Jump to content

CorLut

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I ran the scanner and it came back clean. No log was created however.
  2. I deleted zLoader from my computer and restarted it. I ran MWB and it found 0 infections in a quick scan (the first scan type that I used to detect the infection). My computer's CPU usage is still shooting up randomly. The range of the spikes is anywhere between 2% to 33% though. Here is the new log. Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.20.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 California Raisin :: GAMEPC [administrator] Protection: Enabled 6/21/2012 12:01:45 AM mbam-log-2012-06-21 (00-01-45).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 209642 Time elapsed: 3 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  3. After restarting, it appears as if I'm still having the same issue. As soon as my computer booted up I pressed Ctrl+Alt+Del and the error message stating that "Task manager has been disabled by your administrator," still pops up. I noticed that the bitdefender log registered that "zLoader", a map hack I use for an old game, was a threat. I'll uninstall it if that is alright with you. I remember reading about changing as little of your files as possible to achieve better results. Either way, here is the latest log. Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.20.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 California Raisin :: GAMEPC [administrator] Protection: Enabled 6/20/2012 3:08:39 PM mbam-log-2012-06-20 (15-08-39).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 271476 Time elapsed: 41 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  4. ComboFix 12-06-20.01 - California Raisin 06/20/2012 11:13:35.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2409 [GMT -5:00] Running from: c:\documents and settings\California Raisin\My Documents\Downloads\ComboFix.exe . . ((((((((((((((((((((((((( Files Created from 2012-05-20 to 2012-06-20 ))))))))))))))))))))))))))))))) . . 2012-06-19 23:11 . 2012-06-19 23:11 -------- d-----w- c:\documents and settings\California Raisin\Application Data\QuickScan 2012-06-19 22:44 . 2012-06-19 22:53 -------- d-----w- C:\rsit 2012-06-19 22:44 . 2012-06-19 22:53 -------- d-----w- c:\program files\trend micro 2012-06-19 13:01 . 2012-06-19 13:01 -------- d-----w- c:\windows\LastGood 2012-06-18 05:37 . 2012-06-18 05:37 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-18 05:31 . 2012-06-19 22:38 -------- d-----w- c:\program files\Anti-Virus_RootKit 2012-06-15 15:39 . 2012-06-15 15:39 -------- d-----w- c:\documents and settings\Administrator 2012-05-24 23:28 . 2012-05-24 23:28 -------- d-----w- c:\documents and settings\California Raisin\Application Data\LolClient2 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-02 20:19 . 2009-08-07 01:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 20:19 . 2010-12-28 08:45 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 20:19 . 2010-12-28 08:45 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 20:19 . 2010-12-28 08:45 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 20:19 . 2009-08-07 01:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 20:19 . 2010-12-28 08:45 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 20:19 . 2009-08-07 01:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 20:19 . 2008-04-14 05:41 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 20:19 . 2009-08-07 01:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 20:19 . 2010-12-28 08:45 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 20:19 . 2010-12-28 08:45 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-05-31 13:22 . 2008-04-14 05:41 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-15 15:39 . 2008-04-14 05:42 832512 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2008-04-14 01:00 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-04 13:12 . 2008-04-14 00:57 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2010-12-28 08:44 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 14:46 . 2008-04-14 05:42 1830912 ------w- c:\windows\system32\inetcpl.cpl 2012-04-23 14:46 . 2008-04-14 05:41 78336 ----a-w- c:\windows\system32\ieencode.dll 2012-04-23 14:46 . 2008-04-14 05:41 17408 ----a-w- c:\windows\system32\corpol.dll 2012-04-04 20:56 . 2011-01-30 23:45 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-30 3077528] "Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320] "ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208] "Spotify Web Helper"="c:\program files\Spotify\Data\SpotifyWebHelper.exe" [2012-05-15 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zLoader"="c:\documents and settings\California Raisin\My Documents\Downloads\zLoader" [X] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-06-11 358472] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-06-11 1809992] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-06-11 3649096] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 61440] "Razer Naga Driver"="c:\program files\Razer\Naga\RazerNagaSysTray.exe" [2011-02-17 953744] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 153608] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BDARemote.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk backup=c:\windows\pss\BDARemote.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin F5D8053 N Wireless USB Adapter Utility.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Belkin F5D8053 N Wireless USB Adapter Utility.lnk backup=c:\windows\pss\Belkin F5D8053 N Wireless USB Adapter Utility.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-12-28 16:22 136176 ----atw- c:\documents and settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\StarCraft II\\StarCraft II.exe"= "c:\\Program Files\\Motorola Media Link\\MML.exe"= "c:\\Program Files\\StarCraft II\\Versions\\Base18092\\SC2.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\Starcraft\\StarCraft.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.954\\Agent.exe"= "c:\\Program Files\\Diablo III\\Diablo III.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.976\\Agent.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "25796:TCP"= 25796:TCP:BitComet 25796 TCP "25796:UDP"= 25796:UDP:BitComet 25796 UDP "57670:TCP"= 57670:TCP:Pando Media Booster "57670:UDP"= 57670:UDP:Pando Media Booster . R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 12:49 PM 616408] R2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\NServiceEntry.exe [11/5/2010 5:11 PM 81920] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/30/2011 6:45 PM 654408] R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [12/6/2011 4:00 PM 214896] R3 AE1000;Linksys AE1000 Driver;c:\windows\system32\drivers\AE1000XP.sys [5/1/2011 5:09 PM 816672] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [11/23/2009 6:37 PM 19720] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [12/28/2010 4:17 AM 14856] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/30/2011 6:45 PM 22344] R3 RzSynapse;Razer Driver;c:\windows\system32\drivers\RzSynapse.sys [2/20/2011 4:31 PM 103424] S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5/30/2012 1:56 PM 3048136] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/29/2012 8:50 AM 158856] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [12/24/2011 1:43 AM 6016] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [12/24/2011 1:43 AM 20480] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [12/24/2011 1:43 AM 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [12/24/2011 1:43 AM 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [12/24/2011 1:43 AM 11008] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 25451735 *NewlyCreated* - 33078345 *NewlyCreated* - IPFILTERDRIVER *NewlyCreated* - SKYPE_C2C_SERVICE *Deregistered* - 25451735 *Deregistered* - 33078345 *Deregistered* - TrueSight . Contents of the 'Scheduled Tasks' folder . 