Help cleaning up Trojan.Agent/Gen-Nullo[Short]

rutabaga · February 08, 2013, 06:03:29 AM

Hello, I was sent here by ravencajun on GardenWeb after posting http://ths.gardenweb.com/forums/load/comphelp/msg0218553429136.html?14 on the Computer Help forum. I am susanjn on GardenWeb.

I have already run MalWareBytes and SuperAntiSpyware, and deleted what they found.

I have read the Log Posting Instructions and have the three logs described. The instructions there say to paste the three logs here, but attach.txt says "unless specifically instructed, do not post this log". So I'll wait until specifically instructed.

Thanks,
Susan

MikeW · February 08, 2013, 08:49:43 AM

Hi rutabaga
Please go ahead and paste all the logs in your next reply

rutabaga · February 08, 2013, 01:13:41 PM

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.17115 BrowserJavaVersion: 10.13.2
Run by Susan at 23:35:40 on 2013-02-07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.137 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\TOSHIBA\IVP\ISM\pinger.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\WINDOWS\system32\ThpSrv.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\thpsrv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.chasehsa.com/ezpay/hsa/logon/hsaCardHolderLogOn.jsp
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\susan\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ACU] "c:\program files\atheros\ACU.exe" -nogui
mRun: [ITSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START
mRun: [TPNF] c:\program files\toshiba\touchpad\TPTray.exe
mRun: [ThpSrv] c:\windows\system32\thpsrv /logon
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NDSTray.exe] NDSTray.exe
mRun: [HWSetup] c:\program files\toshiba\toshiba applet\HWSetup.exe hwSetUP
mRun: [ZoomingHook] ZoomingHook.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [TAccessibility] c:\program files\toshiba\accessibility\TAccessibility.exe Instant
mRun: [TPSMain] TPSMain.exe
mRun: [DDWMon] c:\program files\toshiba\toshiba direct disc writer\\ddwmon.exe
mRun: [TUSBSleepChargeSrv] c:\program files\toshiba\toshiba usb sleep and charge utility\TUSBSleepChargeSrv.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [CeEKEY] c:\program files\toshiba\e-key\CeEKey.exe
mRun: [TDispVol] TDispVol.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [CDAServer] c:\program files\common files\common desktop agent\CDASrv.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{5A3518B0-D870-4920-BD74-CF10355D118B} : DHCPNameServer = 192.168.2.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - <orphaned>
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\susan\application data\mozilla\firefox\profiles\f3ngf4nx.default\
FF - prefs.js: browser.startup.homepage - hxxp://ths.gardenweb.com/forums/
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\susan\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\susan\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\susan\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-01-19 10:43; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: !HIDDEN! 2009-08-21 18:36; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 193552]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2008-8-21 28536]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-9-4 6528]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-8-5 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-8-5 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2013-2-7 116608]
R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2010-1-11 82944]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2011-3-14 5120]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2007-3-26 105856]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver;c:\windows\system32\drivers\trudf.sys [2007-2-19 134016]
R3 cecnuvc;Chicony USB 2.0 Camera VD;c:\windows\system32\drivers\cec_uvc.sys [2009-7-27 48176]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-2-7 40776]
S2 mrtRate;mrtRate;

