPlayer Basic
Realtek AC'97 Audio
Recovery Software Suite eMachines
SanDisk ® Media Manager
Scan
ScannerCopy
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SkinsHP1
SoftV92 Data Fax Modem with SmartCP
SolutionCenter
Sonic Encoders
Sonic_PrimoSDK
Status
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
VC80CRTRedist - 8.0.50727.4053
Verizon Online DSL
Viewpoint Media Player
Visual C++ 9.0 CRT (x86) WinSXS MSM
Visual C++ 9.0 OpenMP (x86) WinSXS MSM
VLC media player 1.1.7
WebFldrs XP
WebReg
WinAVI MP4 Converter
WinAVI Video Converter
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB890760
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
3/8/2011 5:09:06 PM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 b7114481, parameter3 f7977a6c, parameter4 f7977768.
3/8/2011 11:54:50 AM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 b7181481, parameter3 f797ba6c, parameter4 f797b768.
.
==== End Of File ===========================