2012-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57] . 2012-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1647877149-1801674531-1003Core.job - c:\documents and settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-28 16:22] . 2012-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1647877149-1801674531-1003UA.job - c:\documents and settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-28 16:22] . 2012-05-22 c:\windows\Tasks\MotoHelper MUM.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-06-20 c:\windows\Tasks\MotoHelper Routing.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . 2012-05-22 c:\windows\Tasks\MotoHelper Update.job - c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.xfinity.com/?cid=insDate03062012 uInternet Connection Wizard,ShellNext = hxxp://www.logitech.com/gamepanel uInternet Settings,ProxyOverride = 192.168.*.*;*.local TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . SafeBoot-25451735.sys AddRemove-Spotify - c:\program files\Spotify\Spotify.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-20 11:18 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(648) c:\windows\system32\Ati2evxx.dll c:\program files\CA\PPRT\bin\CACheck.dll c:\program files\CA\PPRT\bin\CAHook.dll c:\program files\CA\PPRT\bin\CAServer.dll . - - - - - - - > 'explorer.exe'(5148) c:\windows\system32\WININET.dll c:\program files\CA\PPRT\bin\CACheck.dll c:\program files\CA\PPRT\bin\CAHook.dll c:\program files\CA\PPRT\bin\CAServer.dll c:\windows\system32\ieframe.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll . Completion time: 2012-06-20 11:19:52 ComboFix-quarantined-files.txt 2012-06-20 16:19 . Pre-Run: 439,397,310,464 bytes free Post-Run: 440,680,706,048 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 7D53C162211FF7A3168F007CF2C8783C
  5. QuickScan 32-bit v0.9.9.114 --------------------------- Scan date: Tue Jun 19 18:11:31 2012 Machine ID: 904A9CD7 Found 1 infected file! ---------------------- C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader.exe --> Trojan.Generic.747667 --> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"zLoader" Processes --------- Apple Push 3772 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe ATI External Event Utility for Windows 1068 C:\WINDOWS\system32\ati2evxx.exe ATI External Event Utility for Windows 852 C:\WINDOWS\system32\ati2evxx.exe Bonjour 1684 C:\Program Files\Bonjour\mDNSResponder.exe CallingID 3092 C:\Program Files\xfin_portal\CIDGlobalLight.exe Catalyst Control Centre 3540 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe Catalyst Control Centre 904 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ComcastAntiSpy.exe 1424 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe ComcastAntiSpyService.exe 1588 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe distnoted 1408 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe eTrust PestPatrol Realtime Protection 1844 C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe Google Update 2408 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe iTunes 1360 C:\Program Files\iPod\bin\iPodService.exe iTunes 1760 C:\Program Files\iTunes\iTunes.exe iTunes 1352 C:\Program Files\iTunes\iTunesHelper.exe Java Platform SE 6 U29 1864 C:\Program Files\Java\jre6\bin\jqs.exe Java Platform SE Auto Updater 2 0 1188 C:\Program Files\Common Files\Java\Java Update\jusched.exe Logitech GamePanel Software 2528 C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe Logitech GamePanel Software 2288 C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe Logitech GamePanel Software 2488 C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe Logitech GamePanel Software 2468 C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe Logitech GamePanel Software 1972 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe Logitech GamePanel Software 312 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe Logitech GamePanel Software 548 C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe LWEMon.exe 804 C:\Program Files\Logitech\Gaming Software\LWEMon.exe Malwarebytes Anti-Malware 480 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe Messenger 1384 C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System 2964 C:\WINDOWS\system32\notepad.exe Microsoft® Windows® Operating System 988 C:\WINDOWS\system32\notepad.exe Microsoft® Windows® Operating System 1644 C:\WINDOWS\system32\notepad.exe Microsoft® Windows® Operating System 3844 C:\WINDOWS\system32\notepad.exe Microsoft® Windows® Operating System 1480 C:\WINDOWS\system32\spoolsv.exe MobileDeviceHelper 3528 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe MobileDeviceService 1620 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe MotoHelper 592 C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe MotoHelper Service 316 C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe NService Application 1768 C:\Program Files\Motorola Media Link\NServiceEntry.exe Razer Naga Systray 1032 C:\Program Files\Razer\Naga\RazerNagaSysTray.exe Realtek Sound Manager 1108 C:\WINDOWS\soundman.exe Skype Click to Call 3704 C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe SpotifyWebHelper.exe 1528 C:\Program Files\Spotify\Data\SpotifyWebHelper.exe SupportSoft Container 1412 C:\Program Files\Common Files\SupportSoft\bin\bcont.exe Windows® Internet Explorer 2016 C:\Program Files\Internet Explorer\iexplore.exe (verified) Microsoft® .NET Framework 1796 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (verified) Microsoft® Windows® Operating System 3960 C:\WINDOWS\explorer.exe (verified) Microsoft® Windows® Operating System 2736 C:\WINDOWS\system32\alg.exe (verified) Microsoft® Windows® Operating System 612 C:\WINDOWS\system32\csrss.exe (verified) Microsoft® Windows® Operating System 1368 C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System 704 C:\WINDOWS\system32\lsass.exe (verified) Microsoft® Windows® Operating System 692 C:\WINDOWS\system32\services.exe (verified) Microsoft® Windows® Operating System 564 C:\WINDOWS\system32\smss.exe (verified) Microsoft® Windows® Operating System 1968 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1220 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1556 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 868 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 928 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1004 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 968 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1168 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 4056 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 648 C:\WINDOWS\system32\winlogon.exe Network activity ---------------- Process iexplore.exe (2016) connected on port 80 (HTTP) --> 74.125.227.98 Process iexplore.exe (2016) connected on port 80 (HTTP) --> 23.67.250.73 Process APSDaemon.exe (3772) connected on port 5223 (XMPP/Jabber) --> 17.172.232.218 Process svchost.exe (928) listens on ports: 135 (RPC) Process svchost.exe (1220) listens on ports: 2869 (SSDP event notification, UPNP) Autoruns and critical files --------------------------- Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe ATI External Event Utility for Windows C:\WINDOWS\system32\Ati2evxx.dll Catalyst® Control Center C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ComcastAntiSpy.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe Flash® Player Installer/Uninstaller C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe iTunes C:\Program Files\iTunes\iTunesHelper.exe Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe Logitech GamePanel Software C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe Logitech GamePanel Software C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe Logitech GamePanel Software C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe LWEMon.