Hi guys...
Started my comp yesterday and Avira popped-up saying a had this trojan TR/DROP.TDss.way ... A0050325.exe
I did as Avira instructed.
Ran Super Anit-Spyware - no probs
Ran Spybot - no probs
My comp seems to running fine.
Here are the logs from the updated 8 step instructions:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5481
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08-Jan-11 6:08:00 PM
mbam-log-2011-01-08 (18-08-00).txt
Scan type: Quick scan
Objects scanned: 148438
Time elapsed: 2 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
..........................................................
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-08 20:48:37
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts1Port3Path0Target0Lun0 WDC_WD32 rev.01.0
Running: yx3lkee8.exe; Driver: C:\DOCUME~1\Buzzzzz\LOCALS~1\Temp\kgpyikog.sys
---- Devices - GMER 1.0.15 ----
Device \Driver\Tcpip \Device\Ip vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
---- EOF - GMER 1.0.15 ----
............................................................
DDS (Ver_10-12-12.02) - NTFSx86
Run by Buzzzzz at 15:17:08.53 on 09-Jan-11
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2478 [GMT 7:00]
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *Enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Digiarty\WinX DVD Author 5.5\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Buzzzzz\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = about:blank
uInternet Settings,ProxyOverride = local;*.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - c:\documents and settings\buzzzzz\application data\mozilla\firefox\profiles\jjg4pz97.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [Google Update] "c:\documents and settings\buzzzzz\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\buzzzzz\applic~1\mozilla\firefox\profiles\jjg4pz97.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.gmail.com/ncr
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\buzzzzz\application data\mozilla\firefox\profiles\jjg4pz97.default\extensions\cfxhelper@triton\components\dwmxpcom.dll
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
FF - component: c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
FF - plugin: c:\documents and settings\buzzzzz\application data\mozilla\firefox\profiles\jjg4pz97.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\buzzzzz\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: afurladvisor: afurladvisor@anchorfree.com - c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\checkpoint\zaforcefield\TrustChecker
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - %profile%\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
FF - Ext: AvantGarde Skylight: {d62e0de0-401b-11dd-ae16-0800200c9a66} - %profile%\extensions\{d62e0de0-401b-11dd-ae16-0800200c9a66}
FF - Ext: Office Black: Office2007Black@JBBS - %profile%\extensions\Office2007Black@JBBS
FF - Ext: Chromifox Basic: chromifox@altmusictv.com - %profile%\extensions\chromifox@altmusictv.com
FF - Ext: AvantGarde Nightlife: {3fb63340-652a-11dd-ad8b-0800200c9a66} - %profile%\extensions\{3fb63340-652a-11dd-ad8b-0800200c9a66}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Chromifox Companion: cfxHelper@Triton - %profile%\extensions\cfxHelper@Triton
FF - Ext: Chromifox Extreme: cfxe@Triton - %profile%\extensions\cfxe@Triton
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-11-16 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-9-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 74480]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2008-12-5 532224]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-11-16 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-11-16 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-16 61960]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe -product hss --> c:\program files\hotspot shield\bin\hsswd.exe -product HSS [?]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 493032]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-21 133104]
S3 cmo_bus;Data Modem @ CDMA Composite Device driver (WDM);c:\windows\system32\drivers\cmo_bus.sys [2009-2-9 58352]
S3 cmo_mdfl;Data Modem @ CDMA Filter;c:\windows\system32\drivers\cmo_mdfl.sys [2009-2-9 8304]
S3 cmo_mdm;Data Modem @ CDMA Drivers;c:\windows\system32\drivers\cmo_mdm.sys [2009-2-9 93904]
S3 cmo_serd;Data Modem @ CDMA Second DS Port (WDM);c:\windows\system32\drivers\cmo_serd.sys [2009-2-9 73696]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 7408]
=============== Created Last 30 ================
2011-01-08 10:48:56 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-08 10:48:51 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-08 10:48:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-25 20:26:38 -------- d-----w- c:\windows\system32\NtmsData
2010-12-19 18:29:15 81920 -c----w- c:\windows\system32\dllcache\isign32.dll
2010-12-19 18:24:44 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-19 18:22:00 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-11 06:14:13 -------- d-----w- c:\docume~1\buzzzzz\applic~1\Avira
==================== Find3M ====================
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 15:18:47.78 ===============
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 03-Dec-08 1:00:14 AM
System Uptime: 08-Jan-11 5:57:52 PM (22 hours ago)
Motherboard: ACER | | MCP73VE
Processor: Intel Pentium III Xeon processor | SOCKET775 M/B | 2499/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 250 GiB total, 139.562 GiB free.