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-4-6 1684736]
S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2010-2-11 319488]
S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2010-2-11 51456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-4-6 164864]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-8-5 12872]
.
=============== Created Last 30 ================
.
2013-02-08 02:37:09   40776   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2013-02-07 15:41:19   143872   ----a-w-   c:\windows\system32\javacpl.cpl
2013-02-07 15:41:11   94112   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-02-07 12:41:29   6991832   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6608482f-8e59-4d38-a858-86970bc7ec34}\mpengine.dll
2013-02-07 12:35:32   6991832   ------w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-02-06 16:25:18   193168   ----a-w-   c:\program files\mozilla firefox\maintenanceservice_installer.exe
2013-01-19 16:44:40   --------   d-----w-   c:\documents and settings\susan\application data\RealNetworks
2013-01-19 16:43:13   --------   d-----w-   c:\program files\RealNetworks
2013-01-19 16:43:08   --------   d-----w-   c:\documents and settings\all users\application data\RealNetworks
2013-01-19 16:42:47   --------   d-----w-   c:\program files\common files\xing shared
.
==================== Find3M ====================
.
2013-02-07 15:40:45   861088   ----a-w-   c:\windows\system32\npdeployJava1.dll
2013-02-07 15:40:45   782240   ----a-w-   c:\windows\system32\deployJava1.dll
2013-01-30 10:53:21   232336   ------w-   c:\windows\system32\MpSigStub.exe
2013-01-19 16:41:49   499712   ----a-w-   c:\windows\system32\msvcp71.dll
2013-01-19 16:41:49   348160   ----a-w-   c:\windows\system32\msvcr71.dll
2013-01-09 05:44:23   697864   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-01-09 05:44:22   74248   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23:59   290560   ----a-w-   c:\windows\system32\atmfd.dll
2012-12-14 22:49:28   21104   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-11-13 01:25:12   1866368   ----a-w-   c:\windows\system32\win32k.sys
.
============= FINISH: 23:37:28.09 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 8/18/2009 9:14:06 PM
System Uptime: 2/7/2013 9:42:52 AM (14 hours ago)
.
Motherboard: TOSHIBA | | KAVAA
Processor: Intel(R) Atom(TM) CPU N280 @ 1.66GHz | U2E1 | 1662/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 142 GiB total, 113.857 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1112: 11/10/2012 2:01:57 AM - Software Distribution Service 3.0
RP1113: 11/10/2012 9:38:34 PM - Software Distribution Service 3.0
RP1114: 11/11/2012 2:04:05 AM - Software Distribution Service 3.0
RP1115: 11/11/2012 9:39:54 PM - Software Distribution Service 3.0
RP1116: 11/12/2012 2:03:50 AM - Software Distribution Service 3.0
RP1117: 11/12/2012 9:41:48 PM - Software Distribution Service 3.0
RP1118: 11/13/2012 2:04:13 AM - Software Distribution Service 3.0
RP1119: 11/13/2012 9:44:21 PM - Software Distribution Service 3.0
RP1120: 11/14/2012 2:06:33 AM - Software Distribution Service 3.0
RP1121: 11/14/2012 9:49:27 PM - Software Distribution Service 3.0
RP1122: 11/15/2012 2:03:18 AM - Software Distribution Service 3.0
RP1123: 11/15/2012 9:48:02 PM - Software Distribution Service 3.0
RP1124: 11/16/2012 2:04:06 AM - Software Distribution Service 3.0
RP1125: 11/16/2012 3:01:11 AM - Software Distribution Service 3.0
RP1126: 11/17/2012 3:49:44 AM - System Checkpoint
RP1127: 11/18/2012 3:58:49 AM - System Checkpoint
RP1128: 11/19/2012 4:58:47 AM - System Checkpoint
RP1129: 11/24/2012 10:50:24 AM - Software Distribution Service 3.0
RP1130: 11/24/2012 11:01:12 AM - Installed Java 7 Update 9
RP1131: 11/24/2012 11:15:03 AM - Installed QuickTime
RP1132: 11/25/2012 2:29:04 AM - Software Distribution Service 3.0
RP1133: 11/25/2012 10:29:01 AM - Software Distribution Service 3.0