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe Malwarebytes Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\logon.scr Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll MotoHelperUpdate C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe Pando Media Booster C:\Program Files\Pando Networks\Media Booster\PMB.exe QuickTime C:\Program Files\QuickTime\QTTask.exe Razer Naga Systray C:\Program Files\Razer\Naga\RazerNagaSysTray.exe Realtek Sound Manager C:\WINDOWS\soundman.exe SpotifyWebHelper.exe C:\Program Files\Spotify\Data\SpotifyWebHelper.exe SupportSoft Container C:\Program Files\Common Files\SupportSoft\bin\bcont.exe Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll zLoader C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader.exe (verified) Google Update C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll Browser plugins --------------- dtx Dynamic Link Library C:\Program Files\xfin_portal\comcastdx.dll AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll AUX BHO C:\Program Files\xfin_portal\auxi\comcastAu.dll Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll Bonjour C:\Program Files\Bonjour\mdnsNSP.dll Flash® Player Installer/Uninstaller C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe Google Update C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll Java Platform SE 6 U29 c:\program files\java\jre6\bin\jp2ssv.dll Java Platform SE 6 U29 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll Java Platform SE 6 U29 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll Pando Web Plugin C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll Skype Click to Call C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Unity Player C:\Documents and Settings\California Raisin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Scan ---- MD5: 4ca43b85f22c7739311788b651a779cb C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe MD5: d566847532183a720a0177565014cb73 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll MD5: 5efdce32d13d2c217bb9b1c0f8cbadb3 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll MD5: 2e5215bd0924767329ce155f90ee79a0 C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader.exe MD5: 95151d7903fef5f221a3b5be603e69bf C:\Program Files\7-Zip\7-zip.dll MD5: 7ec56424e3e77ebf4bf5e0798175e4e5 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe MD5: 0a7977ff7535f237c8c745ae09887c35 C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MD5: d68018aebb6226bca5103da8b66a57d6 C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbhelp2.dll MD5: 0be92b27dc8c7b6035a5ec373fc2b619 C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbocx.ocx MD5: c24e0303133512c7eb8c3de44697487a C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MD5: 492c24d63daad8ec2bedefa8525d27e5 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll MD5: 4c08fb7acb28689b586d986d3f5826cf C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe MD5: 53fd418622b72d709ce92aa8dbfdb0f6 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MD5: a28de8e4eb7641639f68c62a32264578 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll MD5: dab3b370e0c2815fdf5b29204b8fb984 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll MD5: 7f9a009e33940087fde0fa25d8aa5706 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll MD5: 0386fad4fee556be7c263dd397d30e75 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll MD5: acfd0d2cd67c478673f2eab1cb4d9d79 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll MD5: 6b87742f27b087af7fd4adc2db685de0 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe MD5: 1cd99fdb466276d79c8d47753ef4aacb C:\Program Files\CA\PPRT\bin\CACheck.dll MD5: cf7460002344f4dd680fe4aed1994252 C:\Program Files\CA\PPRT\bin\CAHook.dll MD5: 362529ba150768ad05dfeee9ea4b6c07 C:\Program Files\CA\PPRT\bin\CAServer.dll MD5: f5b72dae7950f73a0e0edf67be167b5f C:\Program Files\CA\PPRT\bin\ITMRTAPI.dll MD5: 54f694c6cd3a1149ba3a8bdacc83badc C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe MD5: 1192f1b00602918614e65b27b6560745 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe MD5: f9dac844b1d370da4c984d4c22f5e696 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe MD5: 6cea425334b7de84c48285be21fdc9bf C:\Program Files\ComcastUI\Desktop Software\bin\snc.dll MD5: db4961bbb3c1cf487904b15ea5b5884b C:\Program Files\ComcastUI\Desktop Software\bin\sqlite3.dll MD5: 76f6365f5417c5e0fd1edc16542e588c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll MD5: 60e5af8b7b4140c711b050fae5a3ab70 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll MD5: 1582cdeeb5866625e48202cc35662390 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: 5afde66182599274ede47a4448da096f C:\Program Files\Common Files\Apple\Apple Application Support\ApplePushService.dll MD5: 848bc9a0bb2361e549fd4c22d7548fb8 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe MD5: 8a6b867fc26b9850d446d2d86e5db071 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll MD5: a86e24dc982bcaf64e3b1f4e1070e9c8 C:\Program Files\Common Files\Apple\Apple Application Support\AVFoundationCF.dll MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll MD5: c39da0b6ca362965b2b513f721b17188 C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll MD5: a26e62bf4ca87b26940373c8ef48df22 C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll MD5: e0a98c53b7f05900e11de1b211fd3121 C:\Program Files\Common Files\Apple\Apple Application Support\CoreMedia.dll MD5: fdd9cfd8fcf575e4ea7915405131f815 C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll MD5: bb3a22f3eed85a12cfb2dd60d9f9b52f C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe MD5: e2d1853679f5bccdb9100d02ae8a0444 C:\Program Files\Common Files\Apple\Apple Application Support\Foundation.dll MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll MD5: 0220a5e4216d8f74837c18bb24999c86 C:\Program Files\Common Files\Apple\Apple Application Support\JavaScriptCore.dll MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll MD5: 9cb819197e6b2fd3dc0429e3dc1ccfdd C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MD5: d78df11458a7d878cf9675062483e9f9 C:\Program Files\Common Files\Apple\Apple Application Support\MediaToolbox.dll MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll MD5: 263d639ed97ef80f25b5e5b78022600c C:\Program Files\Common Files\Apple\Apple Application Support\QuartzCore.dll MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll MD5: 3a65eea3912c3b07e0edbdd89340f325 C:\Program Files\Common Files\Apple\Apple Application Support\VideoToolbox.dll MD5: 398ce9951d28ed142b72e8826d398958 C:\Program Files\Common Files\Apple\Apple Application Support\WebKit.dll MD5: e4b9642dcf6f4ab69c7fd1cffab2684b C:\Program Files\Common Files\Apple\Apple Application Support\WebKitQuartzCoreAdditions.dll MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MD5: 006878c5f4573b716fa118244a8c6654 C:\Program Files\Common Files\Apple\CoreFP\CoreFP.dll MD5: 9da5f9909ef807e5a265fb66a70be4ab C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe MD5: e001d8a536854ad14e4998ccbed84207 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper_main.dll MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe MD5: f8ecb748b53a010464f7a63154d75f56 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll MD5: 22d4150cc68ff9f604ec1d485f22ed7a C:\Program Files\Common Files\Apple\Mobile Device Support\DeviceLink.dll MD5: 09ead9cb2346b671f8f079d3472134d8 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll MD5: 2c478e667ce27b2b7142f756cf569a9a C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll MD5: 