I replaced the mailer with a whole number upgrade (hMail). I removed the Comodo Suite which probably wasn't updating properly. I loaded Outpost Firewall Free--I have a license, but it won't accept it--I probably didn't load the paid exe, but I'll deal with that later. The Outpost is updated and working. I added AVG and switched off the overlap from Outpost scans.
The server is using a fixed NAT IP with the fixed IP router "air" forwarding requests. This works with other computers in the same subnet with no difficulty. When I switch to another WAN IP with my laptop, nothing gets through the router.
I dropped the DHCP on the server and replaced its address with the fixed IP <air.zz.com>, and then by plugging it in to the modem, I bypassed the disconnected router and switch with no joy. I did notice that Outpost built a rule for the new (first time use of FTP for this install of the firewall), and then the client computer (my droid) reported the connection broken by the server.
When I ran the script to generate a DDS log, I noticed there WAS a reason for the problem--a rootkit.
This is a non commercial computer that has been running for years with no problems--until now. Here are the scans..
DDS.TXT..
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by buzz at 14:46:01 on 2011-05-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1309 [GMT -7:00]
.
AV: Outpost Security Suite *Enabled/Updated* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Outpost Security Suite *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\D4\D4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\D-Link\D-Link USB VoIP Adapter\DLinkMonitor.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\GEEK SQUAD UPS\pppeuser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\RhinoSoft.com\Serv-U\Serv-U-Tray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\DU Meter\DUMeter.exe
svchost.exe
D:\Lists\Animal-List\SVList-Animal-List.exe
D:\Lists\UNJO\SVList-UNJO.exe
D:\Lists\WhiteGold-List\SVList-WhiteGold-List.exe
C:\Program Files\DU Super Controler\DUSuperControler.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
svchost.exe
C:\Program Files\D4\D4.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\hMailServer\Bin\hMailServer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\GEEK SQUAD UPS\ppped.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\RhinoSoft.com\Serv-U\Serv-U.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\D-Link\D-Link USB VoIP Adapter\VServ.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\D-Link\D-Link USB VoIP Adapter\DPH-50U Utility.exe
C:\Program Files\hMailServer\Bin\hMailAdmin.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\ftp\usr\buzz\110527\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [PowerPanel Personal Edition User Interaction] "c:\program files\geek squad ups\pppeuser.exe"
uRun: [TransparentIcons]
uRun: [BlockAds]
uRun: [Tweak-XP]
uRun: [TransTask]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [ServUTrayIcon] c:\program files\rhinosoft.com\serv-u\Serv-U-Tray.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [Dimension4] c:\program files\d4\D4.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"
mRun: [DLinkMonitor.exe] c:\program files\d-link\d-link usb voip adapter\DLinkMonitor.exe
mRun: [OutpostMonitor] "c:\progra~1\agnitum\outpos~1\op_mon.exe" /tray /noservice
mRun: [OutpostFeedBack] "c:\program files\agnitum\outpost security suite free\feedback.exe" /dump:os_startup
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
StartupFolder: c:\docume~1\buzz\startm~1\programs\startup\d4exe~1.lnk - c:\program files\d4\D4.exe
StartupFolder: c:\docume~1\buzz\startm~1\programs\startup\dumeter.lnk - c:\program files\du meter\DUMeter.exe
StartupFolder: c:\docume~1\buzz\startm~1\programs\startup\svlist~2.lnk - d:\lists\animal-list\SVList-Animal-List.exe
StartupFolder: c:\docume~1\buzz\startm~1\programs\startup\svlist~3.lnk - d:\lists\unjo\SVList-UNJO.exe
StartupFolder: c:\docume~1\buzz\startm~1\programs\startup\svlist~1.lnk - d:\lists\whitegold-list\SVList-WhiteGold-List.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoexec.lnk - c:\autoexec.bat
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dusupe~1.lnk - c:\program files\du super controler\DUSuperControler.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\buzz\application data\mozilla\firefox\profiles\bpgjtaxx.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R0 TLRecAgent;TLRecAgent;c:\windows\system32\drivers\TLRecAgent.sys [2007-1-2 37208]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2011-5-27 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2011-5-27 29584]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2011-5-27 710824]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\agnitum\outpos~1\acs.exe [2011-5-27 2072592]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2011-5-27 308136]
R2 hMailServer;hMailServer;c:\program files\hmailserver\bin\hmailserver.exe runasservice --> c:\program files\hmailserver\bin\hMailServer.exe RunAsService [?]