RP1134: 11/26/2012 10:33:14 PM - Software Distribution Service 3.0
RP1135: 11/27/2012 2:26:55 AM - Software Distribution Service 3.0
RP1136: 11/28/2012 2:10:53 AM - Software Distribution Service 3.0
RP1137: 11/28/2012 8:09:33 AM - Software Distribution Service 3.0
RP1138: 11/29/2012 2:10:51 AM - Software Distribution Service 3.0
RP1139: 11/29/2012 8:11:07 AM - Software Distribution Service 3.0
RP1140: 11/30/2012 2:10:52 AM - Software Distribution Service 3.0
RP1141: 12/1/2012 1:38:04 AM - Software Distribution Service 3.0
RP1142: 12/1/2012 5:59:15 PM - Software Distribution Service 3.0
RP1143: 12/2/2012 1:38:45 AM - Software Distribution Service 3.0
RP1144: 12/2/2012 6:00:40 PM - Software Distribution Service 3.0
RP1145: 12/3/2012 1:39:04 AM - Software Distribution Service 3.0
RP1146: 12/5/2012 9:11:24 PM - Software Distribution Service 3.0
RP1147: 12/6/2012 1:01:29 AM - Software Distribution Service 3.0
RP1148: 12/7/2012 1:01:38 AM - Software Distribution Service 3.0
RP1149: 12/7/2012 1:05:43 PM - Software Distribution Service 3.0
RP1150: 12/8/2012 1:03:00 AM - Software Distribution Service 3.0
RP1151: 12/8/2012 1:05:27 PM - Software Distribution Service 3.0
RP1152: 12/9/2012 1:02:03 AM - Software Distribution Service 3.0
RP1153: 12/9/2012 1:09:23 PM - Software Distribution Service 3.0
RP1154: 12/10/2012 1:03:19 AM - Software Distribution Service 3.0
RP1155: 12/10/2012 1:14:19 PM - Software Distribution Service 3.0
RP1156: 12/11/2012 1:03:08 AM - Software Distribution Service 3.0
RP1157: 12/11/2012 1:19:01 PM - Software Distribution Service 3.0
RP1158: 12/12/2012 1:04:46 AM - Software Distribution Service 3.0
RP1159: 12/12/2012 10:28:02 PM - Software Distribution Service 3.0
RP1160: 12/13/2012 1:02:36 AM - Software Distribution Service 3.0
RP1161: 12/13/2012 3:01:15 AM - Software Distribution Service 3.0
RP1162: 12/14/2012 12:45:37 AM - Software Distribution Service 3.0
RP1163: 12/15/2012 12:44:39 AM - Software Distribution Service 3.0
RP1164: 12/15/2012 3:53:19 AM - Software Distribution Service 3.0
RP1165: 12/16/2012 6:27:29 PM - Software Distribution Service 3.0
RP1166: 12/17/2012 12:45:23 AM - Software Distribution Service 3.0
RP1167: 12/18/2012 12:44:40 AM - Software Distribution Service 3.0
RP1168: 12/18/2012 6:42:16 AM - Software Distribution Service 3.0
RP1169: 12/19/2012 12:45:47 AM - Software Distribution Service 3.0
RP1170: 12/19/2012 6:44:44 AM - Software Distribution Service 3.0
RP1171: 12/20/2012 12:47:18 AM - Software Distribution Service 3.0
RP1172: 12/20/2012 6:49:05 AM - Software Distribution Service 3.0
RP1173: 12/21/2012 7:24:01 AM - System Checkpoint
RP1174: 12/22/2012 12:48:15 AM - Software Distribution Service 3.0
RP1175: 12/22/2012 3:01:28 AM - Software Distribution Service 3.0
RP1176: 12/23/2012 12:46:25 AM - Software Distribution Service 3.0
RP1177: 12/24/2012 1:07:32 AM - Software Distribution Service 3.0
RP1178: 12/24/2012 9:21:42 PM - Software Distribution Service 3.0
RP1179: 12/25/2012 1:06:29 AM - Software Distribution Service 3.0
RP1180: 12/25/2012 9:24:13 PM - Software Distribution Service 3.0
RP1181: 12/26/2012 1:07:05 AM - Software Distribution Service 3.0
RP1182: 12/26/2012 9:27:16 PM - Software Distribution Service 3.0
RP1183: 12/27/2012 1:04:22 AM - Software Distribution Service 3.0
RP1184: 12/27/2012 9:30:06 PM - Software Distribution Service 3.0
RP1185: 12/28/2012 1:08:16 AM - Software Distribution Service 3.0
RP1186: 12/28/2012 9:34:21 PM - Software Distribution Service 3.0
RP1187: 12/29/2012 1:09:10 AM - Software Distribution Service 3.0
RP1188: 12/29/2012 9:40:33 PM - Software Distribution Service 3.0
RP1189: 12/30/2012 1:07:37 AM - Software Distribution Service 3.0
RP1190: 12/30/2012 9:47:05 PM - Software Distribution Service 3.0
RP1191: 12/31/2012 1:08:30 AM - Software Distribution Service 3.0
RP1192: 12/31/2012 9:46:04 PM - Software Distribution Service 3.0
RP1193: 1/1/2013 1:08:14 AM - Software Distribution Service 3.0
