CorLut
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by CorLut
-
-
I deleted zLoader from my computer and restarted it. I ran MWB and it found 0 infections in a quick scan (the first scan type that I used to detect the infection). My computer's CPU usage is still shooting up randomly. The range of the spikes is anywhere between 2% to 33% though.
Here is the new log.
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.20.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
California Raisin :: GAMEPC [administrator]
Protection: Enabled
6/21/2012 12:01:45 AM
mbam-log-2012-06-21 (00-01-45).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209642
Time elapsed: 3 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
After restarting, it appears as if I'm still having the same issue. As soon as my computer booted up I pressed Ctrl+Alt+Del and the error message stating that "Task manager has been disabled by your administrator," still pops up.
I noticed that the bitdefender log registered that "zLoader", a map hack I use for an old game, was a threat. I'll uninstall it if that is alright with you. I remember reading about changing as little of your files as possible to achieve better results.
Either way, here is the latest log.
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.20.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
California Raisin :: GAMEPC [administrator]
Protection: Enabled
6/20/2012 3:08:39 PM
mbam-log-2012-06-20 (15-08-39).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 271476
Time elapsed: 41 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
ComboFix 12-06-20.01 - California Raisin 06/20/2012 11:13:35.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2409 [GMT -5:00]
Running from: c:\documents and settings\California Raisin\My Documents\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-05-20 to 2012-06-20 )))))))))))))))))))))))))))))))
.
.
2012-06-19 23:11 . 2012-06-19 23:11 -------- d-----w- c:\documents and settings\California Raisin\Application Data\QuickScan
2012-06-19 22:44 . 2012-06-19 22:53 -------- d-----w- C:\rsit
2012-06-19 22:44 . 2012-06-19 22:53 -------- d-----w- c:\program files\trend micro
2012-06-19 13:01 . 2012-06-19 13:01 -------- d-----w- c:\windows\LastGood
2012-06-18 05:37 . 2012-06-18 05:37 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-18 05:31 . 2012-06-19 22:38 -------- d-----w- c:\program files\Anti-Virus_RootKit
2012-06-15 15:39 . 2012-06-15 15:39 -------- d-----w- c:\documents and settings\Administrator
2012-05-24 23:28 . 2012-05-24 23:28 -------- d-----w- c:\documents and settings\California Raisin\Application Data\LolClient2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-02 20:19 . 2009-08-07 01:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19 . 2010-12-28 08:45 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 20:19 . 2010-12-28 08:45 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 20:19 . 2010-12-28 08:45 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19 . 2009-08-07 01:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19 . 2010-12-28 08:45 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 20:19 . 2009-08-07 01:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19 . 2008-04-14 05:41 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 20:19 . 2009-08-07 01:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:19 . 2010-12-28 08:45 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 20:19 . 2010-12-28 08:45 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2008-04-14 05:41 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39 . 2008-04-14 05:42 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20 . 2008-04-14 01:00 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-04 13:12 . 2008-04-14 00:57 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2008-04-14 00:01 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2010-12-28 08:44 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:46 . 2008-04-14 05:42 1830912 ------w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:46 . 2008-04-14 05:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:46 . 2008-04-14 05:41 17408 ----a-w- c:\windows\system32\corpol.dll
2012-04-04 20:56 . 2011-01-30 23:45 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-30 3077528]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"Spotify Web Helper"="c:\program files\Spotify\Data\SpotifyWebHelper.exe" [2012-05-15 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zLoader"="c:\documents and settings\California Raisin\My Documents\Downloads\zLoader" [X]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-06-11 358472]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-06-11 1809992]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-06-11 3649096]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 61440]
"Razer Naga Driver"="c:\program files\Razer\Naga\RazerNagaSysTray.exe" [2011-02-17 953744]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 153608]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BDARemote.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk
backup=c:\windows\pss\BDARemote.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin F5D8053 N Wireless USB Adapter Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Belkin F5D8053 N Wireless USB Adapter Utility.lnk
backup=c:\windows\pss\Belkin F5D8053 N Wireless USB Adapter Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-12-28 16:22 136176 ----atw- c:\documents and settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Program Files\\Motorola Media Link\\MML.exe"=
"c:\\Program Files\\StarCraft II\\Versions\\Base18092\\SC2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.954\\Agent.exe"=
"c:\\Program Files\\Diablo III\\Diablo III.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.976\\Agent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"25796:TCP"= 25796:TCP:BitComet 25796 TCP
"25796:UDP"= 25796:UDP:BitComet 25796 UDP
"57670:TCP"= 57670:TCP:Pando Media Booster
"57670:UDP"= 57670:UDP:Pando Media Booster
.