6d304c8ae9ef67197908b43f9c21f5d5 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices.dll MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe MD5: 9adff67d4d6c73403bec39e51ccae1ba C:\Program Files\Common Files\Logitech\Gaming Software\LWComCtl.dll MD5: c27e770204a8b7d92ea69a0179fe42e4 C:\Program Files\Common Files\scanner\ppctl.dll MD5: ac45ce93a426000dc0a5b8bc2491bf92 C:\Program Files\Common Files\SupportSoft\bin\bcont.exe MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\ieproxy.dll MD5: 0a39eead063ccdff36ac9f0b8f800956 C:\Program Files\Internet Explorer\iexplore.exe MD5: 7d894ed61ef0505277d8a476d7df43f1 C:\Program Files\Internet Explorer\plugins\nppdf32.dll MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: 57edb35ea2feca88f8b17c0c095c9a56 C:\Program Files\iPod\bin\iPodService.exe MD5: e2ae392170bdd664739bb09552d833dc C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL MD5: 693c7694d451c51beae530f75a18e0df C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL MD5: d10fbb45b5d67dcc199a1f4a6f77c697 C:\Program Files\iTunes\GNSDK_DSP.DLL MD5: c8cf00b570c6eb649b2941ff59378345 C:\Program Files\iTunes\GNSDK_MUSICID.DLL MD5: 56172adea7c6a1276592099e4eae6f61 C:\Program Files\iTunes\GNSDK_SDKMANAGER.DLL MD5: d50ee7a946c943535ae0a34547138669 C:\Program Files\iTunes\GNSDK_SUBMIT.DLL MD5: 1208e938457245b126be36fe5e28293e C:\Program Files\iTunes\iTunes.dll MD5: 529cff8518d682bd7d08fa6399516c47 C:\Program Files\iTunes\iTunes.exe MD5: 21db846f20ab21e877de330e19aad001 C:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.DLL MD5: 0c7f4c01733fc8a19206f48c472abe79 C:\Program Files\iTunes\iTunes.Resources\iTunes.DLL MD5: f8e3a0ca8e956ea73a0919e1ccee8841 C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.DLL MD5: b64f80b64ee7de4fb68a0feda192ee52 C:\Program Files\iTunes\iTunesHelper.dll MD5: d9d79f547ae2a70c650dfcfc27aec0f7 C:\Program Files\iTunes\iTunesHelper.exe MD5: f047ac8029004b2fb94e2429f54617a9 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL MD5: a0f110ab73271da15e6bc314a8c1512a C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL MD5: 8d43de6f1385057b8ad2857547b7b828 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll MD5: dc365b6e595683f67bc21a203432e336 c:\program files\java\jre6\bin\jp2ssv.dll MD5: 381b25dc8e958d905b33130d500bbf29 C:\Program Files\Java\jre6\bin\jqs.exe MD5: 1e96525ae85d402f9f8047f8caef5f06 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll MD5: e3a7850421a4ab8b15fc174eb587bc6b C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll MD5: 5b20bd25c013a56655484b6b7c2258cb C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe MD5: fcaa9a05556e49299da68ce2dfc06ed8 C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe MD5: 5b83e644caede56df6f28f7f257f1351 C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe MD5: ff442a1adc7c5cff2de4a03bd3737e46 C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe MD5: a8ec1fdabdbdbe3c0a4b9debdd09b4b8 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe MD5: c8230a35683b083ff87b7187c337c4c6 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDRes.dll MD5: b299ad8407ff9f240122c1563dc1be26 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDDevices\EDMBTDD.dll MD5: 819dae26beab9f0d0241f9972fac012a C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDDevices\LCDExtDevMngrEmulator.dll MD5: 3a233fcf3b577ffde24e27ab69f5bdab C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe MD5: 001a13ed834f5117b4659b31829d62b4 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LgLcdApi.dll MD5: ea1c5fb5359a19e7b43827e36e801665 C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe MD5: 09389b7d85a35cb4d141252dff471499 C:\Program Files\Logitech\Gaming Software\LWEMon.exe MD5: c594ca68c668bbe4a1f0db8336dc8ea1 C:\Program Files\Logitech\Gaming Software\LWGStore.dll MD5: 57c1f46f6dc24e20ee8678fb3ca3a2f4 C:\Program Files\Logitech\Gaming Software\LWPrfRC.dll MD5: d65100aeedeefdba48c6ce1d340d299e C:\Program Files\Logitech\Gaming Software\LWUtils.dll MD5: 9c5b0134d7a403b151617952adc4b7d0 C:\Program Files\Logitech\Gaming Software\W2KDAPI.dll MD5: 64cc5502c69fc6d67735c10cb579c548 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll MD5: 0d4f461d515bb1c933533c712d99e75b C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll MD5: 55b8c7b701c4d1b0c479f3ffea83850f C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll MD5: 1b82bcf0b8f9228b39f75b0dfa079a21 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MD5: 60721aa3316a200a8de23f1c502382fd C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll MD5: ba400ed640bca1eae5c727ae17c10207 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe MD5: c9023e9c5227bc4ca75f903bd5d474d4 C:\Program Files\Motorola Media Link\DbAccess.dll MD5: a2d2f17946ac8c4e67c02b236dc13422 C:\Program Files\Motorola Media Link\InterProcessChannel.dll MD5: 22677ce75e483bb00fa7a1175ff571eb C:\Program Files\Motorola Media Link\liveupdatetactics.dll MD5: bba77fdba952bad7505291f2403b2813 C:\Program Files\Motorola Media Link\NAdvLog.dll MD5: a03f325a484a7944908c7b34f78cced9 C:\Program Files\Motorola Media Link\netsharingservice.dll MD5: 2fc5b60dec8bf68751dd4420ebda3c5f C:\Program Files\Motorola Media Link\NFileCacheDBAccess.dll MD5: a8680cf70e925aeba7b035fc6129fe87 C:\Program Files\Motorola Media Link\nfilemonitorinservices.dll MD5: 4c5b764bf7fa15bc467dee75018dcb2b C:\Program Files\Motorola Media Link\nitunemonitor.dll MD5: 03f0c44a5225df314f67082ae0d55ab5 C:\Program Files\Motorola Media Link\NLog.dll MD5: 893a82d118833a850459dd470ffa48d9 C:\Program Files\Motorola Media Link\NServiceEntry.exe MD5: bd8146312ffe5f51da66e7725e989e36 C:\Program Files\Motorola Media Link\sqlite3.dll MD5: aa6957ee45db8e5b65fb244deaa4259d C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe MD5: 9dfd34e6841c460b5d992a1c5327ae69 C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe MD5: 61461237eb804a4712bcc6e9a27d1d48 C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe MD5: b990cb9e77e4a0a41281b263c055dfc8 C:\Program Files\Motorola\MotoHelper\PST.dll MD5: 0efa66e9384dbced4d639fb9bdd97536 C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll MD5: c7144387e236687f8fb3f26fc845a822 C:\Program Files\Pando Networks\Media Booster\PMB.exe MD5: 8b4202ecc10d4868476fc0d62c3c0dcd C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx MD5: b4128e08c7fcb87f18c110728f326b88 C:\Program Files\QuickTime\QTSystem\QTCF.dll MD5: e58ce86d472613a7b8b76a5b9efe51e5 C:\Program Files\QuickTime\QTSystem\QuickTime.qts MD5: 29a6de9708f86cf5213890b0999b8f6f C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx MD5: f25e5e8e54b8b66f1adf931e7540c6f1 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx MD5: f7b437e5c2325ffd0277775415db74c6 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx MD5: d35d47479d7697a4ecd62d586e45da7d C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx MD5: 5eb3889c5456fe592caea9ca90e43c45 C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx MD5: e54453e9db76979c3008a59316fe53cf C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx MD5: 0e23252e5ae79967ce04eccdda405d81 C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx MD5: ac8f76f0598cbc24158537342be7b067 C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx MD5: 3c82c80920050798882882cbf3efd890 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx MD5: df5a141d3db468207b6b70b2ad122df1 C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx MD5: 385ec86178a37edec44717a86a89783e C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx MD5: 46c62c86c5b96a8fc0eea6c7c027e55d C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx MD5: 4b7bdf1690a7468aded10836ee6b5825 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx MD5: 418edb0df655f2152ca9d9855e8500bc C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx MD5: 5891edf65ef6396306958e80cc2e9f26 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx MD5: a6660592449f734ee731aca01bf06150 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx MD5: 7a29400b93a74bf55ea14e8164abc788 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx MD5: b68b7f53f6c7d4705e7f0b8fd4a57e9a C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx MD5: af43c4f7f3c8bc95dad95024f96cdc4a C:\Program Files\QuickTime\QTTask.exe MD5: 14b04745bbbe9feef745f7fb9e46d3cd C:\Program Files\Razer\Naga\RazerNagaSysTray.exe MD5: 2f01a0607e0018a943f7018e2bfa1cbc C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll MD5: 6d8a64133e745ee78c701b56f062b581 C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll MD5: 4a1af0fd1f70ee7dd2521ce29595e262 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll MD5: 6128e98eaaed364ed1a32708d2fd22cb C:\Program Files\Skype\Updater\Updater.exe MD5: e0dd774689998f43167c4799f9b69fc3 C:\Program Files\Spotify\Data\SpotifyWebHelper.exe MD5: 30a23a61e651c7487407cf74176c6ab1 C:\Program Files\WinRAR\rarext.dll MD5: 79b61ca6d79643ea6702a39975d3308e C:\Program Files\xfin_portal\auxi\comcastAu.dll MD5: 05b3c0514f0fbd0682605d47e678aa53 C:\Program Files\xfin_portal\CIDCoreLight.dll MD5: 52df0d1a9af8e4903c2bd885aedeb285 C:\Program Files\xfin_portal\CIDGlobalLight.exe MD5: fc3b6c301c5627bf01f59c7d4f5325bf C:\Program Files\xfin_portal\comcastdx.dll MD5: 891c6efb56ce86c46afeabc9319270ee C:\Program Files\xfin_portal\comcasttb.dll MD5: 60fb5441ca51a0c82c9a79cf77255d7c C:\Program Files\xfin_portal\dtxcid.dll MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL MD5: 1bf1820b86f4921d42d74c922044ac18 C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MD5: 93d5b9634c4744fb115785081ecf9738 C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MD5: 05e8a9b52ec52dd611b748d80f3b212b C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MD5: b8d8fb4d41fb3df6f3a24495f6b5e0e9 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MD5: 34138ac5853df0e420904c4b0eb58898 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MD5: ceaa5823bd0eccb77675de53cfc59f23 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MD5: dac86f8aa223fa55adbc94bd2033df7f C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MD5: a2c0e7f8793569c4cc8ca0d5301f283e C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MD5: a9b6dc36bb618a73109fb25309777322 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MD5: 1eb5c58c9b446a13a8319ef513e8b5e8 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MD5: 8eb085b26e602cb4a1203f4f1f8ac6f4 C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MD5: 1dcbf9e1b0288b5f7163f83227d590cf C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MD5: 0eb0ff2b6755532976080cab065f202c C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MD5: 87a64bfbb70a1310841ec80b65fe1ff6 C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MD5: 68144ab8df75dac07d5a7fcc3be543d5 C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MD5: 319d21c329a8c6efa03271d165a92296 C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MD5: ee850c95ed088e8835f2425ee551296f C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MD5: cd632a9274e7e85b9f37f84c91595c27 C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MD5: cc11db5c74e316c9b952d32d4c37ec77 C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MD5: 3f96dea77d74a25d49b3572cf8e4af08 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MD5: a7531c8762c22296cda9f6177d7ff516 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MD5: 4523f481ed52ef72fe0c9769d01d36db C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MD5: 4ee13d5ea60a071e0e17e9a9483d8ce9 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MD5: 415ca8012b7854231ce57eda2f6ada0f C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MD5: 97cfb48ba02d9682af5310c18d708f2e C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MD5: 84c2bdb0072817c2a44d80a69f9327bb C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MD5: 351f95347522e47d9fb544d55fe8528b C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MD5: d05946ff2cf31408f55e647e1522608d C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MD5: 2b0f2b8ad30b9620b25c4d0f2b07bfb7 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MD5: 87e6cca5694e6855ad34e7e7b968931b C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MD5: fdde3339aa1e9144ea217167a4dee514 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MD5: 3b5211f0135bedc6463cb2722d367a51 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MD5: 0a992d463652916ed94e94ffa3556b56 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MD5: 1ff7f1098dac0da6280d6fc9b8d89e6f C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MD5: 47f0616b7e953069e74d1eb8e2c0d117 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MD5: 58f23817121167367f60fec5f22dffe1 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MD5: 31c2a9e6d8fefa62759318a7f85ea646 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MD5: d7a9e6de02456fe89b5e4f8c44f97573 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MD5: e0da133ec34808f11a06173ee1c824ff C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MD5: 406b61c18ca8e8d9937d3c22699c93f2 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MD5: b962a41eecf27644d7b6159060a5db9c C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MD5: 12ea8e287b0fb384adc23bc9ef6ebdda C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MD5: 7c1a3466f865659bd269ce0a84395203 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MD5: 7a3f552fd571f0f353a1200317916f05 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MD5: d3bf1a9c68eb36e3b3db9aa193098bde C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MD5: 14018abdb92b40a145e24c441f5c4361 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MD5: 6b06dc2e6c92ca4d0e454822fd6d7def C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MD5: c60e27cdfe13e60ca4104fd64c6bf489 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MD5: 59d42565def6ccaf4b30dad7eda6c8d4 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MD5: d964f24ef86eecb89f2a4787ab342e90 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MD5: 29b9865b584cedbdab18f3df9685ac6e C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MD5: d4f311230304c3739d08ba3843df8218 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MD5: 4d2d6c3b8280d48c33745acc44894702 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MD5: 98b592661fd0c4ef17998f80685e0a2c C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MD5: bbff54351ac391c463a5c59e72ec0182 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MD5: 309875e7656b02e0d39e20370fcf7941 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MD5: 4936982f43a4f23856b398b3d9dd1589 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MD5: 6dbcab052498ed01f64dce654053a988 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MD5: ba8e4def946325d96ef2da87ecffc594 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MD5: cc72b2b5f4671daebc2c108b55948547 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MD5: 68b8c3df7879e16172448d51855b0c2b C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MD5: c842850c5cf60f8244fa3c947d9f5292 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MD5: 0d80843568d285390d7b53aa2b64284c C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MD5: 459a3b2798111fd1441288b3d513194e C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MD5: 26beb141ba70fd1427c69a3d8ec27a79 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MD5: 97a04c595ab057cd5ca196594c089868 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MD5: 54387b3763ba5c91a4c6fa8e5916b2df C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MD5: e2fd982225e74c36e7116f3732528d05 