D: is FIXED (NTFS) - 48 GiB total, 32.444 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&1624BDC1&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&1624BDC1&0
Service: i8042prt
==== System Restore Points ===================
RP104: 12-Oct-10 5:18:22 PM - System Checkpoint
RP105: 13-Oct-10 6:34:29 PM - System Checkpoint
RP106: 14-Oct-10 5:34:59 PM - Software Distribution Service 3.0
RP107: 15-Oct-10 7:11:52 PM - System Checkpoint
RP108: 16-Oct-10 8:37:01 PM - System Checkpoint
RP109: 17-Oct-10 4:22:46 PM - Installed Java(TM) 6 Update 22
RP110: 18-Oct-10 4:50:54 PM - System Checkpoint
RP111: 19-Oct-10 4:58:08 PM - System Checkpoint
RP112: 20-Oct-10 6:05:49 PM - System Checkpoint
RP113: 21-Oct-10 6:47:16 PM - System Checkpoint
RP114: 22-Oct-10 7:58:25 PM - System Checkpoint
RP115: 23-Oct-10 8:53:20 PM - System Checkpoint
RP116: 24-Oct-10 8:54:21 PM - System Checkpoint
RP117: 25-Oct-10 9:21:10 PM - System Checkpoint
RP118: 26-Oct-10 10:15:25 PM - System Checkpoint
RP119: 27-Oct-10 10:28:01 PM - System Checkpoint
RP120: 28-Oct-10 10:55:49 PM - System Checkpoint
RP121: 30-Oct-10 7:44:28 PM - System Checkpoint
RP122: 31-Oct-10 5:05:08 AM - Software Distribution Service 3.0
RP123: 01-Nov-10 10:20:41 AM - System Checkpoint
RP124: 04-Nov-10 6:16:06 PM - System Checkpoint
RP125: 05-Nov-10 8:34:20 PM - System Checkpoint
RP126: 06-Nov-10 9:14:03 PM - System Checkpoint
RP127: 07-Nov-10 10:06:55 PM - System Checkpoint
RP128: 08-Nov-10 10:23:45 PM - System Checkpoint
RP129: 09-Nov-10 11:23:23 PM - System Checkpoint
RP130: 11-Nov-10 12:37:33 AM - System Checkpoint
RP131: 12-Nov-10 1:01:39 AM - System Checkpoint
RP132: 13-Nov-10 1:10:51 AM - System Checkpoint
RP133: 13-Nov-10 3:40:52 AM - Software Distribution Service 3.0
RP134: 14-Nov-10 4:12:46 AM - System Checkpoint
RP135: 15-Nov-10 4:41:18 AM - System Checkpoint
RP136: 16-Nov-10 12:22:21 AM - Installed Google SketchUp Pro 7
RP137: 16-Nov-10 12:22:43 AM - Removed Google SketchUp 7
RP138: 17-Nov-10 12:42:09 AM - System Checkpoint
RP139: 18-Nov-10 2:13:57 AM - System Checkpoint
RP140: 19-Nov-10 2:17:26 AM - System Checkpoint
RP141: 20-Nov-10 2:52:32 AM - System Checkpoint
RP142: 21-Nov-10 1:58:16 PM - System Checkpoint
RP143: 22-Nov-10 2:02:31 PM - System Checkpoint
RP144: 23-Nov-10 2:33:54 PM - System Checkpoint
RP145: 24-Nov-10 3:49:45 PM - System Checkpoint
RP146: 25-Nov-10 4:46:00 PM - System Checkpoint
RP147: 26-Nov-10 6:32:32 PM - System Checkpoint
RP148: 27-Nov-10 7:26:33 PM - System Checkpoint
RP149: 28-Nov-10 7:34:12 PM - System Checkpoint
RP150: 29-Nov-10 7:40:57 PM - System Checkpoint
RP151: 30-Nov-10 8:35:03 PM - System Checkpoint
RP152: 01-Dec-10 9:14:57 PM - System Checkpoint
RP153: 02-Dec-10 9:35:08 PM - System Checkpoint
RP154: 03-Dec-10 10:19:23 PM - System Checkpoint
RP155: 04-Dec-10 11:27:27 PM - System Checkpoint
RP156: 06-Dec-10 12:37:47 AM - System Checkpoint
RP157: 07-Dec-10 1:14:07 AM - System Checkpoint
RP158: 08-Dec-10 1:16:35 AM - System Checkpoint
RP159: 09-Dec-10 2:53:39 AM - System Checkpoint
RP160: 10-Dec-10 5:00:17 AM - System Checkpoint
RP161: 11-Dec-10 12:17:08 PM - System Checkpoint
RP162: 12-Dec-10 12:47:34 PM - System Checkpoint
RP163: 13-Dec-10 5:55:46 PM - System Checkpoint
RP164: 14-Dec-10 6:04:04 PM - System Checkpoint
RP165: 15-Dec-10 6:50:50 PM - System Checkpoint