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 12:49 PM 616408]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\NServiceEntry.exe [11/5/2010 5:11 PM 81920]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/30/2011 6:45 PM 654408]
R2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [12/6/2011 4:00 PM 214896]
R3 AE1000;Linksys AE1000 Driver;c:\windows\system32\drivers\AE1000XP.sys [5/1/2011 5:09 PM 816672]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [11/23/2009 6:37 PM 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [12/28/2010 4:17 AM 14856]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/30/2011 6:45 PM 22344]
R3 RzSynapse;Razer Driver;c:\windows\system32\drivers\RzSynapse.sys [2/20/2011 4:31 PM 103424]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5/30/2012 1:56 PM 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/29/2012 8:50 AM 158856]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [12/24/2011 1:43 AM 6016]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [12/24/2011 1:43 AM 20480]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [12/24/2011 1:43 AM 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [12/24/2011 1:43 AM 23424]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [12/24/2011 1:43 AM 11008]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 25451735
*NewlyCreated* - 33078345
*NewlyCreated* - IPFILTERDRIVER
*NewlyCreated* - SKYPE_C2C_SERVICE
*Deregistered* - 25451735
*Deregistered* - 33078345
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1647877149-1801674531-1003Core.job
- c:\documents and settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-28 16:22]
.
2012-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1647877149-1801674531-1003UA.job
- c:\documents and settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-28 16:22]
.
2012-05-22 c:\windows\Tasks\MotoHelper MUM.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-06-20 c:\windows\Tasks\MotoHelper Routing.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
2012-05-22 c:\windows\Tasks\MotoHelper Update.job
- c:\program files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06 21:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.xfinity.com/?cid=insDate03062012
uInternet Connection Wizard,ShellNext = hxxp://www.logitech.com/gamepanel
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-25451735.sys
AddRemove-Spotify - c:\program files\Spotify\Spotify.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-20 11:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\Ati2evxx.dll
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
- - - - - - - > 'explorer.exe'(5148)
c:\windows\system32\WININET.dll
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Completion time: 2012-06-20 11:19:52
ComboFix-quarantined-files.txt 2012-06-20 16:19
.
Pre-Run: 439,397,310,464 bytes free
Post-Run: 440,680,706,048 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 7D53C162211FF7A3168F007CF2C8783C
-
QuickScan 32-bit v0.9.9.114
---------------------------
Scan date: Tue Jun 19 18:11:31 2012
Machine ID: 904A9CD7
Found 1 infected file!