RP1194: 1/1/2013 9:52:26 PM - Software Distribution Service 3.0
RP1195: 1/2/2013 1:04:07 AM - Software Distribution Service 3.0
RP1196: 1/2/2013 9:53:27 PM - Software Distribution Service 3.0
RP1197: 1/3/2013 1:06:20 AM - Software Distribution Service 3.0
RP1198: 1/3/2013 9:52:32 PM - Software Distribution Service 3.0
RP1199: 1/4/2013 1:08:30 AM - Software Distribution Service 3.0
RP1200: 1/4/2013 10:01:47 PM - Software Distribution Service 3.0
RP1201: 1/4/2013 10:21:44 PM - Software Distribution Service 3.0
RP1202: 1/5/2013 10:47:58 PM - System Checkpoint
RP1203: 1/6/2013 1:11:02 AM - Software Distribution Service 3.0
RP1204: 1/6/2013 10:11:02 PM - Software Distribution Service 3.0
RP1205: 1/7/2013 11:29:54 PM - System Checkpoint
RP1206: 1/8/2013 1:04:33 AM - Software Distribution Service 3.0
RP1207: 1/8/2013 9:53:18 PM - Software Distribution Service 3.0
RP1208: 1/9/2013 9:52:29 PM - Software Distribution Service 3.0
RP1209: 1/10/2013 3:01:37 AM - Software Distribution Service 3.0
RP1210: 1/11/2013 3:52:44 AM - System Checkpoint
RP1211: 1/11/2013 7:54:42 AM - Software Distribution Service 3.0
RP1212: 1/12/2013 1:12:53 AM - Software Distribution Service 3.0
RP1213: 1/12/2013 7:52:11 AM - Software Distribution Service 3.0
RP1214: 1/13/2013 1:09:31 AM - Software Distribution Service 3.0
RP1215: 1/13/2013 7:54:27 AM - Software Distribution Service 3.0
RP1216: 1/14/2013 1:11:33 AM - Software Distribution Service 3.0
RP1217: 1/14/2013 7:55:09 AM - Software Distribution Service 3.0
RP1218: 1/15/2013 1:11:14 AM - Software Distribution Service 3.0
RP1219: 1/15/2013 3:00:24 AM - Software Distribution Service 3.0
RP1220: 1/16/2013 12:48:25 AM - Software Distribution Service 3.0
RP1221: 1/16/2013 3:34:26 AM - Software Distribution Service 3.0
RP1222: 1/17/2013 12:48:45 AM - Software Distribution Service 3.0
RP1223: 1/18/2013 12:48:45 AM - Software Distribution Service 3.0
RP1224: 1/18/2013 3:42:07 AM - Software Distribution Service 3.0
RP1225: 1/19/2013 12:51:48 AM - Software Distribution Service 3.0
RP1226: 1/19/2013 3:45:26 AM - Software Distribution Service 3.0
RP1227: 1/19/2013 10:17:42 AM - Installed Java 7 Update 11
RP1228: 1/20/2013 12:46:46 AM - Software Distribution Service 3.0
RP1229: 1/21/2013 1:43:37 AM - System Checkpoint
RP1230: 1/22/2013 12:48:54 AM - Software Distribution Service 3.0
RP1231: 1/23/2013 5:28:27 PM - Software Distribution Service 3.0
RP1232: 1/24/2013 12:50:34 AM - Software Distribution Service 3.0
RP1233: 1/24/2013 5:30:06 PM - Software Distribution Service 3.0
RP1234: 1/25/2013 12:53:23 AM - Software Distribution Service 3.0
RP1235: 1/25/2013 5:32:59 PM - Software Distribution Service 3.0
RP1236: 1/26/2013 12:53:25 AM - Software Distribution Service 3.0
RP1237: 1/26/2013 5:36:13 PM - Software Distribution Service 3.0
RP1238: 1/27/2013 12:53:19 AM - Software Distribution Service 3.0
RP1239: 1/27/2013 5:40:02 PM - Software Distribution Service 3.0
RP1240: 1/28/2013 12:53:37 AM - Software Distribution Service 3.0
RP1241: 1/29/2013 1:19:22 AM - System Checkpoint
RP1242: 1/29/2013 1:28:06 AM - Software Distribution Service 3.0
RP1243: 1/29/2013 5:31:08 PM - Software Distribution Service 3.0
RP1244: 1/30/2013 1:29:59 AM - Software Distribution Service 3.0
RP1245: 1/30/2013 5:38:33 PM - Software Distribution Service 3.0
RP1246: 1/31/2013 1:29:13 AM - Software Distribution Service 3.0
RP1247: 1/31/2013 5:36:33 PM - Software Distribution Service 3.0
RP1248: 2/1/2013 1:25:41 AM - Software Distribution Service 3.0
RP1249: 2/1/2013 5:41:43 PM - Software Distribution Service 3.0
RP1250: 2/2/2013 1:32:44 AM - Software Distribution Service 3.0
RP1251: 2/2/2013 5:39:33 PM - Software Distribution Service 3.0
RP1252: 2/3/2013 1:30:44 AM - Software Distribution Service 3.0
RP1253: 2/4/2013 1:10:54 AM - Software Distribution Service 3.0
RP1254: 2/4/2013 1:33:34 PM - Software Distribution Service 3.0
RP1255: 2/5/2013 1:10:08 AM - Software Distribution Service 3.0
