I have a Windows XP SP3 machine that is running IE8. Recently I noticed a slow down in the system after I start IE. Looking in the task manager I see multiple copies of IE running and using a lot of RAM. After I exit IE, multiple copies are still running and I get a error that IE crashed.
I followed the 5 steps and here are my logs. Any help would be greatly appreciated.
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.03.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Johnny :: EJS1 [limited]
4/6/2012 4:48:23 PM
mbam-log-2012-04-06 (16-48-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 152236
Time elapsed: 11 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Documents and Settings\Johnny\Local Settings\Temp\arg259881.exe (Exploit.Drop) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-06 18:15:03
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-8 WDC_WD600BB-00CAA1 rev.17.07W17
Running: 69e8ueid.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxtdapog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA5236F3C]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA5236FE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA5237080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA523711C]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB50C7000, 0x2C8F24, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 01219720 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 0144E21B C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] kernel32.dll!MapViewOfFile 7C80B9A5 5 Bytes JMP 0144E1F4 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] GDI32.dll!CreateDIBSection 77F19E19 5 Bytes JMP 0144E17E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!SetWindowLongA 7E42C29D 5 Bytes JMP 106775F7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!SetWindowLongW 7E42C2BB 5 Bytes JMP 10677589 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!GetWindowInfo 7E42C49C 5 Bytes JMP 1044FE0A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 104503C5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 PE file @ sector 117210303
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 18:16:01 on 2012-04-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1103 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [cdloader] "c:\documents and settings\administrator\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{424F2D3C-33C4-4DCF-B208-BA5A8F3A7F33} : DhcpNameServer = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\dc89d9lx.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-4-18 13696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-4-2 100368]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 253600]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-4-18 1684736]
S3 cpuz134;cpuz134;\??\c:\docume~1\admini~1\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\admini~1\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 135664]
.
=============== Created Last 30 ================
.
2012-04-06 22:58:57 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Mozilla
2012-04-06 22:51:14 -------- d-----w- c:\documents and settings\administrator\AppData
2012-04-06 22:31:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-06 22:28:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-04-06 22:28:53 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-04-03 06:04:10 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2012-04-03 04:30:53 100368 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2012-04-03 04:30:10 956160 ----a-w- c:\windows\system32\ativvamv.dll
2012-04-03 04:30:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-04-03 04:29:34 -------- d-----w- c:\program files\ATI
2012-04-03 04:28:34 -------- d-----w- C:\AMD
2012-04-03 04:02:10 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-03 03:36:03 388096 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-04-03 03:36:02 -------- d-----w- c:\program files\Trend Micro
2012-04-03 02:40:37 -------- d-sh--w- c:\documents and settings\administrator\IECompatCache
2012-04-03 02:19:49 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2012-04-03 02:19:36 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 02:19:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-03 02:19:36 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-04-03 02:18:38 -------- d-----w- C:\downloads
.
==================== Find3M ====================
.
2012-04-06 23:55:07 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-06 22:31:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-09 06:22:00 7586304 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-03-09 06:14:42 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2012-03-09 05:19:48 19959808 ----a-w- c:\windows\system32\atioglxx.dll
2012-03-09 05:02:24 5358304 ----a-w- c:\windows\system32\ati3duag.dll
2012-03-09 04:36:12 4155520 ----a-w- c:\windows\system32\ativvaxx.dll
2012-03-09 04:24:58 638976 ----a-w- c:\windows\system32\atiok3x2.dll
2012-03-09 04:21:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 04:20:04 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 04:18:40 305152 ----a-w- c:\windows\system32\ati2dvag.dll
2012-03-09 04:12:20 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-03-09 04:12:20 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-03-09 03:52:28 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-03-09 03:52:12 159744 ----a-w- c:\windows\system32\Oemdspif.dll
2012-03-09 03:52:00 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-03-09 03:51:52 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-03-09 03:51:36 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-03-09 03:50:00 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-03-09 03:48:28 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-03-09 03:41:34 847872 ----a-w- c:\windows\system32\atikvmag.dll
2012-03-09 03:36:30 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:36:08 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-03-09 03:29:24 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 18:16:24.54 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/18/2010 11:56:45 AM
System Uptime: 4/6/2012 5:02:20 PM (1 hours ago)
.