R2 Serv-U;Serv-U File Server;c:\program files\rhinosoft.com\serv-u\Serv-U.exe [2009-7-26 201216]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-3-18 172328]
R2 VService;VService;c:\program files\d-link\d-link usb voip adapter\VServ.exe [2007-1-2 105208]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2011-5-27 34280]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2011-5-27 267624]
R3 ASWFilt;ASWFilt;c:\windows\system32\filt\ASWFilt.dll [2011-5-27 72352]
R3 HomeQOS;HomeQOS Miniport;c:\windows\system32\drivers\homeqos.sys [2004-1-20 36096]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2009-5-28 108032]
R3 slusbvip;SL3800 USB Driver;c:\windows\system32\drivers\slusbvip.sys [2007-1-2 591832]
R3 SLVAD_simple;D-Link Virtual Audio Device;c:\windows\system32\drivers\slvad.sys [2007-1-2 85656]
R3 VBEngNT;VBEngNT;c:\windows\system32\drivers\VBEngNT.sys [2011-5-27 242040]
R3 VBFilt;VBFilt;c:\windows\system32\filt\VBFilt.dll [2011-5-27 36288]
.
=============== File Associations ===============
.
txtfile=c:\pfiles\editpad\EditPad.exe "%1"
.
=============== Created Last 30 ================
.
2011-05-27 10:36:47 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2011-05-27 10:35:16 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-05-27 10:35:00 -------- d-----w- c:\documents and settings\all users\application data\avg9
2011-05-27 10:04:25 710824 ----a-w- c:\windows\system32\drivers\SandBox.sys
2011-05-27 10:04:25 242040 ----a-w- c:\windows\system32\drivers\VBEngNT.sys
2011-05-27 10:03:35 267624 ----a-w- c:\windows\system32\drivers\afwcore.sys
2011-05-27 10:03:17 34280 ----a-w- c:\windows\system32\drivers\afw.sys
2011-05-27 10:03:13 -------- d-----w- c:\documents and settings\buzz\application data\Agnitum
2011-05-27 09:50:43 -------- d-----w- c:\documents and settings\buzz\application data\GlarySoft
2011-05-27 09:50:42 -------- d-----w- c:\program files\Absolute Uninstaller
2011-05-27 07:12:51 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-05-27 07:12:51 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-27 05:41:16 -------- d-----w- c:\program files\Trend Micro
2011-05-24 03:18:42 -------- d-----w- c:\documents and settings\all users\application data\Common Files
2011-05-24 03:17:33 -------- d-----w- c:\windows\system32\drivers\AVG
2011-05-24 03:17:33 -------- d-----w- c:\documents and settings\all users\application data\AVG10
2011-05-24 03:17:10 -------- d-----w- c:\program files\AVG
2011-05-24 03:03:30 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2011-05-24 02:43:11 -------- d-----w- c:\windows\system32\Filt
2011-05-24 02:43:11 -------- d-----w- c:\program files\Agnitum
2011-05-24 02:42:45 -------- d-----w- c:\documents and settings\all users\application data\Agnitum
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_SP2504C rev.VT100-33 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-12
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A708AB8]
3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000071[0x8A7249E8]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-7[0x8A6A4940]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 14:46:44.15 ===============
Attach.txt..
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-05-19.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2009.07.24 02:17:05
System Uptime: 2011.05.27 14:00:46 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M2R32-MVP
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2204/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 69.076 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 25.47 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
K: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&258F370F&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&258F370F&0
Service: i8042prt
.
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&258F370F&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&258F370F&0
Service: i8042prt
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\D465DF11D800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\D465DF11D800
Service: NIC1394
.
==== System Restore Points ===================
.
