My google searches get redirected, pages to which I'm redirected depend on country I'm accessing the web in. Should anyone of you be able to figure out what's causing the problem and how to get rid of, I would be very grateful for help. Below is the list of logs as suggested in 8 steps virus/spyware removal post. Mawarebytes, as well as my Avast, found few infected files. but althought they claimed to clean the system from those, I am still getting redirected on most of my searches.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
09/03/2011 00:28:45
mbam-log-2011-03-09 (00-28-45).txt
Scan type: Quick scan
Objects scanned: 128624
Time elapsed: 6 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\_VOID (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\User Protection (Rogue.Protection) -> Quarantined and deleted successfully.
Files Infected:
(No malicious items detected)
/*********************************/
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-03-09 00:32:37
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM251JI rev.2SS00_03
Running: ux052f5s.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\ugroapow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x911388DE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort0 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort1 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort2 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort3 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\msahci \Device\Ide\PciIde0Channel0 855061F8
Device \Driver\msahci \Device\Ide\PciIde0Channel1 855061F8
Device \Driver\msahci \Device\Ide\PciIde0Channel4 855061F8
Device \Driver\msahci \Device\Ide\PciIde0Channel5 855061F8
Device \Driver\axwxalwn \Device\Scsi\axwxalwn1 8721E1F8
Device \Driver\a5s9rvbt \Device\Scsi\a5s9rvbt1 872251F8
Device \Driver\axwxalwn \Device\Scsi\axwxalwn1Port6Path0Target0Lun0 8721E1F8
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 855251F8
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- Files - GMER 1.0.15 ----
File C:\Windows\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
/*********************************/
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 0:33:41.26 on 09/03/2011
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_13
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SMINST\BLService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\Windows\system32\vmnat.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Administrator\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=c:\windows\system32\userinit.exe,userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [Gadu-Gadu] "c:\program files\gadu-gadu\gg.exe" /tray
uRun: [EPSON Stylus SX200 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatiefe.exe /fu "c:\windows\temp\E_S5CEE.tmp" /EF "HKCU"
uRun: [EPSON Stylus DX5000 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatibve.exe /fu "c:\windows\temp\E_S6B01.tmp" /EF "HKCU"
uRun: [EPSON Stylus SX200 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatiefe.exe /fu "c:\windows\temp\E_SFC0A.tmp" /EF "HKCU"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\administrator\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\administrator\appdata\roaming\dropbox\bin\Dropbox.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\admini~1\appdata\roaming\mozilla\firefox\profiles\k0msse8d.default\
FF - prefs.js: browser.startup.homepage - google.com.sg
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - component: c:\users\administrator\appdata\roaming\mozilla\firefox\profiles\k0msse8d.default\extensions\{d249fd00-4df9-11d9-9fdc-0080481ada61}\components\mpint.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\users\administrator\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Characterizer: kanjilish@jay.starkey - %profile%\extensions\kanjilish@jay.starkey
FF - Ext: MetaProducts Integration: {D249FD00-4DF9-11D9-9FDC-0080481ADA61} - %profile%\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-8 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-4 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-4 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-4 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-4 42184]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2008-10-27 365952]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-24 370688]
R2 vmserverdWin32;VMware Registration Service;c:\program files\vmware\vmware server\vmserverdWin32.exe [2008-5-9 1650781]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\drivers\ZTEusbnmeaext.sys [2010-7-1 103936]
.
=============== Created Last 30 ================
.
2011-03-08 14:36:48 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-17 13:43:33 -------- d-----w- C:\Dropbox
2011-02-17 13:41:31 -------- d-----w- c:\users\admini~1\appdata\roaming\Dropbox
.
==================== Find3M ====================
.
2011-02-23 15:04:21 40648 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 0:34:29.76 ===============
/*********************************/
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
.