RP1256: 2/5/2013 1:41:32 PM - Software Distribution Service 3.0
RP1257: 2/6/2013 2:54:48 PM - System Checkpoint
RP1258: 2/7/2013 6:41:12 AM - Software Distribution Service 3.0
RP1259: 2/7/2013 9:40:09 AM - Removed Java 7 Update 7
RP1260: 2/7/2013 9:40:38 AM - Installed Java 7 Update 13
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe PageMaker 7.0
Adobe PhotoDeluxe Home Edition 3.1
Adobe Reader X (10.1.5)
Adobe Shockwave Player 11.6
AiO_Scan
ALPS Touch Pad Driver
Amazon Kindle For PC v1.0
Amazon Links
Apple Application Support
Apple Software Update
Atheros Client Utility
Atheros Driver Installation Program
Belarc Advisor 8.1
Bluetooth Stack for Windows by Toshiba
Camera Assistant Software for Toshiba
CCleaner
Common Desktop Agent
Compatibility Pack for the 2007 Office system
CutePDF Professional 3.6 (Evaluation)
CutePDF Writer 2.8
Dropbox
Enterprise
Foxit Reader 5.1
Google Chrome
Google SketchUp 7
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 5.2.0.952
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953955)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Memories Disc
HP PSC & Officejet 4.2 Corporate Edition
InstallVC90Support
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IrfanView (remove only)
Java 7 Update 13
Java Auto Updater
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 18.0.2 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird (3.0.2)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NOOK for PC
OpenOffice.org 3.3
Opera 12.13
QFolder
Quicken 2004
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Samsung Easy Printer Manager
Samsung ML-2950 Series
Samsung Printer Live Update
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2722913)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB2761465)
Security Update for Windows Internet Explorer 7 (KB2799329)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skype Launcher
Songbird 1.9.3 (Build 1959)
Sprint SmartView
SUPERAntiSpyware Free Edition
swMSM
TeamViewer 4
TOSHIBA Accessibility
Toshiba Application and Driver Installer
TOSHIBA ConfigFree
TOSHIBA Direct Disc Writer
TOSHIBA Fn-esse
TOSHIBA Hardware Setup
TOSHIBA HDD Protection
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Quality Application
TOSHIBA Recovery Disc Creator
Toshiba Registration
Toshiba Resources Page
TOSHIBA SD Memory Utilities
TOSHIBA Software Upgrades
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Zooming Utility
TouchPad On/Off Utility
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB2.0 Card Reader Software
Utility Common Driver
WebFldrs XP
Windows 7 Upgrade Advisor
Windows Driver Package - Chicony (cecnuvc) Image (03/26/2009 6.4.64.0326)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
WinPatrol
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
2/7/2013 12:31:24 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:    Previous Signature Version: 1.143.1616.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: http://www.microsoft.com    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:    Previous Engine Version: 1.1.9103.0    Error code: 0x8024402c    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/6/2013 8:40:16 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
2/3/2013 1:20:57 PM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````[/u]
WinPatrol
SUPERAntiSpyware Free Edition
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Java 7 Update 13
Java version out of Date!
Adobe Flash Player    11.5.502.146
Adobe Reader 10.1.5 Adobe Reader out of Date!
Mozilla Firefox (18.0.2)
Mozilla Thunderbird (3.0.2) Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````[/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
WinPatrol winpatrol.exe is disabled!
Malwarebytes Anti-Malware mbam.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C:: 21% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````[/u]