RP620: 2011.02.27 01:01:46 - System Checkpoint
RP621: 2011.02.28 01:05:37 - System Checkpoint
RP622: 2011.03.01 17:22:13 - System Checkpoint
RP623: 2011.03.02 17:29:55 - System Checkpoint
RP624: 2011.03.03 17:33:02 - System Checkpoint
RP625: 2011.03.04 19:22:04 - System Checkpoint
RP626: 2011.03.05 20:17:57 - System Checkpoint
RP627: 2011.03.06 21:04:39 - System Checkpoint
RP628: 2011.03.07 21:05:29 - System Checkpoint
RP629: 2011.03.08 22:05:21 - System Checkpoint
RP630: 2011.03.09 23:05:09 - System Checkpoint
RP631: 2011.03.10 03:00:13 - Software Distribution Service 3.0
RP632: 2011.03.11 03:15:56 - System Checkpoint
RP633: 2011.03.12 03:16:44 - System Checkpoint
RP634: 2011.03.13 05:05:40 - System Checkpoint
RP635: 2011.03.14 06:04:51 - System Checkpoint
RP636: 2011.03.15 06:05:34 - System Checkpoint
RP637: 2011.03.16 03:00:13 - Software Distribution Service 3.0
RP638: 2011.03.17 03:17:11 - System Checkpoint
RP639: 2011.03.18 04:05:14 - System Checkpoint
RP640: 2011.03.19 05:05:01 - System Checkpoint
RP641: 2011.03.20 06:05:54 - System Checkpoint
RP642: 2011.03.21 06:19:04 - System Checkpoint
RP643: 2011.03.22 13:16:28 - System Checkpoint
RP644: 2011.03.24 01:43:25 - System Checkpoint
RP645: 2011.03.25 01:47:08 - System Checkpoint
RP646: 2011.03.25 03:00:13 - Software Distribution Service 3.0
RP647: 2011.03.26 03:21:24 - System Checkpoint
RP648: 2011.03.27 03:26:36 - System Checkpoint
RP649: 2011.03.28 04:05:12 - System Checkpoint
RP650: 2011.03.29 05:05:02 - System Checkpoint
RP651: 2011.03.30 06:04:51 - System Checkpoint
RP652: 2011.03.31 07:04:36 - System Checkpoint
RP653: 2011.04.01 08:33:18 - System Checkpoint
RP654: 2011.04.02 10:14:19 - System Checkpoint
RP655: 2011.04.03 11:16:10 - System Checkpoint
RP656: 2011.04.04 12:32:05 - System Checkpoint
RP657: 2011.04.05 12:54:37 - System Checkpoint
RP658: 2011.04.06 13:05:11 - System Checkpoint
RP659: 2011.04.07 14:04:58 - System Checkpoint
RP660: 2011.04.08 15:04:49 - System Checkpoint
RP661: 2011.04.09 16:04:36 - System Checkpoint
RP662: 2011.04.10 16:05:23 - System Checkpoint
RP663: 2011.04.11 17:05:10 - System Checkpoint
RP664: 2011.04.12 18:04:59 - System Checkpoint
RP665: 2011.04.13 19:04:47 - System Checkpoint
RP666: 2011.04.14 19:05:41 - System Checkpoint
RP667: 2011.04.15 20:05:26 - System Checkpoint
RP668: 2011.04.16 03:00:13 - Software Distribution Service 3.0
RP669: 2011.04.17 03:16:04 - System Checkpoint
RP670: 2011.04.18 03:16:51 - System Checkpoint
RP671: 2011.04.19 04:05:28 - System Checkpoint
RP672: 2011.04.20 05:05:16 - System Checkpoint
RP673: 2011.04.21 06:05:01 - System Checkpoint
RP674: 2011.04.22 07:04:47 - System Checkpoint
RP675: 2011.04.23 07:05:41 - System Checkpoint
RP676: 2011.04.24 08:05:32 - System Checkpoint
RP677: 2011.04.25 09:05:22 - System Checkpoint
RP678: 2011.04.26 10:05:07 - System Checkpoint
RP679: 2011.04.27 03:00:13 - Software Distribution Service 3.0
RP680: 2011.04.28 03:16:14 - System Checkpoint
RP681: 2011.04.29 04:04:49 - System Checkpoint
RP682: 2011.04.30 05:04:37 - System Checkpoint
RP683: 2011.05.01 05:05:27 - System Checkpoint
RP684: 2011.05.02 06:05:18 - System Checkpoint
RP685: 2011.05.03 07:05:08 - System Checkpoint
RP686: 2011.05.04 08:04:55 - System Checkpoint
RP687: 2011.05.05 09:04:48 - System Checkpoint
RP688: 2011.05.06 09:32:05 - System Checkpoint