----------------------
C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader.exe --> Trojan.Generic.747667
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"zLoader"
Processes
---------
Apple Push 3772 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
ATI External Event Utility for Windows 1068 C:\WINDOWS\system32\ati2evxx.exe
ATI External Event Utility for Windows 852 C:\WINDOWS\system32\ati2evxx.exe
Bonjour 1684 C:\Program Files\Bonjour\mDNSResponder.exe
CallingID 3092 C:\Program Files\xfin_portal\CIDGlobalLight.exe
Catalyst Control Centre 3540 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Catalyst Control Centre 904 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
ComcastAntiSpy.exe 1424 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
ComcastAntiSpyService.exe 1588 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
distnoted 1408 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
eTrust PestPatrol Realtime Protection 1844 C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
Google Update 2408 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
iTunes 1360 C:\Program Files\iPod\bin\iPodService.exe
iTunes 1760 C:\Program Files\iTunes\iTunes.exe
iTunes 1352 C:\Program Files\iTunes\iTunesHelper.exe
Java Platform SE 6 U29 1864 C:\Program Files\Java\jre6\bin\jqs.exe
Java Platform SE Auto Updater 2 0 1188 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Logitech GamePanel Software 2528 C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
Logitech GamePanel Software 2288 C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
Logitech GamePanel Software 2488 C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
Logitech GamePanel Software 2468 C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
Logitech GamePanel Software 1972 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
Logitech GamePanel Software 312 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
Logitech GamePanel Software 548 C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
LWEMon.exe 804 C:\Program Files\Logitech\Gaming Software\LWEMon.exe
Malwarebytes Anti-Malware 480 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
Messenger 1384 C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System 2964 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 988 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 1644 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 3844 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 1480 C:\WINDOWS\system32\spoolsv.exe
MobileDeviceHelper 3528 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
MobileDeviceService 1620 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MotoHelper 592 C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MotoHelper Service 316 C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
NService Application 1768 C:\Program Files\Motorola Media Link\NServiceEntry.exe
Razer Naga Systray 1032 C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
Realtek Sound Manager 1108 C:\WINDOWS\soundman.exe
Skype Click to Call 3704 C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SpotifyWebHelper.exe 1528 C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
SupportSoft Container 1412 C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
Windows® Internet Explorer 2016 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Microsoft® .NET Framework 1796 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(verified) Microsoft® Windows® Operating System 3960 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 2736 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 612 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 1368 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 704 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 692 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 564 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1968 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1220 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1556 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 868 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 928 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1004 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 968 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1168 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 4056 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 648 C:\WINDOWS\system32\winlogon.exe
Network activity
----------------
Process iexplore.exe (2016) connected on port 80 (HTTP) --> 74.125.227.98
Process iexplore.exe (2016) connected on port 80 (HTTP) --> 23.67.250.73
Process APSDaemon.exe (3772) connected on port 5223 (XMPP/Jabber) --> 17.172.232.218
Process svchost.exe (928) listens on ports: 135 (RPC)
Process svchost.exe (1220) listens on ports: 2869 (SSDP event notification, UPNP)
Autoruns and critical files
---------------------------
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
ATI External Event Utility for Windows C:\WINDOWS\system32\Ati2evxx.dll
