Hi Bobbeye
Thanks a lot for your reply.
I have followed your instructions and the requested logs are as follows ;
MALWAREBYTE'S LOG
------------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5808
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
19/02/2011 8:01:58 PM
mbam-log-2011-02-19 (20-01-58).txt
Scan type: Quick scan
Objects scanned: 135352
Time elapsed: 3 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
--------------------------------------------------------------------------------------
GMER LOG
---------------
GMER 1.0.15.15530 -
http://www.gmer.net
Rootkit quick scan 2011-02-19 20:43:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\iaStor0 TOSHIBA_ rev.LV01
Running: ng8ji9r5.exe; Driver: C:\DOCUME~1\Bob\LOCALS~1\Temp\afgyyfob.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00 (MBR): rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 04: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 29: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 39: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 49: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 60: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sector 62: rootkit-like behavior;
Disk \Device\Harddisk0\DR0 sectors 488396912 (+255): rootkit-like behavior;
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \Device\Ide\IAAStorageDevice-1 -> \??\IDE#DiskTOSHIBA_MK2552GSX_______________________LV010M__#4&4835c41&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- EOF - GMER 1.0.15 ----
-------------------------------------------------------------------------------------------
DDS LOGS
----------------
DDS.txt
--------------------
DDS (Ver_10-12-12.02) - NTFSx86
Run by Bob at 20:51:40.82 on Sat 19/02/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2940.2435 [GMT 11:00]
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
svchost.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Bob\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.scroogle.org/cgi-bin/scraper.htm
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
mRun: [LClock] c:\program files\lclock\LClock.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [TPSMain] TPSMain.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\bob\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bitmet~1.lnk - c:\program files\codebox\bitmeter\BitMeter2.exe
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: schannel.dll, digest.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\bob\applic~1\mozilla\firefox\profiles\ysxhsgrc.default\
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: foof:
foof@foofme.com - %profile%\extensions\foof@foofme.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Boost for Facebook: {47624dda-b77e-4feb-820a-e4f077d5d4ca} - %profile%\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
FF - Ext: FEBE: {4BBDD651-70CF-4821-84F8-2B918CF89CA3} - %profile%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - Ext: Update Notifier: {95f24680-9e31-11da-a746-0800200c9a66} - %profile%\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - %profile%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: Fasterfox: {c36177c0-224a-11da-8cd6-0800200c9a91} - %profile%\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - %profile%\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter:
jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
============= SERVICES / DRIVERS ===============
R0 iastor86;iastor86;c:\windows\system32\drivers\iastor86.sys [2010-4-4 327192]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165264]
R1 MpKsl43f042e4;MpKsl43f042e4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{49316f14-479b-4abb-9e3e-f79c07eac0c1}\mpksl43f042e4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{49316f14-479b-4abb-9e3e-f79c07eac0c1}\MpKsl43f042e4.sys [?]
R1 MpKsl872891a4;MpKsl872891a4;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fc8f4265-4f68-4380-8cc0-7394b6cc0db7}\MpKsl872891a4.sys [2011-2-19 28752]
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [2011-2-19 18816]
S1 MpKsl4d9aa61d;MpKsl4d9aa61d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4df6549-b41a-4cd7-adba-e8ba4d215354}\mpksl4d9aa61d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4df6549-b41a-4cd7-adba-e8ba4d215354}\MpKsl4d9aa61d.sys [?]
S1 MpKsl7d192544;MpKsl7d192544;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7081df1e-4dba-486b-834b-a6ad0f3367da}\mpksl7d192544.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7081df1e-4dba-486b-834b-a6ad0f3367da}\MpKsl7d192544.sys [?]
S1 MpKsl85a0f85d;MpKsl85a0f85d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4df6549-b41a-4cd7-adba-e8ba4d215354}\mpksl85a0f85d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4df6549-b41a-4cd7-adba-e8ba4d215354}\MpKsl85a0f85d.sys [?]
S1 MpKsl88c7a7ac;MpKsl88c7a7ac;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4df6549-b41a-4cd7-adba-e8ba4d215354}\mpksl88c7a7ac.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4df6549-b41a-4cd7-adba-e8ba4d215354}\MpKsl88c7a7ac.sys [?]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\6f.tmp --> c:\windows\system32\6F.tmp [?]
=============== Created Last 30 ================
2011-02-19 09:44:06 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{fc8f4265-4f68-4380-8cc0-7394b6cc0db7}\MpKsl872891a4.sys
2011-02-19 09:43:58 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{fc8f4265-4f68-4380-8cc0-7394b6cc0db7}\mpengine.dll
2011-02-19 08:33:47 18816 ------w- c:\windows\system32\SAVRKBootTasks.sys
2011-02-19 00:29:09 -------- d-----w- c:\program files\Sophos
2011-02-18 13:07:01 553696 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2011-02-18 03:00:36 -------- d-----w- c:\windows\system32\appmgmt
2011-02-13 02:21:11 -------- d-----w- c:\program files\WarZone
2011-02-13 02:18:42 -------- d-----w- c:\program files\Microprose
2011-02-04 10:32:37 -------- d-----w- c:\docume~1\bob\applic~1\Rovio
2011-02-04 10:31:04 761152 ----a-w- c:\windows\system32\msvcr100.dll
2011-01-30 11:12:37 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2011-01-30 11:12:30 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-30 03:57:00 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
==================== Find3M ====================
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-14 13:34:30 315392 ----a-w- c:\windows\HideWin.exe
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-29 06:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 06:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
=================== ROOTKIT ====================
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer,
http://www.gmer.net
Windows 5.1.2600 Disk: TOSHIBA_ rev.LV01 -> Harddisk0\DR0 -> \Device\Ide\iaStor0
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x89A235DC]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x89a297b8]; MOV EAX, [0x89a29834]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A3D9030]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8A3EF428]
\Driver\iaStor[0x8A3F5338] -> IRP_MJ_CREATE -> 0x89A235DC
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; PUSHA ; MOV CX, 0x132; MOV BP, 0x62a; ROR BYTE [BP+0x0], CL; INC BP; }
detected disk devices:
\Device\Ide\IAAStorageDevice-1 -> \??\IDE#DiskTOSHIBA_MK2552GSX_______________________LV010M__#4&4835c41&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user != kernel MBR !!!
sectors 488397166 (+255): user != kernel
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.