RP166: 16-Dec-10 7:17:16 PM - System Checkpoint
RP167: 17-Dec-10 9:57:23 PM - System Checkpoint
RP168: 18-Dec-10 10:35:06 PM - System Checkpoint
RP169: 19-Dec-10 10:36:11 PM - System Checkpoint
RP170: 20-Dec-10 1:34:25 AM - Software Distribution Service 3.0
RP171: 21-Dec-10 2:53:52 AM - System Checkpoint
RP172: 22-Dec-10 6:24:21 AM - System Checkpoint
RP173: 23-Dec-10 7:14:03 AM - System Checkpoint
RP174: 24-Dec-10 4:24:27 PM - System Checkpoint
RP175: 25-Dec-10 4:28:50 PM - System Checkpoint
RP176: 26-Dec-10 4:29:46 PM - System Checkpoint
RP177: 27-Dec-10 5:10:38 PM - System Checkpoint
RP178: 28-Dec-10 6:24:28 PM - System Checkpoint
RP179: 29-Dec-10 6:40:59 PM - System Checkpoint
RP180: 30-Dec-10 8:29:55 PM - System Checkpoint
RP181: 31-Dec-10 9:30:57 PM - System Checkpoint
RP182: 01-Jan-11 9:55:36 PM - System Checkpoint
RP183: 02-Jan-11 11:00:36 PM - System Checkpoint
RP184: 03-Jan-11 1:32:30 AM - Installed Google SketchUp 8
RP185: 04-Jan-11 1:36:05 AM - System Checkpoint
RP186: 05-Jan-11 2:25:06 AM - System Checkpoint
RP187: 06-Jan-11 2:44:14 AM - System Checkpoint
RP188: 07-Jan-11 2:48:27 AM - System Checkpoint
RP189: 08-Jan-11 4:27:33 PM - System Checkpoint
==== Installed Programs ======================
µTorrent
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe Shockwave Player 11
Altysoft Free Video Converter 2.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applian FLV Player
Avira AntiVir Personal - Free Antivirus
Bonjour
C-motech Connection Manager(CCU650)
Canon MP Navigator EX 3.0
Canon MP250 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner (remove only)
ClearType Tuning Control Panel Applet
CopyTrans Suite Remove Only
Everything 1.2.1.371
ffdshow [rev 735] [2007-01-02]
Foxit PDF Editor
Foxit Reader
GoodSync
Google Chrome
Google Earth
Google SketchUp 8
Google SketchUp Pro 7
Google Update Helper
GoogleDesktop
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hotspot Shield 1.56
Image Resizer Powertoy for Windows XP
iTunes
Java Auto Updater
Java(TM) 6 Update 22
K-Lite Mega Codec Pack 4.1.6
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MIKSOFT Mobile Media Converter
MobileMe Control Panel
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
Picasa 3
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Skype™ 4.0
Smart Defrag
Software Update for Web Folders
SopCast 3.2.9
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Switch Sound File Converter
Thai2English
The KMPlayer (remove only)
unikode for Thai
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
Veetle TV 0.9.18
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinX DVD Author 5.5.8
ZoneAlarm
ZoneAlarm Toolbar
==== Event Viewer Messages From Past Week ========
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The NMSAccessU service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The Hotspot Shield Monitoring Service service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7031] - The Hotspot Shield Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08-Jan-11 5:56:37 PM, error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08-Jan-11 5:56:37 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07-Jan-11 7:47:52 PM, error: Dhcp [1002] - The IP address lease 10.76.16.45 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.76.127.254 (The DHCP Server sent a DHCPNACK message).