Catalyst® Control Center C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
ComcastAntiSpy.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
Flash® Player Installer/Uninstaller C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Logitech GamePanel Software C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
Logitech GamePanel Software C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
Logitech GamePanel Software C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
LWEMon.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe
Malwarebytes Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
MotoHelperUpdate C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe
Pando Media Booster C:\Program Files\Pando Networks\Media Booster\PMB.exe
QuickTime C:\Program Files\QuickTime\QTTask.exe
Razer Naga Systray C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
Realtek Sound Manager C:\WINDOWS\soundman.exe
SpotifyWebHelper.exe C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
SupportSoft Container C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
zLoader C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader.exe
(verified) Google Update C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll
Browser plugins
---------------
dtx Dynamic Link Library C:\Program Files\xfin_portal\comcastdx.dll
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
AUX BHO C:\Program Files\xfin_portal\auxi\comcastAu.dll
Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Flash® Player Installer/Uninstaller C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
Google Update C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Java Platform SE 6 U29 c:\program files\java\jre6\bin\jp2ssv.dll
Java Platform SE 6 U29 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Java Platform SE 6 U29 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
Pando Web Plugin C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
Skype Click to Call C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Unity Player C:\Documents and Settings\California Raisin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Scan
----
MD5: 4ca43b85f22c7739311788b651a779cb C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
MD5: d566847532183a720a0177565014cb73 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: 5efdce32d13d2c217bb9b1c0f8cbadb3 C:\Documents and Settings\California Raisin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
MD5: 2e5215bd0924767329ce155f90ee79a0 C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader.exe
MD5: 95151d7903fef5f221a3b5be603e69bf C:\Program Files\7-Zip\7-zip.dll
MD5: 7ec56424e3e77ebf4bf5e0798175e4e5 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: 0a7977ff7535f237c8c745ae09887c35 C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MD5: d68018aebb6226bca5103da8b66a57d6 C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbhelp2.dll
MD5: 0be92b27dc8c7b6035a5ec373fc2b619 C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbocx.ocx
MD5: c24e0303133512c7eb8c3de44697487a C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MD5: 492c24d63daad8ec2bedefa8525d27e5 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
MD5: 4c08fb7acb28689b586d986d3f5826cf C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
MD5: 53fd418622b72d709ce92aa8dbfdb0f6 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MD5: a28de8e4eb7641639f68c62a32264578 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
MD5: dab3b370e0c2815fdf5b29204b8fb984 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
MD5: 7f9a009e33940087fde0fa25d8aa5706 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
MD5: 0386fad4fee556be7c263dd397d30e75 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
MD5: acfd0d2cd67c478673f2eab1cb4d9d79 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
MD5: 6b87742f27b087af7fd4adc2db685de0 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 1cd99fdb466276d79c8d47753ef4aacb C:\Program Files\CA\PPRT\bin\CACheck.dll
MD5: cf7460002344f4dd680fe4aed1994252 C:\Program Files\CA\PPRT\bin\CAHook.dll
MD5: 362529ba150768ad05dfeee9ea4b6c07 C:\Program Files\CA\PPRT\bin\CAServer.dll
MD5: f5b72dae7950f73a0e0edf67be167b5f C:\Program Files\CA\PPRT\bin\ITMRTAPI.dll
MD5: 54f694c6cd3a1149ba3a8bdacc83badc C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
MD5: 1192f1b00602918614e65b27b6560745 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
MD5: f9dac844b1d370da4c984d4c22f5e696 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
MD5: 6cea425334b7de84c48285be21fdc9bf C:\Program Files\ComcastUI\Desktop Software\bin\snc.dll
MD5: db4961bbb3c1cf487904b15ea5b5884b C:\Program Files\ComcastUI\Desktop Software\bin\sqlite3.dll
MD5: 76f6365f5417c5e0fd1edc16542e588c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: 60e5af8b7b4140c711b050fae5a3ab70 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: 1582cdeeb5866625e48202cc35662390 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 5afde66182599274ede47a4448da096f C:\Program Files\Common Files\Apple\Apple Application Support\ApplePushService.dll