Motherboard: BIOSTAR Group | | TA785G3
Processor: AMD Athlon(tm) II X3 435 Processor | CPU 1 | 2900/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 56 GiB total, 40.464 GiB free.
D: is CDROM ()
Z: is NetworkDisk (NTFS) - 458 GiB total, 170.211 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP641: 1/7/2012 10:41:42 PM - System Checkpoint
RP642: 1/8/2012 11:41:42 PM - System Checkpoint
RP643: 1/10/2012 12:41:42 AM - System Checkpoint
RP644: 1/11/2012 1:41:42 AM - System Checkpoint
RP645: 1/12/2012 2:41:39 AM - System Checkpoint
RP646: 1/12/2012 3:00:16 AM - Software Distribution Service 3.0
RP647: 1/13/2012 3:31:36 AM - System Checkpoint
RP648: 1/14/2012 3:36:07 AM - System Checkpoint
RP649: 1/15/2012 4:36:07 AM - System Checkpoint
RP650: 1/16/2012 5:36:10 AM - System Checkpoint
RP651: 1/17/2012 6:35:05 AM - System Checkpoint
RP652: 1/18/2012 7:35:04 AM - System Checkpoint
RP653: 1/19/2012 8:35:09 AM - System Checkpoint
RP654: 1/20/2012 9:35:06 AM - System Checkpoint
RP655: 1/21/2012 10:36:07 AM - System Checkpoint
RP656: 1/22/2012 11:57:59 AM - System Checkpoint
RP657: 1/23/2012 12:35:02 PM - System Checkpoint
RP658: 1/24/2012 1:35:07 PM - System Checkpoint
RP659: 1/25/2012 2:35:02 PM - System Checkpoint
RP660: 1/26/2012 3:00:16 AM - Software Distribution Service 3.0
RP661: 1/27/2012 3:21:44 AM - System Checkpoint
RP662: 1/28/2012 4:21:44 AM - System Checkpoint
RP663: 1/29/2012 5:21:44 AM - System Checkpoint
RP664: 1/30/2012 6:21:47 AM - System Checkpoint
RP665: 1/30/2012 8:48:45 PM - Removed Adobe Reader 7.0
RP666: 1/30/2012 8:48:56 PM - Installed Adobe Reader 9.5.0.
RP667: 1/31/2012 10:29:52 PM - System Checkpoint
RP668: 2/1/2012 10:31:31 PM - System Checkpoint
RP669: 2/2/2012 10:56:32 PM - System Checkpoint
RP670: 2/3/2012 11:55:27 PM - System Checkpoint
RP671: 2/5/2012 12:55:27 AM - System Checkpoint
RP672: 2/6/2012 1:55:28 AM - System Checkpoint
RP673: 2/7/2012 2:50:47 AM - System Checkpoint
RP674: 2/8/2012 3:50:47 AM - System Checkpoint
RP675: 2/9/2012 4:50:47 AM - System Checkpoint
RP676: 2/10/2012 5:50:47 AM - System Checkpoint
RP677: 2/11/2012 6:50:47 AM - System Checkpoint
RP678: 2/12/2012 7:50:50 AM - System Checkpoint
RP679: 2/13/2012 8:50:50 AM - System Checkpoint
RP680: 2/14/2012 9:50:47 AM - System Checkpoint
RP681: 2/15/2012 10:50:51 AM - System Checkpoint
RP682: 2/16/2012 3:00:13 AM - Software Distribution Service 3.0
RP683: 2/17/2012 3:29:26 AM - System Checkpoint
RP684: 2/18/2012 4:29:24 AM - System Checkpoint
RP685: 2/19/2012 5:29:26 AM - System Checkpoint
RP686: 2/20/2012 6:29:26 AM - System Checkpoint
RP687: 2/21/2012 7:29:24 AM - System Checkpoint
RP688: 2/22/2012 8:29:26 AM - System Checkpoint
RP689: 2/23/2012 9:53:07 AM - System Checkpoint
RP690: 2/24/2012 10:29:24 AM - System Checkpoint
RP691: 2/25/2012 11:29:26 AM - System Checkpoint
RP692: 2/26/2012 12:53:09 PM - System Checkpoint
RP693: 2/27/2012 1:33:13 PM - System Checkpoint
RP694: 2/28/2012 2:29:24 PM - System Checkpoint
RP695: 2/29/2012 3:29:24 PM - System Checkpoint
RP696: 3/1/2012 4:41:27 PM - System Checkpoint
RP697: 3/2/2012 5:21:08 PM - System Checkpoint
RP698: 3/3/2012 5:29:23 PM - System Checkpoint
RP699: 3/4/2012 6:29:23 PM - System Checkpoint
RP700: 3/5/2012 6:36:36 PM - System Checkpoint