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MD5: 62b845865fd089cee940e682a7793253 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MD5: d38601320578fb9235e6a3634ae5fe20 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MD5: 2d7a18a2f2d9179acc924268d4e1e1cb C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MD5: 8101b245825f44e38fd1c64a9aafaf79 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MD5: 17ecafff1d9d9e27efec518efec41705 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MD5: ca4feafc8265dbe67e59b4ab8d2cb5e6 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MD5: cbfe37640b143f6b00d7bd841a09b11a C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MD5: 1f3d9b7cf4749de1bbca442142976a15 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MD5: 3eb71bb5571db026448fb00c80961d5a C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MD5: 31f3a43ddf0fe42f88de86004003e01f C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MD5: 2f0a0d437666efecef0fcecb44700ca3 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MD5: ce0b66d0140a1f965bb823578ab528a5 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MD5: 947310f021180116651f51bb7ba48eee C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MD5: 805a0d817c61a2778e5859689fc7cbb8 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MD5: e46c94064b485bb0adfb8ed53ccfd598 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MD5: 20849a34583be3fe20c4852752bdf91f C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MD5: 4b43c814460a358c1685e845a98c8b4e C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MD5: f58361a167eea11ca4edb7db51f99db0 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MD5: e40bc3251f860437c4d9068cc9284f80 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MD5: f26996e9c8d91f5825a692df8e169506 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MD5: 2d9e419ba6937d089b1cfd7c862f43b9 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MD5: f6f72c70c12aac66c5b9efcbef484188 C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MD5: a4ec9e917285a39f6fe7fa40669aaa03 C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MD5: f73739ba177c749156f4ba29b314fc6a C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MD5: 2e7fab502a8615b1aab0eab35afbca3b C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MD5: 814b9d77b93f0f10d1619483e39a6141 C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MD5: 03571509ec8c5cda4c347e5398ae0e29 C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MD5: dc3ca97fe07a5e4387d53e3d77b4a7a7 C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MD5: 80afa16c347a60ba6ecabcfb7351585d C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MD5: 6a9e809b1f3a3a102158b9327d5647b0 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MD5: df8ea7c61bad44d22867a1b9aee4e3d8 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MD5: 14d1332bd5dedabd1c85a5d74eb4bada C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MD5: 2995d06505645fe3e58cf270a6653dc8 C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MD5: 1fb0a27b193819538267230cc56e0f8e C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MD5: 9d5f0100cef5ab1db7111e0004e61003 C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MD5: 614497232e50588481047b85f70b900c C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MD5: 986f472cdcd90453bbb0643a235ace09 C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MD5: f835d707a2756f3ac756331dc2e5fde2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MD5: dec7885b2ef0966ea285c9a40e7afba4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MD5: be14dc6443efe37e938bb303f64a1da9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll MD5: d6853d7d19d9074d55356989483d0a35 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe MD5: 1d52bcaf65ec439c735ed109431d1c09 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MD5: c05a4d494c3096782f80cfdf7f4aefa8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MD5: 4da6843e52f8128156130b6d3679fd06 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll MD5: b7a48556eb302cd02a725d2d425f2d0c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll MD5: 1e5a9e180c2632361b38d4208828a843 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MD5: a7e9d45b18a13dc18e3c0311d1cf620f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MD5: 8563f5a4f6342ba64e7c398f7efcc350 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MD5: 72cadf7ee0722dae4a6b98eefeac06bc C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MD5: f746a5b455ce09862c229385d8663213 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll MD5: 632e0ce38fbcadeaae28077f4c9c45d5 C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll MD5: b560a085eed4d5d72b039929f9ae4991 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MD5: 1c88cf5977c016a37bfac1178daa7822 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: 80fd4d46b0e9b620cf757a9a5c789329 C:\WINDOWS\soundman.exe MD5: 4bce9458d7db86503b9716872e290f0e C:\WINDOWS\system32\advpack.dll MD5: 9663d8d8f038a8ecbaf608e400af5c96 C:\WINDOWS\system32\Ati2edxx.dll MD5: 4ebc9af70e5ddedfdb8d9ddb530d7929 C:\WINDOWS\system32\Ati2evxx.dll MD5: 471087b5e1e01cc82604e81ea14781d8 C:\WINDOWS\system32\ati2evxx.exe MD5: b979ba0120b6db757196a8e2e873fe3c C:\WINDOWS\system32\ati2sgag.exe MD5: fddb43a59b65006b2917239e1051c1f9 C:\WINDOWS\system32\atiadlxx.dll MD5: 00c192bf2565c2e5b1ab7845174a50b3 C:\WINDOWS\system32\ATIDEMGX.dll MD5: 25a6598909434f80535967a6472a4d75 C:\WINDOWS\system32\atipdlxx.dll MD5: 0e674f69c754e853119dfa23de2dee86 C:\WINDOWS\system32\BROWSEUI.dll MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll MD5: fa691baa45b009717b057ea326f9f698 C:\WINDOWS\system32\corpol.dll MD5: 64416c6e07606720c1ece6dd374bdffd C:\WINDOWS\system32\CRYPT32.dll MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll MD5: bc87db4759083525f96a159861670c5e C:\WINDOWS\system32\DINPUT.dll MD5: aa0507f0516a4dff1b1279ab4a2abb37 C:\WINDOWS\system32\DINPUT8.dll MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll MD5: 678c8fdb9d6094d41f322b7159853c54 C:\WINDOWS\system32\DRIVERS\AE1000XP.sys MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys MD5: dd8520280304b6145a6be31008748c7c C:\WINDOWS\system32\drivers\ALCXWDM.SYS MD5: efbb0956baed786e137351b5ca272aef C:\WINDOWS\system32\DRIVERS\AmdK8.sys MD5: 116bff96077a4a724e0aab800525ceb5 C:\WINDOWS\system32\DRIVERS\AN983.sys MD5: c0b86ecb324e50f6bbd529f9d5c6b24b C:\WINDOWS\system32\DRIVERS\ati2mtag.sys MD5: 248dfa5762dde38dfddbbd44149e9d7a C:\WINDOWS\system32\drivers\BVRPMPR5.SYS MD5: 170e7093a77ad586f3a012a3db651d94 C:\WINDOWS\system32\drivers\LGBusEnum.sys MD5: d2dd04d1c8df65eecd1f2c7fb947d43e C:\WINDOWS\system32\drivers\LGVirHid.sys MD5: fb097bbc1a18f044bd17bd2fccf97865 C:\WINDOWS\system32\drivers\mbam.sys MD5: f4ea1193a52c8fe4b8a135e210abe546 C:\WINDOWS\system32\DRIVERS\motccgp.sys MD5: b812da6605caf02641312f1f65c75419 C:\WINDOWS\system32\DRIVERS\motccgpfl.sys MD5: 4813df77ede536a52e3737971f910baa C:\WINDOWS\system32\DRIVERS\motfilt.sys MD5: 69814acd50a9d6d28296050ef6215d46 C:\WINDOWS\system32\DRIVERS\motmodem.sys MD5: ddc489d40b49f443787e7ffa75373522 C:\WINDOWS\system32\DRIVERS\Motousbnet.sys MD5: fd8c2cef7ad8b23c6714103d621fac1f C:\WINDOWS\system32\DRIVERS\motswch.sys MD5: f780c53d98a0aad28f5b7403b184aea1 C:\WINDOWS\system32\DRIVERS\motusbdevice.sys MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys MD5: c03e15101f6d9e82cd9b0e7d715f5de3 C:\WINDOWS\system32\DRIVERS\nvata.sys MD5: 97724affdd7a5a47c3bc07ccd1b88745 C:\WINDOWS\system32\DRIVERS\NVENETFD.sys MD5: 82c2b3a89b9edfa6287c5aba1a4e6a99 C:\WINDOWS\system32\DRIVERS\nvnetbus.sys MD5: 2e2f0d988f6d46e5e5e84d9fcad39081 C:\WINDOWS\system32\DRIVERS\RzSynapse.sys MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys MD5: 84a90f13eebf4380345ef9474d30f10e C:\WINDOWS\system32\drivers\WmBEnum.sys MD5: eb0034ac02a44dc784a3174d2b81e764 C:\WINDOWS\system32\drivers\WmFilter.sys MD5: 72c4f5a748c74d8d4016ccfa7367210f C:\WINDOWS\system32\drivers\WmVirHid.sys MD5: eacdcced934a185e61ce0684f71c2dec C:\WINDOWS\system32\drivers\WmXlCore.sys MD5: 81b26a227154d6bb02f35ee386a60363 C:\WINDOWS\system32\Dxtmsft.dll MD5: 7ee31279b0492b120c6cb42da1662548 C:\WINDOWS\system32\Dxtrans.dll MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll MD5: ebc5fdb68f47fa2e2457753254cb667a C:\WINDOWS\system32\ieapfltr.dll MD5: ac79d3c967555a1db88ae8507d869c73 C:\WINDOWS\system32\ieframe.dll MD5: ea1f8e0964c58e3c92f9497298c1cd0c C:\WINDOWS\system32\iepeers.dll MD5: 24b8d57cfb2530a5b6b2afff16bf37d8 C:\WINDOWS\system32\iertutil.dll MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\system32\jscript.dll MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\System32\logon.scr MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll MD5: 711fd53e441255983c0ab014e2f107f4 C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.DLL MD5: 5ebae291aa1351e68855e23e7a3c3db8 C:\WINDOWS\system32\mshtml.dll MD5: 5dbfcd7ea5208e38ffc2bb9bb9170171 C:\WINDOWS\system32\mshtmled.dll MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll MD5: 358bce24576e414367868a2b700ba3c1 C:\WINDOWS\system32\MSRATING.dll MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\System32\netshell.dll MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll MD5: b54653db59a4f74d090ef268347dbb95 C:\WINDOWS\system32\pngfilt.dll MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll MD5: 071fd7a8ca8f49a85b09a3587a0adf51 C:\WINDOWS\system32\RzMwApi.dll MD5: ff257ccca321cd2a697bb5ca38c9ec87 C:\WINDOWS\system32\SCARDDLG.dll MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll MD5: f0a0ebf086597e645bc14b0d98f8ba58 C:\WINDOWS\system32\scrrun.dll MD5: 7a1f71316a894aeaf557647d76f21f2f C:\WINDOWS\system32\SHDOCVW.dll MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll MD5: 200c3f8e80b72b63558b3bc47a6807a0 C:\WINDOWS\system32\slbcsp.dll MD5: 421b2f81cbb65f94a70a3316c7be0e7c C:\WINDOWS\system32\SlbIop.dll MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll MD5: b79fa091e4dbffd78e22f32b6171d365 C:\WINDOWS\system32\urlmon.dll MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll MD5: c4869e975893c7257ba5e920914a287a C:\WINDOWS\system32\webcheck.dll MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll MD5: 4728b67cc9190c8f46500a9df97f1490 C:\WINDOWS\system32\WININET.dll MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll MD5: 5caf91e865fe0c85048a233e594544d2 c:\windows\system32\WUDFPlatform.dll MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\xmllite.dll MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\system32\XPOB2RES.DLL MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll MD5: 4928ab3a304ddf05c354de3807a4a66b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL MD5: 686b224b4987c22b153fbb545fee9657 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll No file uploaded. Scan finished - communication took 3 sec Total traffic - 0.02 MB sent, 1.52 KB recvd Scanned 822 files and modules - 80 seconds ============================================================================== RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: California Raisin [Admin rights] Mode: Scan -- Date: 06/19/2012 18:18:29 ¤¤¤ Bad processes: 1 ¤¤¤ [sUSP PATH] c2c_service.exe -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000AACS-07G8B0 +++++ --- User --- [MBR] 3f2afa5016d756525b66795c3b69bbd5 [bSP] a1f7e178c2d5affb2913affc0f0f9925 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476938 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt
  6. Thank you very much for your time Maurice. Here are the requested logs. Logfile of random's system information tool 1.09 (written by random/random) Run by California Raisin at 2012-06-19 17:53:28 Microsoft Windows XP Professional Service Pack 3 System drive C: has 419 GB (88%) free of 477 GB Total RAM: 3071 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 5:53:31 PM, on 6/19/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17110) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Motorola Media Link\NServiceEntry.exe C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Razer\Naga\RazerNagaSysTray.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\SupportSoft\bin\bcont.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe C:\Program Files\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\explorer.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\California Raisin\My Documents\Downloads\RSIT.exe C:\Program Files\trend micro\California Raisin.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xfinity.com/?cid=insDate03062012 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.logitech.com/gamepanel R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;*.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Razer Naga Driver] C:\Program Files\Razer\Naga\RazerNagaSysTray.exe O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [zLoader] C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden O4 - HKCU\..\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide O4 - HKCU\..\Run: [spotify Web Helper] "C:\Program Files\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll info.txt logfile of random's system information tool 1.09 2012-06-19 17:53:32 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe" Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex Adobe Reader X (10.1.3)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly Apple Application Support-->MsiExec.exe /I{EB879750-CCBD-4013-BFD5-0294D4DA5BD0} Apple Mobile Device Support-->MsiExec.exe /I{EFC04D3F-A152-47E7-8517-EE0F6201AFEF} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean BitComet 1.25-->C:\Program Files\BitComet\uninst.exe Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B} CA Pest Patrol Realtime Protection-->MsiExec.exe /X{F05A5232-CE5E-4274-AB27-44EB8105898D} Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA} ClipGrab 3.1.0.2-->"C:\Program Files\ClipGrab\unins000.exe" Comcast Desktop Software (v1.2.1)-->MsiExec.exe /I{118C3943-1683-42EF-824D-C22E70DB42E7} Diablo III-->C:\Program Files\Common Files\Blizzard Entertainment\Diablo III\Uninstall.exe ERUNT 1.1j-->"C:\Program Files\Anti-Virus_RootKit\ERUNT\unins000.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" iTunes-->MsiExec.exe /I{23B8A91D-680B-462B-87AD-3D70F7341731} Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF} League of Legends-->"C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly Logitech GamePanel Software 3.05.151-->MsiExec.exe /X{BF9FD124-1112-4C8D-8F79-779A11C6287D} Logitech Gaming Software 5.08-->MsiExec.exe /X{33BC9D7E-E790-495E-A4EA-CFB160C17A91} Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} MotoHelper 2.1.32 Driver 5.4.0-->C:\Program Files\Motorola\MotoHelper\uninstall.exe MotoHelper MergeModules-->MsiExec.exe /I{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9} MOTOROLA MEDIA LINK-->MsiExec.exe /X{D9DC70B6-BE13-41DD-9053-9E617E72D085} Motorola Mobile Drivers Installation 5.4.0-->MsiExec.exe /X{6C12B6BF-3891-497B-B5CA-3D64DA093947} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C} Razer Naga-->MsiExec.exe /X{ED4108A9-60FD-4F18-AF42-122219977773} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2416400)-->"C:\WINDOWS\$NtUninstallKB2416400$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe" Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe" Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe" Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe" Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe" Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe" Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe" Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe" Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe" Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" USB