============= FINISH: 20:53:22.50 ===============
---------------------------------------------------------------
ATTACH.txt
--------------------------------------
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 14/12/2010 7:49:42 AM
System Uptime: 19/02/2011 7:53:48 PM (1 hours ago)
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | CPU | 1995/667mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 216 GiB total, 90.11 GiB free.
D: is Removable
F: is FIXED (NTFS) - 8 GiB total, 3.508 GiB free.
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS1901\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS1901\2&DABA3FF&0
Service:
==== System Restore Points ===================
RP72: 30/01/2011 2:12:46 AM - System Checkpoint
RP73: 30/01/2011 1:34:24 PM - Software Distribution Service 3.0
RP74: 30/01/2011 10:12:16 PM - Software Distribution Service 3.0
RP75: 31/01/2011 9:58:33 PM - Software Distribution Service 3.0
RP76: 2/02/2011 2:10:51 PM - Software Distribution Service 3.0
RP77: 3/02/2011 2:25:53 PM - Software Distribution Service 3.0
RP78: 4/02/2011 4:55:14 PM - Software Distribution Service 3.0
RP79: 5/02/2011 10:03:55 PM - Software Distribution Service 3.0
RP80: 7/02/2011 4:21:46 AM - Software Distribution Service 3.0
RP81: 8/02/2011 9:59:55 AM - Software Distribution Service 3.0
RP82: 9/02/2011 11:50:29 AM - Software Distribution Service 3.0
RP83: 10/02/2011 3:00:13 AM - Software Distribution Service 3.0
RP84: 10/02/2011 4:14:41 PM - Software Distribution Service 3.0
RP85: 11/02/2011 4:39:34 PM - System Checkpoint
RP86: 12/02/2011 8:03:34 PM - System Checkpoint
RP87: 13/02/2011 3:25:11 AM - Software Distribution Service 3.0
RP88: 14/02/2011 12:28:35 PM - System Checkpoint
RP89: 14/02/2011 1:17:08 PM - Software Distribution Service 3.0
RP90: 15/02/2011 10:28:46 PM - Software Distribution Service 3.0
RP91: 16/02/2011 11:26:41 PM - Software Distribution Service 3.0
RP92: 17/02/2011 3:00:13 AM - Software Distribution Service 3.0
RP93: 17/02/2011 3:24:43 AM - Software Distribution Service 3.0
RP94: 18/02/2011 1:37:12 PM - System Checkpoint
RP95: 18/02/2011 2:00:26 PM - Removed Apple Mobile Device Support
RP96: 18/02/2011 2:02:41 PM - Removed iTunes
RP97: 19/02/2011 8:22:38 PM - System Checkpoint
==== Installed Programs ======================
32 Bit HP CIO Components Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.2
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
µTorrent
BitMeter
Bonjour
Camera Assistant Software for Toshiba
Counter-Strike: Source
Counter-Strike: Source Beta
DJ_SF_06_D1600_SW_Min
GoldenEye: Source - HalfLife 2 Mod
Half-Life 2: Deathmatch
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB971276-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB979306)
HP Deskjet D1600 Printer Driver 14.0 Rel. 6
HP Product Detection
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 23
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
mIRC
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org 3.2
QuickTime
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
REALTEK RTL8187B Wireless LAN Driver
Realtek WLAN Driver
Risk WarZone Client
Royal AIO Theme
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Sophos Anti-Rootkit 1.5.4
Source SDK Base 2007
Steam
System Requirements Lab CYRI
System Requirements Lab for Intel
Toolbox
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA Software Modem
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
VLC media player 1.0.5
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
WinRAR archiver
Xvid 1.2.2 final uninstall
YouTube Downloader 2.6.5
==== Event Viewer Messages From Past Week ========
19/02/2011 7:45:14 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
19/02/2011 7:45:14 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
19/02/2011 7:45:14 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
19/02/2011 11:24:53 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.1877.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
19/02/2011 11:17:33 AM, error: Service Control Manager [7034] - The Agere Modem Call Progress Audio service terminated unexpectedly. It has done this 1 time(s).
18/02/2011 9:37:56 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.1877.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
18/02/2011 1:58:19 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
17/02/2011 5:45:23 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
15/02/2011 10:12:33 PM, error: Dhcp [1002] - The IP address lease 192.168.2.3 for the Network Card with network address 002163868050 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
13/02/2011 12:37:39 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.1582.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
12/02/2011 7:50:29 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.1355.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
12/02/2011 7:46:28 PM, error: PlugPlayManager [12] - The device 'HL-DT-ST DVDRAM GSA-T50N' (IDE\CdRomHL-DT-ST_DVDRAM_GSA-T50N________________RR07____\4&4835c41&0&0.1.0) disappeared from the system without first being prepared for removal.
12/02/2011 7:46:28 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
==== End Of File ===========================