RP701: 3/6/2012 7:42:56 PM - System Checkpoint
RP702: 3/7/2012 8:29:24 PM - System Checkpoint
RP703: 3/8/2012 9:37:48 PM - System Checkpoint
RP704: 3/9/2012 10:29:23 PM - System Checkpoint
RP705: 3/10/2012 11:38:42 PM - System Checkpoint
RP706: 3/12/2012 12:29:26 AM - System Checkpoint
RP707: 3/13/2012 1:29:27 AM - System Checkpoint
RP708: 3/14/2012 2:29:26 AM - System Checkpoint
RP709: 3/14/2012 3:00:15 AM - Software Distribution Service 3.0
RP710: 3/15/2012 3:04:41 AM - System Checkpoint
RP711: 3/16/2012 4:04:44 AM - System Checkpoint
RP712: 3/17/2012 5:04:41 AM - System Checkpoint
RP713: 3/18/2012 6:04:43 AM - System Checkpoint
RP714: 3/19/2012 7:04:40 AM - System Checkpoint
RP715: 3/20/2012 8:04:41 AM - System Checkpoint
RP716: 3/21/2012 9:04:44 AM - System Checkpoint
RP717: 3/22/2012 10:04:41 AM - System Checkpoint
RP718: 3/23/2012 11:04:44 AM - System Checkpoint
RP719: 3/24/2012 12:04:44 PM - System Checkpoint
RP720: 3/25/2012 1:04:40 PM - System Checkpoint
RP721: 3/26/2012 2:04:44 PM - System Checkpoint
RP722: 3/27/2012 3:05:49 PM - System Checkpoint
RP723: 3/28/2012 5:15:20 PM - System Checkpoint
RP724: 3/29/2012 5:32:45 PM - System Checkpoint
RP725: 3/30/2012 6:04:41 PM - System Checkpoint
RP726: 3/31/2012 6:23:15 PM - System Checkpoint
RP727: 4/1/2012 6:30:10 PM - System Checkpoint
RP728: 4/2/2012 8:36:01 PM - Installed HiJackThis
RP729: 4/3/2012 9:47:12 PM - System Checkpoint
RP730: 4/4/2012 10:19:21 PM - System Checkpoint
RP731: 4/5/2012 11:10:27 PM - System Checkpoint
RP732: 4/6/2012 3:30:34 PM - Removed Java(TM) 6 Update 20
RP733: 4/6/2012 3:30:44 PM - Installed Java(TM) 6 Update 31
RP734: 4/6/2012 3:51:49 PM - PC Decrapifier Restore Point
.
==== Installed Programs ======================
.
7-Zip 4.65
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
AMD Catalyst Install Manager
AMD Processor Driver
ATI Catalyst Control Center
ATI Parental Control & Encoder
AVG 2012
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Eusing Free Registry Cleaner
Foxit Reader 5.1
Google Update Helper
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java Auto Updater
Java(TM) 6 Update 31
magicJack
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2000 Premium
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 11.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
PC Camera
PrimoPDF -- brought to you by Nitro PDF Software
QuickBooks Product Listing Service
QuickBooks Simple Start Edition
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2530548)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skins
Skype™ 3.8
Spybot - Search & Destroy
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
4/2/2012 10:27:34 PM, error: TermServDevices [1111] - Driver Microsoft Shared Fax Driver required for printer Fax is unknown. Contact the administrator to install the driver before you log in again.
4/2/2012 10:27:34 PM, error: TermServDevices [1111] - Driver HP Universal Printing PS required for printer HP Laserjet 1200 PS is unknown. Contact the administrator to install the driver before you log in again.
4/2/2012 10:27:34 PM, error: TermServDevices [1111] - Driver Bullzip PDF Printer required for printer Bullzip PDF Printer is unknown. Contact the administrator to install the driver before you log in again.