07-Jan-11 4:40:38 PM, error: Dhcp [1002] - The IP address lease 10.63.16.7 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.76.23.254 (The DHCP Server sent a DHCPNACK message).
07-Jan-11 11:08:28 PM, error: Dhcp [1002] - The IP address lease 10.76.120.49 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.76.23.254 (The DHCP Server sent a DHCPNACK message).
06-Jan-11 2:47:16 AM, error: Dhcp [1002] - The IP address lease 10.63.8.32 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.63.23.254 (The DHCP Server sent a DHCPNACK message).
05-Jan-11 12:54:45 AM, error: Print [6161] - The document KBA_2009_price_list.xls owned by Buzzzzz failed to print on printer Canon MP250 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 1905796. Number of bytes printed: 144152. Total number of pages in the document: 11. Number of pages printed: 0. Client machine: \\W-924BCAF39F124. Win32 error code returned by the print processor: 13 (0xd).
05-Jan-11 11:15:10 PM, error: Dhcp [1002] - The IP address lease 10.42.24.107 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.63.15.254 (The DHCP Server sent a DHCPNACK message).
05-Jan-11 1:23:12 AM, error: Dhcp [1002] - The IP address lease 10.42.48.76 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.42.31.254 (The DHCP Server sent a DHCPNACK message).
04-Jan-11 8:04:22 PM, error: Dhcp [1002] - The IP address lease 10.42.48.115 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.42.55.254 (The DHCP Server sent a DHCPNACK message).
04-Jan-11 4:04:12 PM, error: Dhcp [1002] - The IP address lease 10.25.48.80 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.42.55.254 (The DHCP Server sent a DHCPNACK message).
04-Jan-11 2:40:35 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
04-Jan-11 2:34:48 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0021853BFF19 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
==== End Of File ===========================
many thanks & kind regards,
Buzz
Started my comp yesterday and Avira popped-up saying a had this trojan TR/DROP.TDss.way ... A0050325.exe
I did as Avira instructed.
Ran Super Anit-Spyware - no probs
Ran Spybot - no probs
My comp seems to running fine.
Here are the logs from the updated 8 step instructions:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5481
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08-Jan-11 6:08:00 PM
mbam-log-2011-01-08 (18-08-00).txt
Scan type: Quick scan
Objects scanned: 148438
Time elapsed: 2 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
..........................................................
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-08 20:48:37
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts1Port3Path0Target0Lun0 WDC_WD32 rev.01.0
Running: yx3lkee8.exe; Driver: C:\DOCUME~1\Buzzzzz\LOCALS~1\Temp\kgpyikog.sys
---- Devices - GMER 1.0.15 ----
Device \Driver\Tcpip \Device\Ip vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
---- EOF - GMER 1.0.15 ----
............................................................
DDS (Ver_10-12-12.02) - NTFSx86
Run by Buzzzzz at 15:17:08.53 on 09-Jan-11
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2478 [GMT 7:00]
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *Enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Digiarty\WinX DVD Author 5.5\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Buzzzzz\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = about:blank
uInternet Settings,ProxyOverride = local;*.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} - c:\documents and settings\buzzzzz\application data\mozilla\firefox\profiles\jjg4pz97.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [Google Update] "c:\documents and settings\buzzzzz\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\buzzzzz\applic~1\mozilla\firefox\profiles\jjg4pz97.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.gmail.com/ncr
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\buzzzzz\application data\mozilla\firefox\profiles\jjg4pz97.default\extensions\cfxhelper@triton\components\dwmxpcom.dll