Motherboard: Wistron | | 360C
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | CPU | 2166/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 173 GiB total, 64.448 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.398 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet F4500 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet 2600n
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet 2600n
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp color LaserJet 5500
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: Hewlett-Packard
Name: hp color LaserJet 5500
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
"Minimal SYStem 1.0.11"
32 Bit HP CIO Components Installer
8051IDE
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Anki
Apple Software Update
Atheros Driver Installation Program
AutoCAD 2000
AutoCAD 2000 Migration Assistance
avast! Free Antivirus
Blood Bowl version 1.2.0.1
Bonjour
BufferChm
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HD Audio
ContainerEx Decrypter
CyberLink DVD Suite
Dev-C++ 5 beta 9 release (4.9.9.2)
DJ_AIO_06_F4500_SW_MIN
DjVuLibre+DjView
DocProc
DocProcQFolder
Dropbox
EPSON Printer Software
EPSON Scan
EPSON Stylus SX200 Series Printer Uninstall
ESU for Microsoft Vista
F4500
Free Download Manager 3.0
Freelang Dictionary (wordlist)
Freelang Dictionary 3.74 beta
FTDI USB Serial Converter Drivers
Gadu-Gadu 6.1
GearDrvs
Google Chrome
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
HP Doc Viewer
HP DVD Play 3.7
HP User Guides 0118
HP Wireless Assistant
HPPhotoGadget
HPTCSSetup
hpWLPGInstaller
Intel(R) Graphics Media Accelerator Driver
Japanese Fonts Support For Adobe Reader 9
Java DB 10.4.1.3
Java(TM) 6 Update 13
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 13
JavaFX(TM) 1.1 SDK
Kantaris Media Player 0.4.3
Malwarebytes' Anti-Malware
MATLAB Student R2007a
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Document Explorer 2008
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.2pre)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
Network
Notepad++
OCR Software by I.R.I.S. 11.0
Open Source Computer Vision Library 1.1pre1
OpenOffice.org 3.1
Pando Media Booster
Power2Go
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Scan
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype? 3.8
Smart Defrag 1.11
Spybot - Search & Destroy
SpywareBlaster 4.3
Swiff Player 1.5
Synaptics Pointing Device Driver
Toolbox
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio Tools for the Office system 3.0 Runtime
VLC media player 1.0.1
VMware Server
WebReg
Winamp
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR archiver
WinVDIG 1.0
μTorrent
.
==== End Of File ===========================
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
09/03/2011 00:28:45
mbam-log-2011-03-09 (00-28-45).txt
Scan type: Quick scan
Objects scanned: 128624
Time elapsed: 6 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\_VOID (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\User Protection (Rogue.Protection) -> Quarantined and deleted successfully.
Files Infected:
(No malicious items detected)
/*********************************/
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-03-09 00:32:37
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM251JI rev.2SS00_03
Running: ux052f5s.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\ugroapow.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x911388DE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort0 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort1 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort2 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdePort3 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 [8ACA99B0] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xac]}
Device \Driver\msahci \Device\Ide\PciIde0Channel0 855061F8
Device \Driver\msahci \Device\Ide\PciIde0Channel1 855061F8
Device \Driver\msahci \Device\Ide\PciIde0Channel4 855061F8
Device \Driver\msahci \Device\Ide\PciIde0Channel5 855061F8
Device \Driver\axwxalwn \Device\Scsi\axwxalwn1 8721E1F8
Device \Driver\a5s9rvbt \Device\Scsi\a5s9rvbt1 872251F8
Device \Driver\axwxalwn \Device\Scsi\axwxalwn1Port6Path0Target0Lun0 8721E1F8
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 855251F8
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- Files - GMER 1.0.15 ----
File C:\Windows\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
/*********************************/
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 0:33:41.26 on 09/03/2011
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_13
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SMINST\BLService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\Windows\system32\vmnat.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Administrator\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=c:\windows\system32\userinit.exe,userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [Gadu-Gadu] "c:\program files\gadu-gadu\gg.exe" /tray