.
==== End Of File ===========================
I followed the 5 steps and here are my logs. Any help would be greatly appreciated.
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.03.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Johnny :: EJS1 [limited]
4/6/2012 4:48:23 PM
mbam-log-2012-04-06 (16-48-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 152236
Time elapsed: 11 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Documents and Settings\Johnny\Local Settings\Temp\arg259881.exe (Exploit.Drop) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-06 18:15:03
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-8 WDC_WD600BB-00CAA1 rev.17.07W17
Running: 69e8ueid.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxtdapog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA5236F3C]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA5236FE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA5237080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA523711C]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB50C7000, 0x2C8F24, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 01219720 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 0144E21B C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] kernel32.dll!MapViewOfFile 7C80B9A5 5 Bytes JMP 0144E1F4 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2356] GDI32.dll!CreateDIBSection 77F19E19 5 Bytes JMP 0144E17E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!SetWindowLongA 7E42C29D 5 Bytes JMP 106775F7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!SetWindowLongW 7E42C2BB 5 Bytes JMP 10677589 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!GetWindowInfo 7E42C49C 5 Bytes JMP 1044FE0A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3264] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 104503C5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 PE file @ sector 117210303
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 18:16:01 on 2012-04-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1103 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [cdloader] "c:\documents and settings\administrator\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{424F2D3C-33C4-4DCF-B208-BA5A8F3A7F33} : DhcpNameServer = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\dc89d9lx.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-4-18 13696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-4-2 100368]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 253600]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-4-18 1684736]
S3 cpuz134;cpuz134;\??\c:\docume~1\admini~1\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\admini~1\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 135664]
.
=============== Created Last 30 ================
.
2012-04-06 22:58:57 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Mozilla
2012-04-06 22:51:14 -------- d-----w- c:\documents and settings\administrator\AppData
2012-04-06 22:31:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-06 22:28:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-04-06 22:28:53 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-04-03 06:04:10 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2012-04-03 04:30:53 100368 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2012-04-03 04:30:10 956160 ----a-w- c:\windows\system32\ativvamv.dll
2012-04-03 04:30:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-04-03 04:29:34 -------- d-----w- c:\program files\ATI
2012-04-03 04:28:34 -------- d-----w- C:\AMD
2012-04-03 04:02:10 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-03 03:36:03 388096 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-04-03 03:36:02 -------- d-----w- c:\program files\Trend Micro
2012-04-03 02:40:37 -------- d-sh--w- c:\documents and settings\administrator\IECompatCache
2012-04-03 02:19:49 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2012-04-03 02:19:36 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 02:19:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-03 02:19:36 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-04-03 02:18:38 -------- d-----w- C:\downloads
.
==================== Find3M ====================
.
2012-04-06 23:55:07 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-06 22:31:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-09 06:22:00 7586304 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-03-09 06:14:42 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2012-03-09 05:19:48 19959808 ----a-w- c:\windows\system32\atioglxx.dll
2012-03-09 05:02:24 5358304 ----a-w- c:\windows\system32\ati3duag.dll
2012-03-09 04:36:12 4155520 ----a-w- c:\windows\system32\ativvaxx.dll
2012-03-09 04:24:58 638976 ----a-w- c:\windows\system32\atiok3x2.dll
2012-03-09 04:21:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 04:20:04 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 04:18:40 305152 ----a-w- c:\windows\system32\ati2dvag.dll
2012-03-09 04:12:20 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-03-09 04:12:20 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-03-09 03:52:28 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-03-09 03:52:12 159744 ----a-w- c:\windows\system32\Oemdspif.dll
2012-03-09 03:52:00 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-03-09 03:51:52 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-03-09 03:51:36 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-03-09 03:50:00 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-03-09 03:48:28 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-03-09 03:41:34 847872 ----a-w- c:\windows\system32\atikvmag.dll
2012-03-09 03:36:30 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:36:08 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-03-09 03:29:24 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 18:16:24.54 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/18/2010 11:56:45 AM
System Uptime: 4/6/2012 5:02:20 PM (1 hours ago)
.
Motherboard: BIOSTAR Group | | TA785G3
Processor: AMD Athlon(tm) II X3 435 Processor | CPU 1 | 2900/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 56 GiB total, 40.464 GiB free.