MikeW · February 08, 2013, 04:18:48 PM

Thanks. Corrine will be by soon to advise you

R-C · February 08, 2013, 06:14:00 PM

Hi Susan glad you made it over successfully.

Corrine · February 08, 2013, 07:52:12 PM

Thanks, Mike. A little later than "soon". All errands completed before much snow accumulation but it has been coming down steadily since 9AM this morning. Trying to keep the path out the back for the dogs open. Funny, the news reports keep showing the Boston, MA area and from what I see, it is a lot worse here.

Hi, Susan. Welcome to LandzDown Forum.

We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.

If you have questions regarding any of the instructions or problems running any tools, please let us know.

Thank you for the link to your thread at GW. Ravencajun (R-C here) gave me a heads up.

I am pleased to see that you have changed your email password to a stronger one and are not using it at another site. My suggestion, as you visit other sites where you used the same password, be sure to change the password. Make the password at each place you have an account unique in some way, even if it is a minor adjustment to a base password. For banking, credit card or any sites you make purchases or online bill payments, make those passwords completely unique and strong.

It is likely that MBAM took care of the malware, with SAS picking up tracking cookies. Whatever SAS found in System Restore would have only been harmful if you restored to an infected restore point.

So, let's take care of the outdated, vulnerable software first and then we'll do some cleanup with ComboFix.

1. Adobe Reader

I note that you have both an outdated, vulnerable version of Adobe Reader as well as Foxit installed. Although it is your choice to have both, there really is no need. If you need to keep Adobe Reader, please install the latest update from http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows. Be careful to uncheck the unneeded McAfee scan as well as any unneeded add-ons that may be offered with the update.

2. Adobe Flash Player

A critical security update was released for Adobe Flash Player yesterday. Please update both versions from the direct links below:

Non-IE (Opera, Firefox, Etc.): http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe
Flash Player For Internet Explorer 7, 8 & 9: http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe

3. Java

Java seems to be a malware magnet. Please consider whether you really need it installed on your computer. Either uninstall it or update Java to the latest version, Java Version 7 Update 13. Be sure to UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional. See Java, The Never-Ending Saga for instructions on disabling Java via the Java Control Panel and only enable it when it is needed.

4. Please follow these instructions carefully.

Download ComboFix from here.

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray.

Note: If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum: How to disable your security applications.

Now, please run ComboFix:

Note: If infections are found, ComboFix will automatically reboot the machine to complete the removal process. Please ensure all opened windows are closed before proceeding.
Double-click ComboFix.exe on your desktop and follow the prompts.
As part of the process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it is strongly recommended to have this pre-installed on your machine before doing any malware removal. The Recovery Console will allow you to start up the computer in a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Please note: If the Microsoft Windows Recovery Console is already installed on the computer, ComboFix will continue the malware removal procedures.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

After the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click "Yes" to continue scanning for malware.