Video Driver-->C:\Program Files\InstallShield Installation Information\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}\setup.exe -runfromtemp -l0x0009 -removeonly Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\embda.inf Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emaudio.inf Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe X3 Reunion v2.5-->"C:\Program Files\EGOSOFT\X3 Reunion\uninst\unins000.exe" XFINITY Toolbar-->C:\Program Files\xfin_portal\uninstall.exe ======System event log====== Computer Name: GAMEPC Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 7997 Source Name: Tcpip Time Written: 20111014075719.000000-300 Event Type: warning User: Computer Name: GAMEPC Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 7996 Source Name: Tcpip Time Written: 20111014051240.000000-300 Event Type: warning User: Computer Name: GAMEPC Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Record Number: 7995 Source Name: W32Time Time Written: 20111013180344.000000-300 Event Type: warning User: Computer Name: GAMEPC Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 7994 Source Name: Tcpip Time Written: 20111013071753.000000-300 Event Type: warning User: Computer Name: GAMEPC Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 7990 Source Name: Tcpip Time Written: 20111013042511.000000-300 Event Type: warning User: =====Application event log===== Computer Name: GAMEPC Event Code: 0 Message: Could not detect IIS installation or IIS is disabled, skipping the Web Host Script Mappings component since it depends upon IIS to function properly. If you believe this message is an error, check your IIS installation to make sure it is installed properly. Record Number: 93 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20120511040529.000000-300 Event Type: warning User: Computer Name: GAMEPC Event Code: 1002 Message: Hanging application chrome.exe, version 18.0.1025.168, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 75 Source Name: Application Hang Time Written: 20120507095640.000000-300 Event Type: error User: Computer Name: GAMEPC Event Code: 1002 Message: Hanging application spotify.exe, version 0.8.2.610, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 67 Source Name: Application Hang Time Written: 20120416080920.000000-300 Event Type: error User: Computer Name: GAMEPC Event Code: 1 Message: Record Number: 65 Source Name: Chrome Time Written: 20120415185624.000000-300 Event Type: error User: GAMEPC\California Raisin Computer Name: GAMEPC Event Code: 1103 Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Record Number: 50 Source Name: .NET Runtime Optimization Service Time Written: 20120412042425.000000-300 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2f02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "asl.log"=Destination=file "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Results of screen317's Security Check version 0.99.42 Windows XP Service Pack 3 x86 Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 Java 6 Update 29 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Reader X (10.1.3) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 19% Defragment your hard drive soon! ````````````````````End of Log``````````````````````
  7. I can't seem to get rid of this item, apparently along with some other people. Here are my logs from Malwarebytes and DDS. Will post Attach.txt if need be. Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.18.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 California Raisin :: GAMEPC [administrator] Protection: Enabled 6/18/2012 1:31:53 AM mbam-log-2012-06-18 (01-31-53).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 214095 Time elapsed: 2 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.13 Run by California Raisin at 1:29:55 on 2012-06-18 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2024 [GMT -5:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\Ati2evxx.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Motorola Media Link\NServiceEntry.exe C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Razer\Naga\RazerNagaSysTray.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\SupportSoft\bin\bcont.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe C:\Program Files\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\ping.exe C:\WINDOWS\system32\ping.exe C:\WINDOWS\system32\ping.exe C:\WINDOWS\system32\ping.exe C:\WINDOWS\system32\ping.exe C:\WINDOWS\explorer.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.xfinity.com/?cid=insDate03062012 uInternet Connection Wizard,ShellNext = hxxp://www.logitech.com/gamepanel uInternet Settings,ProxyOverride = 192.168.*.*;*.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - c:\program files\xfin_portal\auxi\comcastAu.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Google Update] "c:\documents and settings\california raisin\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide uRun: [spotify Web Helper] "c:\program files\spotify\data\SpotifyWebHelper.exe" mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe" mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe" mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE mRun: [soundMan] SOUNDMAN.EXE mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Razer Naga Driver] c:\program files\razer\naga\RazerNagaSysTray.exe mRun: [start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [zLoader] c:\documents and settings\california raisin\my documents\downloads\zLoader mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray uPolicies-system: DisableTaskMgr = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{A23E82BC-680E-4814-8F9F-A74BCB0A0CF0} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll . ============= SERVICES / DRIVERS =============== . R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408] R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\NServiceEntry.exe [2010-11-5 81920] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-1-30 654408] R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896] R3 AE1000;Linksys AE1000 Driver;c:\windows\system32\drivers\AE1000XP.sys [2011-5-1 816672] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2010-12-28 14856] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-1-30 22344] R3 RzSynapse;Razer Driver;c:\windows\system32\drivers\RzSynapse.sys [2011-2-20 103424] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2011-12-24 6016] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2011-12-24 20480] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2011-12-24 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2011-12-24 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-12-24 11008] S3 rt2870;Belkin 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys --> c:\windows\system32\drivers\rt2870.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-06-18 05:37:56 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-18 05:31:17 -------- d-----w- c:\program files\Anti-Virus_RootKit 2012-05-24 23:28:53 -------- d-----w- c:\documents and settings\california raisin\application data\LolClient2 . ==================== Find3M ==================== . 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 14:46:47 78336 ----a-w- c:\windows\system32\ieencode.dll 2012-04-23 14:46:47 1830912 ------w- c:\windows\system32\inetcpl.cpl 2012-04-23 14:46:47 17408 ----a-w- c:\windows\system32\corpol.dll 2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 1:30:12.75 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.