D: is CDROM ()
Z: is NetworkDisk (NTFS) - 458 GiB total, 170.211 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP641: 1/7/2012 10:41:42 PM - System Checkpoint
RP642: 1/8/2012 11:41:42 PM - System Checkpoint
RP643: 1/10/2012 12:41:42 AM - System Checkpoint
RP644: 1/11/2012 1:41:42 AM - System Checkpoint
RP645: 1/12/2012 2:41:39 AM - System Checkpoint
RP646: 1/12/2012 3:00:16 AM - Software Distribution Service 3.0
RP647: 1/13/2012 3:31:36 AM - System Checkpoint
RP648: 1/14/2012 3:36:07 AM - System Checkpoint
RP649: 1/15/2012 4:36:07 AM - System Checkpoint
RP650: 1/16/2012 5:36:10 AM - System Checkpoint
RP651: 1/17/2012 6:35:05 AM - System Checkpoint
RP652: 1/18/2012 7:35:04 AM - System Checkpoint
RP653: 1/19/2012 8:35:09 AM - System Checkpoint
RP654: 1/20/2012 9:35:06 AM - System Checkpoint
RP655: 1/21/2012 10:36:07 AM - System Checkpoint
RP656: 1/22/2012 11:57:59 AM - System Checkpoint
RP657: 1/23/2012 12:35:02 PM - System Checkpoint
RP658: 1/24/2012 1:35:07 PM - System Checkpoint
RP659: 1/25/2012 2:35:02 PM - System Checkpoint
RP660: 1/26/2012 3:00:16 AM - Software Distribution Service 3.0
RP661: 1/27/2012 3:21:44 AM - System Checkpoint
RP662: 1/28/2012 4:21:44 AM - System Checkpoint
RP663: 1/29/2012 5:21:44 AM - System Checkpoint
RP664: 1/30/2012 6:21:47 AM - System Checkpoint
RP665: 1/30/2012 8:48:45 PM - Removed Adobe Reader 7.0
RP666: 1/30/2012 8:48:56 PM - Installed Adobe Reader 9.5.0.
RP667: 1/31/2012 10:29:52 PM - System Checkpoint
RP668: 2/1/2012 10:31:31 PM - System Checkpoint
RP669: 2/2/2012 10:56:32 PM - System Checkpoint
RP670: 2/3/2012 11:55:27 PM - System Checkpoint
RP671: 2/5/2012 12:55:27 AM - System Checkpoint
RP672: 2/6/2012 1:55:28 AM - System Checkpoint
RP673: 2/7/2012 2:50:47 AM - System Checkpoint
RP674: 2/8/2012 3:50:47 AM - System Checkpoint
RP675: 2/9/2012 4:50:47 AM - System Checkpoint
RP676: 2/10/2012 5:50:47 AM - System Checkpoint
RP677: 2/11/2012 6:50:47 AM - System Checkpoint
RP678: 2/12/2012 7:50:50 AM - System Checkpoint
RP679: 2/13/2012 8:50:50 AM - System Checkpoint
RP680: 2/14/2012 9:50:47 AM - System Checkpoint
RP681: 2/15/2012 10:50:51 AM - System Checkpoint
RP682: 2/16/2012 3:00:13 AM - Software Distribution Service 3.0
RP683: 2/17/2012 3:29:26 AM - System Checkpoint
RP684: 2/18/2012 4:29:24 AM - System Checkpoint
RP685: 2/19/2012 5:29:26 AM - System Checkpoint
RP686: 2/20/2012 6:29:26 AM - System Checkpoint
RP687: 2/21/2012 7:29:24 AM - System Checkpoint
RP688: 2/22/2012 8:29:26 AM - System Checkpoint
RP689: 2/23/2012 9:53:07 AM - System Checkpoint
RP690: 2/24/2012 10:29:24 AM - System Checkpoint
RP691: 2/25/2012 11:29:26 AM - System Checkpoint
RP692: 2/26/2012 12:53:09 PM - System Checkpoint
RP693: 2/27/2012 1:33:13 PM - System Checkpoint
RP694: 2/28/2012 2:29:24 PM - System Checkpoint
RP695: 2/29/2012 3:29:24 PM - System Checkpoint
RP696: 3/1/2012 4:41:27 PM - System Checkpoint
RP697: 3/2/2012 5:21:08 PM - System Checkpoint
RP698: 3/3/2012 5:29:23 PM - System Checkpoint
RP699: 3/4/2012 6:29:23 PM - System Checkpoint
RP700: 3/5/2012 6:36:36 PM - System Checkpoint
RP701: 3/6/2012 7:42:56 PM - System Checkpoint
RP702: 3/7/2012 8:29:24 PM - System Checkpoint
RP703: 3/8/2012 9:37:48 PM - System Checkpoint