MD5: 848bc9a0bb2361e549fd4c22d7548fb8 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: 8a6b867fc26b9850d446d2d86e5db071 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: a86e24dc982bcaf64e3b1f4e1070e9c8 C:\Program Files\Common Files\Apple\Apple Application Support\AVFoundationCF.dll
MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: c39da0b6ca362965b2b513f721b17188 C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll
MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: a26e62bf4ca87b26940373c8ef48df22 C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll
MD5: e0a98c53b7f05900e11de1b211fd3121 C:\Program Files\Common Files\Apple\Apple Application Support\CoreMedia.dll
MD5: fdd9cfd8fcf575e4ea7915405131f815 C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll
MD5: bb3a22f3eed85a12cfb2dd60d9f9b52f C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
MD5: e2d1853679f5bccdb9100d02ae8a0444 C:\Program Files\Common Files\Apple\Apple Application Support\Foundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 0220a5e4216d8f74837c18bb24999c86 C:\Program Files\Common Files\Apple\Apple Application Support\JavaScriptCore.dll
MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 9cb819197e6b2fd3dc0429e3dc1ccfdd C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll
MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: d78df11458a7d878cf9675062483e9f9 C:\Program Files\Common Files\Apple\Apple Application Support\MediaToolbox.dll
MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 263d639ed97ef80f25b5e5b78022600c C:\Program Files\Common Files\Apple\Apple Application Support\QuartzCore.dll
MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 3a65eea3912c3b07e0edbdd89340f325 C:\Program Files\Common Files\Apple\Apple Application Support\VideoToolbox.dll
MD5: 398ce9951d28ed142b72e8826d398958 C:\Program Files\Common Files\Apple\Apple Application Support\WebKit.dll
MD5: e4b9642dcf6f4ab69c7fd1cffab2684b C:\Program Files\Common Files\Apple\Apple Application Support\WebKitQuartzCoreAdditions.dll
MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 006878c5f4573b716fa118244a8c6654 C:\Program Files\Common Files\Apple\CoreFP\CoreFP.dll
MD5: 9da5f9909ef807e5a265fb66a70be4ab C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
MD5: e001d8a536854ad14e4998ccbed84207 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper_main.dll
MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: f8ecb748b53a010464f7a63154d75f56 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 22d4150cc68ff9f604ec1d485f22ed7a C:\Program Files\Common Files\Apple\Mobile Device Support\DeviceLink.dll
MD5: 09ead9cb2346b671f8f079d3472134d8 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 2c478e667ce27b2b7142f756cf569a9a C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 6d304c8ae9ef67197908b43f9c21f5d5 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices.dll
MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: 9adff67d4d6c73403bec39e51ccae1ba C:\Program Files\Common Files\Logitech\Gaming Software\LWComCtl.dll
MD5: c27e770204a8b7d92ea69a0179fe42e4 C:\Program Files\Common Files\scanner\ppctl.dll
MD5: ac45ce93a426000dc0a5b8bc2491bf92 C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 0a39eead063ccdff36ac9f0b8f800956 C:\Program Files\Internet Explorer\iexplore.exe
MD5: 7d894ed61ef0505277d8a476d7df43f1 C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: c7be533f805f8aefe75fc7d7c6d0ebf9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: 57edb35ea2feca88f8b17c0c095c9a56 C:\Program Files\iPod\bin\iPodService.exe
MD5: e2ae392170bdd664739bb09552d833dc C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL
MD5: 693c7694d451c51beae530f75a18e0df C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL
MD5: d10fbb45b5d67dcc199a1f4a6f77c697 C:\Program Files\iTunes\GNSDK_DSP.DLL
MD5: c8cf00b570c6eb649b2941ff59378345 C:\Program Files\iTunes\GNSDK_MUSICID.DLL
MD5: 56172adea7c6a1276592099e4eae6f61 C:\Program Files\iTunes\GNSDK_SDKMANAGER.DLL
MD5: d50ee7a946c943535ae0a34547138669 C:\Program Files\iTunes\GNSDK_SUBMIT.DLL
MD5: 1208e938457245b126be36fe5e28293e C:\Program Files\iTunes\iTunes.dll
MD5: 529cff8518d682bd7d08fa6399516c47 C:\Program Files\iTunes\iTunes.exe
MD5: 21db846f20ab21e877de330e19aad001 C:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.DLL
MD5: 0c7f4c01733fc8a19206f48c472abe79 C:\Program Files\iTunes\iTunes.Resources\iTunes.DLL
MD5: f8e3a0ca8e956ea73a0919e1ccee8841 C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.DLL
MD5: b64f80b64ee7de4fb68a0feda192ee52 C:\Program Files\iTunes\iTunesHelper.dll
MD5: d9d79f547ae2a70c650dfcfc27aec0f7 C:\Program Files\iTunes\iTunesHelper.exe
MD5: f047ac8029004b2fb94e2429f54617a9 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: a0f110ab73271da15e6bc314a8c1512a C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 8d43de6f1385057b8ad2857547b7b828 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: dc365b6e595683f67bc21a203432e336 c:\program files\java\jre6\bin\jp2ssv.dll