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
FF - component: c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
FF - plugin: c:\documents and settings\buzzzzz\application data\mozilla\firefox\profiles\jjg4pz97.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\buzzzzz\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: afurladvisor: afurladvisor@anchorfree.com - c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\checkpoint\zaforcefield\TrustChecker
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - %profile%\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
FF - Ext: AvantGarde Skylight: {d62e0de0-401b-11dd-ae16-0800200c9a66} - %profile%\extensions\{d62e0de0-401b-11dd-ae16-0800200c9a66}
FF - Ext: Office Black: Office2007Black@JBBS - %profile%\extensions\Office2007Black@JBBS
FF - Ext: Chromifox Basic: chromifox@altmusictv.com - %profile%\extensions\chromifox@altmusictv.com
FF - Ext: AvantGarde Nightlife: {3fb63340-652a-11dd-ad8b-0800200c9a66} - %profile%\extensions\{3fb63340-652a-11dd-ad8b-0800200c9a66}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Chromifox Companion: cfxHelper@Triton - %profile%\extensions\cfxHelper@Triton
FF - Ext: Chromifox Extreme: cfxe@Triton - %profile%\extensions\cfxe@Triton
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Virtus Search Opt-in: extension@virtusdesigns.com - %profile%\extensions\extension@virtusdesigns.com
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-11-16 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-9-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 74480]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2008-12-5 532224]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-11-16 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-11-16 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-11-16 61960]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe -product hss --> c:\program files\hotspot shield\bin\hsswd.exe -product HSS [?]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 493032]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-21 133104]
S3 cmo_bus;Data Modem @ CDMA Composite Device driver (WDM);c:\windows\system32\drivers\cmo_bus.sys [2009-2-9 58352]
S3 cmo_mdfl;Data Modem @ CDMA Filter;c:\windows\system32\drivers\cmo_mdfl.sys [2009-2-9 8304]
S3 cmo_mdm;Data Modem @ CDMA Drivers;c:\windows\system32\drivers\cmo_mdm.sys [2009-2-9 93904]
S3 cmo_serd;Data Modem @ CDMA Second DS Port (WDM);c:\windows\system32\drivers\cmo_serd.sys [2009-2-9 73696]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 7408]
=============== Created Last 30 ================
2011-01-08 10:48:56 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-08 10:48:51 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-08 10:48:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-25 20:26:38 -------- d-----w- c:\windows\system32\NtmsData
2010-12-19 18:29:15 81920 -c----w- c:\windows\system32\dllcache\isign32.dll
2010-12-19 18:24:44 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-19 18:22:00 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-11 06:14:13 -------- d-----w- c:\docume~1\buzzzzz\applic~1\Avira
==================== Find3M ====================
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 15:18:47.78 ===============
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 03-Dec-08 1:00:14 AM
System Uptime: 08-Jan-11 5:57:52 PM (22 hours ago)
Motherboard: ACER | | MCP73VE
Processor: Intel Pentium III Xeon processor | SOCKET775 M/B | 2499/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 250 GiB total, 139.562 GiB free.
D: is FIXED (NTFS) - 48 GiB total, 32.444 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&1624BDC1&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&1624BDC1&0
Service: i8042prt
==== System Restore Points ===================
RP104: 12-Oct-10 5:18:22 PM - System Checkpoint
RP105: 13-Oct-10 6:34:29 PM - System Checkpoint
RP106: 14-Oct-10 5:34:59 PM - Software Distribution Service 3.0
RP107: 15-Oct-10 7:11:52 PM - System Checkpoint
RP108: 16-Oct-10 8:37:01 PM - System Checkpoint
RP109: 17-Oct-10 4:22:46 PM - Installed Java(TM) 6 Update 22