RP704: 3/9/2012 10:29:23 PM - System Checkpoint
RP705: 3/10/2012 11:38:42 PM - System Checkpoint
RP706: 3/12/2012 12:29:26 AM - System Checkpoint
RP707: 3/13/2012 1:29:27 AM - System Checkpoint
RP708: 3/14/2012 2:29:26 AM - System Checkpoint
RP709: 3/14/2012 3:00:15 AM - Software Distribution Service 3.0
RP710: 3/15/2012 3:04:41 AM - System Checkpoint
RP711: 3/16/2012 4:04:44 AM - System Checkpoint
RP712: 3/17/2012 5:04:41 AM - System Checkpoint
RP713: 3/18/2012 6:04:43 AM - System Checkpoint
RP714: 3/19/2012 7:04:40 AM - System Checkpoint
RP715: 3/20/2012 8:04:41 AM - System Checkpoint
RP716: 3/21/2012 9:04:44 AM - System Checkpoint
RP717: 3/22/2012 10:04:41 AM - System Checkpoint
RP718: 3/23/2012 11:04:44 AM - System Checkpoint
RP719: 3/24/2012 12:04:44 PM - System Checkpoint
RP720: 3/25/2012 1:04:40 PM - System Checkpoint
RP721: 3/26/2012 2:04:44 PM - System Checkpoint
RP722: 3/27/2012 3:05:49 PM - System Checkpoint
RP723: 3/28/2012 5:15:20 PM - System Checkpoint
RP724: 3/29/2012 5:32:45 PM - System Checkpoint
RP725: 3/30/2012 6:04:41 PM - System Checkpoint
RP726: 3/31/2012 6:23:15 PM - System Checkpoint
RP727: 4/1/2012 6:30:10 PM - System Checkpoint
RP728: 4/2/2012 8:36:01 PM - Installed HiJackThis
RP729: 4/3/2012 9:47:12 PM - System Checkpoint
RP730: 4/4/2012 10:19:21 PM - System Checkpoint
RP731: 4/5/2012 11:10:27 PM - System Checkpoint
RP732: 4/6/2012 3:30:34 PM - Removed Java(TM) 6 Update 20
RP733: 4/6/2012 3:30:44 PM - Installed Java(TM) 6 Update 31
RP734: 4/6/2012 3:51:49 PM - PC Decrapifier Restore Point
.
==== Installed Programs ======================
.
7-Zip 4.65
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
AMD Catalyst Install Manager
AMD Processor Driver
ATI Catalyst Control Center
ATI Parental Control & Encoder
AVG 2012
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Eusing Free Registry Cleaner
Foxit Reader 5.1
Google Update Helper
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java Auto Updater
Java(TM) 6 Update 31
magicJack
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2000 Premium
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 11.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
PC Camera
PrimoPDF -- brought to you by Nitro PDF Software
QuickBooks Product Listing Service
QuickBooks Simple Start Edition
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2530548)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skins
Skype™ 3.8
Spybot - Search & Destroy
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
4/2/2012 10:27:34 PM, error: TermServDevices [1111] - Driver Microsoft Shared Fax Driver required for printer Fax is unknown. Contact the administrator to install the driver before you log in again.
4/2/2012 10:27:34 PM, error: TermServDevices [1111] - Driver HP Universal Printing PS required for printer HP Laserjet 1200 PS is unknown. Contact the administrator to install the driver before you log in again.
4/2/2012 10:27:34 PM, error: TermServDevices [1111] - Driver Bullzip PDF Printer required for printer Bullzip PDF Printer is unknown. Contact the administrator to install the driver before you log in again.
.
==== End Of File ===========================