MD5: 381b25dc8e958d905b33130d500bbf29 C:\Program Files\Java\jre6\bin\jqs.exe
MD5: 1e96525ae85d402f9f8047f8caef5f06 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: e3a7850421a4ab8b15fc174eb587bc6b C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
MD5: 5b20bd25c013a56655484b6b7c2258cb C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
MD5: fcaa9a05556e49299da68ce2dfc06ed8 C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
MD5: 5b83e644caede56df6f28f7f257f1351 C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
MD5: ff442a1adc7c5cff2de4a03bd3737e46 C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
MD5: a8ec1fdabdbdbe3c0a4b9debdd09b4b8 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
MD5: c8230a35683b083ff87b7187c337c4c6 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDRes.dll
MD5: b299ad8407ff9f240122c1563dc1be26 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDDevices\EDMBTDD.dll
MD5: 819dae26beab9f0d0241f9972fac012a C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDDevices\LCDExtDevMngrEmulator.dll
MD5: 3a233fcf3b577ffde24e27ab69f5bdab C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
MD5: 001a13ed834f5117b4659b31829d62b4 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LgLcdApi.dll
MD5: ea1c5fb5359a19e7b43827e36e801665 C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
MD5: 09389b7d85a35cb4d141252dff471499 C:\Program Files\Logitech\Gaming Software\LWEMon.exe
MD5: c594ca68c668bbe4a1f0db8336dc8ea1 C:\Program Files\Logitech\Gaming Software\LWGStore.dll
MD5: 57c1f46f6dc24e20ee8678fb3ca3a2f4 C:\Program Files\Logitech\Gaming Software\LWPrfRC.dll
MD5: d65100aeedeefdba48c6ce1d340d299e C:\Program Files\Logitech\Gaming Software\LWUtils.dll
MD5: 9c5b0134d7a403b151617952adc4b7d0 C:\Program Files\Logitech\Gaming Software\W2KDAPI.dll
MD5: 64cc5502c69fc6d67735c10cb579c548 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MD5: 0d4f461d515bb1c933533c712d99e75b C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
MD5: 55b8c7b701c4d1b0c479f3ffea83850f C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: 1b82bcf0b8f9228b39f75b0dfa079a21 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MD5: 60721aa3316a200a8de23f1c502382fd C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MD5: ba400ed640bca1eae5c727ae17c10207 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: c9023e9c5227bc4ca75f903bd5d474d4 C:\Program Files\Motorola Media Link\DbAccess.dll
MD5: a2d2f17946ac8c4e67c02b236dc13422 C:\Program Files\Motorola Media Link\InterProcessChannel.dll
MD5: 22677ce75e483bb00fa7a1175ff571eb C:\Program Files\Motorola Media Link\liveupdatetactics.dll
MD5: bba77fdba952bad7505291f2403b2813 C:\Program Files\Motorola Media Link\NAdvLog.dll
MD5: a03f325a484a7944908c7b34f78cced9 C:\Program Files\Motorola Media Link\netsharingservice.dll
MD5: 2fc5b60dec8bf68751dd4420ebda3c5f C:\Program Files\Motorola Media Link\NFileCacheDBAccess.dll
MD5: a8680cf70e925aeba7b035fc6129fe87 C:\Program Files\Motorola Media Link\nfilemonitorinservices.dll
MD5: 4c5b764bf7fa15bc467dee75018dcb2b C:\Program Files\Motorola Media Link\nitunemonitor.dll
MD5: 03f0c44a5225df314f67082ae0d55ab5 C:\Program Files\Motorola Media Link\NLog.dll
MD5: 893a82d118833a850459dd470ffa48d9 C:\Program Files\Motorola Media Link\NServiceEntry.exe
MD5: bd8146312ffe5f51da66e7725e989e36 C:\Program Files\Motorola Media Link\sqlite3.dll
MD5: aa6957ee45db8e5b65fb244deaa4259d C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MD5: 9dfd34e6841c460b5d992a1c5327ae69 C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
MD5: 61461237eb804a4712bcc6e9a27d1d48 C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe
MD5: b990cb9e77e4a0a41281b263c055dfc8 C:\Program Files\Motorola\MotoHelper\PST.dll
MD5: 0efa66e9384dbced4d639fb9bdd97536 C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
MD5: c7144387e236687f8fb3f26fc845a822 C:\Program Files\Pando Networks\Media Booster\PMB.exe
MD5: 8b4202ecc10d4868476fc0d62c3c0dcd C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx
MD5: b4128e08c7fcb87f18c110728f326b88 C:\Program Files\QuickTime\QTSystem\QTCF.dll
MD5: e58ce86d472613a7b8b76a5b9efe51e5 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
MD5: 29a6de9708f86cf5213890b0999b8f6f C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx
MD5: f25e5e8e54b8b66f1adf931e7540c6f1 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx
MD5: f7b437e5c2325ffd0277775415db74c6 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx
MD5: d35d47479d7697a4ecd62d586e45da7d C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx
MD5: 5eb3889c5456fe592caea9ca90e43c45 C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx
MD5: e54453e9db76979c3008a59316fe53cf C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx
MD5: 0e23252e5ae79967ce04eccdda405d81 C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx
MD5: ac8f76f0598cbc24158537342be7b067 C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx
MD5: 3c82c80920050798882882cbf3efd890 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx
MD5: df5a141d3db468207b6b70b2ad122df1 C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx
MD5: 385ec86178a37edec44717a86a89783e C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx
MD5: 46c62c86c5b96a8fc0eea6c7c027e55d C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx
MD5: 4b7bdf1690a7468aded10836ee6b5825 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx
MD5: 418edb0df655f2152ca9d9855e8500bc C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx
MD5: 5891edf65ef6396306958e80cc2e9f26 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx
MD5: a6660592449f734ee731aca01bf06150 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx
MD5: 7a29400b93a74bf55ea14e8164abc788 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx
MD5: b68b7f53f6c7d4705e7f0b8fd4a57e9a C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx
MD5: af43c4f7f3c8bc95dad95024f96cdc4a C:\Program Files\QuickTime\QTTask.exe
MD5: 14b04745bbbe9feef745f7fb9e46d3cd C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
MD5: 2f01a0607e0018a943f7018e2bfa1cbc C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
MD5: 6d8a64133e745ee78c701b56f062b581 C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll
MD5: 4a1af0fd1f70ee7dd2521ce29595e262 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
MD5: 6128e98eaaed364ed1a32708d2fd22cb C:\Program Files\Skype\Updater\Updater.exe
MD5: e0dd774689998f43167c4799f9b69fc3 C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
MD5: 30a23a61e651c7487407cf74176c6ab1 C:\Program Files\WinRAR\rarext.dll
MD5: 79b61ca6d79643ea6702a39975d3308e C:\Program Files\xfin_portal\auxi\comcastAu.dll
MD5: 05b3c0514f0fbd0682605d47e678aa53 C:\Program Files\xfin_portal\CIDCoreLight.dll
MD5: 52df0d1a9af8e4903c2bd885aedeb285 C:\Program Files\xfin_portal\CIDGlobalLight.exe
MD5: fc3b6c301c5627bf01f59c7d4f5325bf C:\Program Files\xfin_portal\comcastdx.dll
MD5: 891c6efb56ce86c46afeabc9319270ee C:\Program Files\xfin_portal\comcasttb.dll
MD5: 60fb5441ca51a0c82c9a79cf77255d7c C:\Program Files\xfin_portal\dtxcid.dll
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 1bf1820b86f4921d42d74c922044ac18 C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MD5: 93d5b9634c4744fb115785081ecf9738 C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MD5: 05e8a9b52ec52dd611b748d80f3b212b C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MD5: b8d8fb4d41fb3df6f3a24495f6b5e0e9 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MD5: 34138ac5853df0e420904c4b0eb58898 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MD5: ceaa5823bd0eccb77675de53cfc59f23 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MD5: dac86f8aa223fa55adbc94bd2033df7f C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MD5: a2c0e7f8793569c4cc8ca0d5301f283e C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MD5: a9b6dc36bb618a73109fb25309777322 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MD5: 1eb5c58c9b446a13a8319ef513e8b5e8 C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MD5: 8eb085b26e602cb4a1203f4f1f8ac6f4 C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MD5: 1dcbf9e1b0288b5f7163f83227d590cf C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MD5: 0eb0ff2b6755532976080cab065f202c C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MD5: 87a64bfbb70a1310841ec80b65fe1ff6 C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MD5: 68144ab8df75dac07d5a7fcc3be543d5 C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MD5: 319d21c329a8c6efa03271d165a92296 C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MD5: ee850c95ed088e8835f2425ee551296f C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MD5: cd632a9274e7e85b9f37f84c91595c27 C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MD5: cc11db5c74e316c9b952d32d4c37ec77 C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MD5: 3f96dea77d74a25d49b3572cf8e4af08 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MD5: a7531c8762c22296cda9f6177d7ff516 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MD5: 4523f481ed52ef72fe0c9769d01d36db C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MD5: 4ee13d5ea60a071e0e17e9a9483d8ce9 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MD5: 415ca8012b7854231ce57eda2f6ada0f C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MD5: 97cfb48ba02d9682af5310c18d708f2e C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MD5: 84c2bdb0072817c2a44d80a69f9327bb C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MD5: 351f95347522e47d9fb544d55fe8528b C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MD5: d05946ff2cf31408f55e647e1522608d C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MD5: 2b0f2b8ad30b9620b25c4d0f2b07bfb7 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MD5: 87e6cca5694e6855ad34e7e7b968931b C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MD5: fdde3339aa1e9144ea217167a4dee514 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MD5: 3b5211f0135bedc6463cb2722d367a51 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MD5: 0a992d463652916ed94e94ffa3556b56 