RP110: 18-Oct-10 4:50:54 PM - System Checkpoint
RP111: 19-Oct-10 4:58:08 PM - System Checkpoint
RP112: 20-Oct-10 6:05:49 PM - System Checkpoint
RP113: 21-Oct-10 6:47:16 PM - System Checkpoint
RP114: 22-Oct-10 7:58:25 PM - System Checkpoint
RP115: 23-Oct-10 8:53:20 PM - System Checkpoint
RP116: 24-Oct-10 8:54:21 PM - System Checkpoint
RP117: 25-Oct-10 9:21:10 PM - System Checkpoint
RP118: 26-Oct-10 10:15:25 PM - System Checkpoint
RP119: 27-Oct-10 10:28:01 PM - System Checkpoint
RP120: 28-Oct-10 10:55:49 PM - System Checkpoint
RP121: 30-Oct-10 7:44:28 PM - System Checkpoint
RP122: 31-Oct-10 5:05:08 AM - Software Distribution Service 3.0
RP123: 01-Nov-10 10:20:41 AM - System Checkpoint
RP124: 04-Nov-10 6:16:06 PM - System Checkpoint
RP125: 05-Nov-10 8:34:20 PM - System Checkpoint
RP126: 06-Nov-10 9:14:03 PM - System Checkpoint
RP127: 07-Nov-10 10:06:55 PM - System Checkpoint
RP128: 08-Nov-10 10:23:45 PM - System Checkpoint
RP129: 09-Nov-10 11:23:23 PM - System Checkpoint
RP130: 11-Nov-10 12:37:33 AM - System Checkpoint
RP131: 12-Nov-10 1:01:39 AM - System Checkpoint
RP132: 13-Nov-10 1:10:51 AM - System Checkpoint
RP133: 13-Nov-10 3:40:52 AM - Software Distribution Service 3.0
RP134: 14-Nov-10 4:12:46 AM - System Checkpoint
RP135: 15-Nov-10 4:41:18 AM - System Checkpoint
RP136: 16-Nov-10 12:22:21 AM - Installed Google SketchUp Pro 7
RP137: 16-Nov-10 12:22:43 AM - Removed Google SketchUp 7
RP138: 17-Nov-10 12:42:09 AM - System Checkpoint
RP139: 18-Nov-10 2:13:57 AM - System Checkpoint
RP140: 19-Nov-10 2:17:26 AM - System Checkpoint
RP141: 20-Nov-10 2:52:32 AM - System Checkpoint
RP142: 21-Nov-10 1:58:16 PM - System Checkpoint
RP143: 22-Nov-10 2:02:31 PM - System Checkpoint
RP144: 23-Nov-10 2:33:54 PM - System Checkpoint
RP145: 24-Nov-10 3:49:45 PM - System Checkpoint
RP146: 25-Nov-10 4:46:00 PM - System Checkpoint
RP147: 26-Nov-10 6:32:32 PM - System Checkpoint
RP148: 27-Nov-10 7:26:33 PM - System Checkpoint
RP149: 28-Nov-10 7:34:12 PM - System Checkpoint
RP150: 29-Nov-10 7:40:57 PM - System Checkpoint
RP151: 30-Nov-10 8:35:03 PM - System Checkpoint
RP152: 01-Dec-10 9:14:57 PM - System Checkpoint
RP153: 02-Dec-10 9:35:08 PM - System Checkpoint
RP154: 03-Dec-10 10:19:23 PM - System Checkpoint
RP155: 04-Dec-10 11:27:27 PM - System Checkpoint
RP156: 06-Dec-10 12:37:47 AM - System Checkpoint
RP157: 07-Dec-10 1:14:07 AM - System Checkpoint
RP158: 08-Dec-10 1:16:35 AM - System Checkpoint
RP159: 09-Dec-10 2:53:39 AM - System Checkpoint
RP160: 10-Dec-10 5:00:17 AM - System Checkpoint
RP161: 11-Dec-10 12:17:08 PM - System Checkpoint
RP162: 12-Dec-10 12:47:34 PM - System Checkpoint
RP163: 13-Dec-10 5:55:46 PM - System Checkpoint
RP164: 14-Dec-10 6:04:04 PM - System Checkpoint
RP165: 15-Dec-10 6:50:50 PM - System Checkpoint
RP166: 16-Dec-10 7:17:16 PM - System Checkpoint
RP167: 17-Dec-10 9:57:23 PM - System Checkpoint
RP168: 18-Dec-10 10:35:06 PM - System Checkpoint
RP169: 19-Dec-10 10:36:11 PM - System Checkpoint
RP170: 20-Dec-10 1:34:25 AM - Software Distribution Service 3.0
RP171: 21-Dec-10 2:53:52 AM - System Checkpoint
RP172: 22-Dec-10 6:24:21 AM - System Checkpoint
RP173: 23-Dec-10 7:14:03 AM - System Checkpoint
RP174: 24-Dec-10 4:24:27 PM - System Checkpoint
RP175: 25-Dec-10 4:28:50 PM - System Checkpoint
RP176: 26-Dec-10 4:29:46 PM - System Checkpoint
RP177: 27-Dec-10 5:10:38 PM - System Checkpoint
RP178: 28-Dec-10 6:24:28 PM - System Checkpoint
RP179: 29-Dec-10 6:40:59 PM - System Checkpoint
RP180: 30-Dec-10 8:29:55 PM - System Checkpoint
RP181: 31-Dec-10 9:30:57 PM - System Checkpoint
RP182: 01-Jan-11 9:55:36 PM - System Checkpoint
RP183: 02-Jan-11 11:00:36 PM - System Checkpoint
RP184: 03-Jan-11 1:32:30 AM - Installed Google SketchUp 8
RP185: 04-Jan-11 1:36:05 AM - System Checkpoint
RP186: 05-Jan-11 2:25:06 AM - System Checkpoint
RP187: 06-Jan-11 2:44:14 AM - System Checkpoint
RP188: 07-Jan-11 2:48:27 AM - System Checkpoint
RP189: 08-Jan-11 4:27:33 PM - System Checkpoint
==== Installed Programs ======================
µTorrent
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe Shockwave Player 11