When finished, a log will be produced. Please include the C:\ComboFix.txt in your next reply.

rutabaga · February 09, 2013, 01:06:52 AM

I uninstalled Adobe Reader and updated Foxit.
I updated Flash.
I updated Java and disabled it. I have no idea if I ever use it.

I downloaded ComboFix to my desktop and ran it (after turning off MSE). The computer rebooted and I was presented with a Microsoft web page telling me I had a blue screen error.

There is no c:/ComboFix.txt. However, there is a folder called ComboFix that when clicked looks like My Computer in Windows Explorer. I did a screen shot but don't know how to insert that here. Do I need to upload it to Photobucket or somewhere like that?

Thank you,
Susan

Corrine · February 09, 2013, 02:23:01 AM

Hi, Susan. When you click on the Reply option (or preview the post if you use the Quick Reply box), click on Attachments and other options below the reply box. From there you can browse to the screen copy, select it and post your reply. It will be attached.

rutabaga · February 09, 2013, 03:10:47 AM

Screen shot of c:/combofix

Corrine · February 09, 2013, 03:48:51 PM

Hi, Susan.

What do you see if you click on the plus sign next to C:\Combofix? Is there a folder for Qoobox?

rutabaga · February 09, 2013, 06:27:47 PM

Wow. Interesting. I was about to tell you it was an infinite loop, but I drilled down a couple more layers:

Corrine · February 09, 2013, 10:49:28 PM

Hi, Susan.

That is really strange, Susan. Before we go any further, please make sure everything is working correctly.

rutabaga · February 10, 2013, 02:25:10 AM

Corrine,

Is there anything in particular that you'd like me to check? I've been using the machine all day, and it seems to be working fine.

Thanks,
Susan

Corrine · February 10, 2013, 03:19:38 AM

I think something would have shown up by now. Please do an online scan. (No hurry, I'll be shutting down in a couple minutes.)

Please go here to run an on-line scan from ESET.

Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic.

rutabaga · February 10, 2013, 06:23:27 AM

Corrine, here's the log from ESET:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=7.00.6000.17115 (vista_gdr.121029-1623)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b983bb85891d9740b2219356c3bfcba9
# engine=13113
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-02-10 06:14:37
# local_time=2013-02-10 12:14:37 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 10822386 13173049 0 0
# scanned=67570
# found=6
# cleaned=0
# scan_time=6773
sh=C02423884B82F50565A8AA2BE8F974E821760F18 ft=0 fh=0000000000000000 vn="Eicar test file" ac=I fn="C:\Documents and Settings\Susan\Local Settings\Temp\Av-test.txt"
sh=F53194FE335C1DF41F1BC945626206D3F844FA89 ft=1 fh=d05664838e1e7c7e vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Documents and Settings\Susan\Local Settings\Temp\fox33.tmp\Foxit Reader en5.4.5.124(toolbar) Setup.exe"
sh=DE069B1F515C20517E8A2A54011ABD2D6711A7D6 ft=0 fh=0000000000000000 vn="Win32/OpenCandy application" ac=I fn="C:\Documents and Settings\Susan\Local Settings\Temporary Internet Files\Content.IE5\R030AT19\stubinst_pkg_en-us[1].cab"
sh=91EC186153FB33A4562204E4BE5631168C2BA206 ft=1 fh=eb969c333e6297d9 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Documents and Settings\Susan\My Documents\Downloads\CuteWriter.exe"
sh=AC92E28269FBECA27F00EC0759C77D8AE1FBBA7D ft=1 fh=ed5561659328eb74 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Documents and Settings\Susan\My Documents\Downloads\FoxitReader502.0718_enu_Setup.exe"
sh=80EC40B449844036AF4397EA6A83E6413B05FE1D ft=1 fh=0a2342e7b0e140db vn="probably a variant of Win32/Adware.Softomate.AD application" ac=I fn="C:\Documents and Settings\Susan\My Documents\My Archives\My Documents on Popcorn\Downloads\couponprinter.exe"