uRun: [EPSON Stylus SX200 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatiefe.exe /fu "c:\windows\temp\E_S5CEE.tmp" /EF "HKCU"
uRun: [EPSON Stylus DX5000 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatibve.exe /fu "c:\windows\temp\E_S6B01.tmp" /EF "HKCU"
uRun: [EPSON Stylus SX200 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatiefe.exe /fu "c:\windows\temp\E_SFC0A.tmp" /EF "HKCU"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\administrator\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\administrator\appdata\roaming\dropbox\bin\Dropbox.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\admini~1\appdata\roaming\mozilla\firefox\profiles\k0msse8d.default\
FF - prefs.js: browser.startup.homepage - google.com.sg
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - component: c:\users\administrator\appdata\roaming\mozilla\firefox\profiles\k0msse8d.default\extensions\{d249fd00-4df9-11d9-9fdc-0080481ada61}\components\mpint.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\users\administrator\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Characterizer: kanjilish@jay.starkey - %profile%\extensions\kanjilish@jay.starkey
FF - Ext: MetaProducts Integration: {D249FD00-4DF9-11D9-9FDC-0080481ADA61} - %profile%\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-8 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-4 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-4 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-4 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-4 42184]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2008-10-27 365952]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-24 370688]
R2 vmserverdWin32;VMware Registration Service;c:\program files\vmware\vmware server\vmserverdWin32.exe [2008-5-9 1650781]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\drivers\ZTEusbnmeaext.sys [2010-7-1 103936]
.
=============== Created Last 30 ================
.
2011-03-08 14:36:48 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-17 13:43:33 -------- d-----w- C:\Dropbox
2011-02-17 13:41:31 -------- d-----w- c:\users\admini~1\appdata\roaming\Dropbox
.
==================== Find3M ====================
.
2011-02-23 15:04:21 40648 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 0:34:29.76 ===============
/*********************************/
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
.
Motherboard: Wistron | | 360C
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | CPU | 2166/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 173 GiB total, 64.448 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.398 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet F4500 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet 2600n
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet 2600n
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp color LaserJet 5500
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: Hewlett-Packard
Name: hp color LaserJet 5500
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
"Minimal SYStem 1.0.11"
32 Bit HP CIO Components Installer
8051IDE
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Anki
Apple Software Update
Atheros Driver Installation Program
AutoCAD 2000
AutoCAD 2000 Migration Assistance
avast! Free Antivirus
Blood Bowl version 1.2.0.1
Bonjour
BufferChm
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HD Audio
ContainerEx Decrypter
CyberLink DVD Suite
Dev-C++ 5 beta 9 release (4.9.9.2)
DJ_AIO_06_F4500_SW_MIN
DjVuLibre+DjView
DocProc
DocProcQFolder
Dropbox
EPSON Printer Software
EPSON Scan
EPSON Stylus SX200 Series Printer Uninstall
ESU for Microsoft Vista
F4500
Free Download Manager 3.0
Freelang Dictionary (wordlist)
Freelang Dictionary 3.74 beta
FTDI USB Serial Converter Drivers
Gadu-Gadu 6.1
GearDrvs
Google Chrome
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
HP Doc Viewer
HP DVD Play 3.7
HP User Guides 0118
HP Wireless Assistant
HPPhotoGadget
HPTCSSetup
hpWLPGInstaller
Intel(R) Graphics Media Accelerator Driver
Japanese Fonts Support For Adobe Reader 9
Java DB 10.4.1.3
Java(TM) 6 Update 13
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 13
JavaFX(TM) 1.1 SDK
Kantaris Media Player 0.4.3
Malwarebytes' Anti-Malware
MATLAB Student R2007a
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Document Explorer 2008
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.2pre)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
Network
Notepad++
OCR Software by I.R.I.S. 11.0
Open Source Computer Vision Library 1.1pre1
OpenOffice.org 3.1
Pando Media Booster
Power2Go
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Scan
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype? 3.8
Smart Defrag 1.11
Spybot - Search & Destroy
SpywareBlaster 4.3
Swiff Player 1.5
Synaptics Pointing Device Driver
Toolbox
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio Tools for the Office system 3.0 Runtime
VLC media player 1.0.1
VMware Server
WebReg
Winamp
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR archiver
WinVDIG 1.0
μTorrent
.
==== End Of File ===========================