Altysoft Free Video Converter 2.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applian FLV Player
Avira AntiVir Personal - Free Antivirus
Bonjour
C-motech Connection Manager(CCU650)
Canon MP Navigator EX 3.0
Canon MP250 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner (remove only)
ClearType Tuning Control Panel Applet
CopyTrans Suite Remove Only
Everything 1.2.1.371
ffdshow [rev 735] [2007-01-02]
Foxit PDF Editor
Foxit Reader
GoodSync
Google Chrome
Google Earth
Google SketchUp 8
Google SketchUp Pro 7
Google Update Helper
GoogleDesktop
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hotspot Shield 1.56
Image Resizer Powertoy for Windows XP
iTunes
Java Auto Updater
Java(TM) 6 Update 22
K-Lite Mega Codec Pack 4.1.6
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MIKSOFT Mobile Media Converter
MobileMe Control Panel
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
Picasa 3
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Skype™ 4.0
Smart Defrag
Software Update for Web Folders
SopCast 3.2.9
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Switch Sound File Converter
Thai2English
The KMPlayer (remove only)
unikode for Thai
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
Veetle TV 0.9.18
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinX DVD Author 5.5.8
ZoneAlarm
ZoneAlarm Toolbar
==== Event Viewer Messages From Past Week ========
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The NMSAccessU service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7034] - The Hotspot Shield Monitoring Service service terminated unexpectedly. It has done this 1 time(s).
08-Jan-11 5:56:37 PM, error: Service Control Manager [7031] - The Hotspot Shield Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08-Jan-11 5:56:37 PM, error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08-Jan-11 5:56:37 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07-Jan-11 7:47:52 PM, error: Dhcp [1002] - The IP address lease 10.76.16.45 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.76.127.254 (The DHCP Server sent a DHCPNACK message).
07-Jan-11 4:40:38 PM, error: Dhcp [1002] - The IP address lease 10.63.16.7 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.76.23.254 (The DHCP Server sent a DHCPNACK message).
07-Jan-11 11:08:28 PM, error: Dhcp [1002] - The IP address lease 10.76.120.49 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.76.23.254 (The DHCP Server sent a DHCPNACK message).
06-Jan-11 2:47:16 AM, error: Dhcp [1002] - The IP address lease 10.63.8.32 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.63.23.254 (The DHCP Server sent a DHCPNACK message).
05-Jan-11 12:54:45 AM, error: Print [6161] - The document KBA_2009_price_list.xls owned by Buzzzzz failed to print on printer Canon MP250 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 1905796. Number of bytes printed: 144152. Total number of pages in the document: 11. Number of pages printed: 0. Client machine: \\W-924BCAF39F124. Win32 error code returned by the print processor: 13 (0xd).
05-Jan-11 11:15:10 PM, error: Dhcp [1002] - The IP address lease 10.42.24.107 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.63.15.254 (The DHCP Server sent a DHCPNACK message).
05-Jan-11 1:23:12 AM, error: Dhcp [1002] - The IP address lease 10.42.48.76 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.42.31.254 (The DHCP Server sent a DHCPNACK message).
04-Jan-11 8:04:22 PM, error: Dhcp [1002] - The IP address lease 10.42.48.115 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.42.55.254 (The DHCP Server sent a DHCPNACK message).
04-Jan-11 4:04:12 PM, error: Dhcp [1002] - The IP address lease 10.25.48.80 for the Network Card with network address 00FFD9A926A4 has been denied by the DHCP server 10.42.55.254 (The DHCP Server sent a DHCPNACK message).
04-Jan-11 2:40:35 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
04-Jan-11 2:34:48 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0021853BFF19 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
==== End Of File ===========================
many thanks & kind regards,
Buzz