RP689: 2011.05.07 10:05:26 - System Checkpoint
RP690: 2011.05.08 11:05:18 - System Checkpoint
RP691: 2011.05.09 12:05:08 - System Checkpoint
RP692: 2011.05.10 13:04:55 - System Checkpoint
RP693: 2011.05.11 14:04:52 - System Checkpoint
RP694: 2011.05.12 03:02:24 - Software Distribution Service 3.0
RP695: 2011.05.13 03:16:49 - System Checkpoint
RP696: 2011.05.14 04:05:23 - System Checkpoint
RP697: 2011.05.15 05:05:14 - System Checkpoint
RP698: 2011.05.16 06:05:05 - System Checkpoint
RP699: 2011.05.17 06:17:26 - System Checkpoint
RP700: 2011.05.18 07:04:42 - System Checkpoint
RP701: 2011.05.19 07:05:28 - System Checkpoint
RP702: 2011.05.20 08:05:19 - System Checkpoint
RP703: 2011.05.21 09:05:08 - System Checkpoint
RP704: 2011.05.22 10:04:58 - System Checkpoint
RP705: 2011.05.23 11:04:46 - System Checkpoint
RP706: 2011.05.23 19:43:15 - Agnitum Outpost Security Suite Free Restore Point: install
RP707: 2011.05.23 20:16:37 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP708: 2011.05.23 20:17:10 - Installed AVG 2011
RP709: 2011.05.23 20:17:27 - Installed AVG 2011
RP710: 2011.05.24 20:42:11 - System Checkpoint
RP711: 2011.05.25 04:25:42 - Unsigned driver install
RP712: 2011.05.26 05:05:01 - System Checkpoint
RP713: 2011.05.26 21:44:24 - won't allow input from NET
RP714: 2011.05.26 22:41:16 - Installed HiJackThis
RP715: 2011.05.27 00:08:39 - Restore Operation
RP716: 2011.05.27 00:27:21 - Restore Operation
RP717: 2011.05.27 00:43:17 - Restore Operation
RP718: 2011.05.27 03:00:14 - Software Distribution Service 3.0
RP719: 2011.05.27 03:03:16 - Agnitum Outpost Security Suite Free Restore Point: install
RP720: 2011.05.27 03:35:00 - Installed AVG Free 9.0
RP721: 2011.05.27 03:35:54 - Avg8 Update
RP722: 2011.05.27 03:36:53 - Avg Update
RP723: 2011.05.27 08:05:29 - Avg Update
RP724: 2011.05.27 08:05:59 - Avg Update
.
==== Installed Programs ======================
.
Absolute Uninstaller 2.8.0.636
Adobe Flash Player 10 Plugin
Athlon 64 Processor Driver
AVG Free 9.0
D-Link USB VoIP Adapter
Dimension 4 v4.3
Dimension 4 v5.0
Diskeeper Professional Edition
DU Meter
DU Super Controler (remove only)
GEEK SQUAD POWER MANAGEMENT
hMailServer 5.3.3-B1879
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java(TM) 6 Update 14
Marvell Miniport Driver
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft SQL Server Compact 3.5 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.6)
Mozilla Thunderbird (2.0.0.23)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
MySQL Server 5.0
NVIDIA Drivers
Outpost Security Suite 7.1
Sandboxie 3.38
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Serv-U 8.0
Skype Toolbars
Skype™ 5.1
SVList-WCE
SVList32
TeamViewer 5 Host
Tweak-XP Pro
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VirusTotal Uploader
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 8
Windows XP Service Pack 3
WinPatrol 2008
.
==== Event Viewer Messages From Past Week ========
.
2011.05.26 20:23:35, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0018F346E34C. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
2011.05.25 00:14:59, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
2011.05.20 03:01:56, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
.
==== End Of File ===========================
Thanks for your time,
Buzz.