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MD5: 1ff7f1098dac0da6280d6fc9b8d89e6f C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MD5: 47f0616b7e953069e74d1eb8e2c0d117 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MD5: 58f23817121167367f60fec5f22dffe1 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MD5: 31c2a9e6d8fefa62759318a7f85ea646 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MD5: d7a9e6de02456fe89b5e4f8c44f97573 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MD5: e0da133ec34808f11a06173ee1c824ff C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MD5: 406b61c18ca8e8d9937d3c22699c93f2 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MD5: b962a41eecf27644d7b6159060a5db9c C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MD5: 12ea8e287b0fb384adc23bc9ef6ebdda C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MD5: 7c1a3466f865659bd269ce0a84395203 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MD5: 7a3f552fd571f0f353a1200317916f05 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MD5: d3bf1a9c68eb36e3b3db9aa193098bde C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MD5: 14018abdb92b40a145e24c441f5c4361 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MD5: 6b06dc2e6c92ca4d0e454822fd6d7def C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MD5: c60e27cdfe13e60ca4104fd64c6bf489 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MD5: 59d42565def6ccaf4b30dad7eda6c8d4 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MD5: d964f24ef86eecb89f2a4787ab342e90 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MD5: 29b9865b584cedbdab18f3df9685ac6e C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MD5: d4f311230304c3739d08ba3843df8218 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MD5: 4d2d6c3b8280d48c33745acc44894702 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MD5: 98b592661fd0c4ef17998f80685e0a2c C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MD5: bbff54351ac391c463a5c59e72ec0182 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MD5: 309875e7656b02e0d39e20370fcf7941 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MD5: 4936982f43a4f23856b398b3d9dd1589 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MD5: 6dbcab052498ed01f64dce654053a988 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MD5: ba8e4def946325d96ef2da87ecffc594 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MD5: cc72b2b5f4671daebc2c108b55948547 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MD5: 68b8c3df7879e16172448d51855b0c2b C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MD5: c842850c5cf60f8244fa3c947d9f5292 C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MD5: 0d80843568d285390d7b53aa2b64284c C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MD5: 459a3b2798111fd1441288b3d513194e C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MD5: 26beb141ba70fd1427c69a3d8ec27a79 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MD5: 97a04c595ab057cd5ca196594c089868 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MD5: 54387b3763ba5c91a4c6fa8e5916b2df C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MD5: e2fd982225e74c36e7116f3732528d05 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MD5: 62b845865fd089cee940e682a7793253 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MD5: d38601320578fb9235e6a3634ae5fe20 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MD5: 2d7a18a2f2d9179acc924268d4e1e1cb C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MD5: 8101b245825f44e38fd1c64a9aafaf79 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MD5: 17ecafff1d9d9e27efec518efec41705 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MD5: ca4feafc8265dbe67e59b4ab8d2cb5e6 C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MD5: cbfe37640b143f6b00d7bd841a09b11a C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MD5: 1f3d9b7cf4749de1bbca442142976a15 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MD5: 3eb71bb5571db026448fb00c80961d5a C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MD5: 31f3a43ddf0fe42f88de86004003e01f C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MD5: 2f0a0d437666efecef0fcecb44700ca3 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MD5: ce0b66d0140a1f965bb823578ab528a5 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MD5: 947310f021180116651f51bb7ba48eee C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MD5: 805a0d817c61a2778e5859689fc7cbb8 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MD5: e46c94064b485bb0adfb8ed53ccfd598 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MD5: 20849a34583be3fe20c4852752bdf91f C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MD5: 4b43c814460a358c1685e845a98c8b4e C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MD5: f58361a167eea11ca4edb7db51f99db0 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MD5: e40bc3251f860437c4d9068cc9284f80 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MD5: f26996e9c8d91f5825a692df8e169506 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MD5: 2d9e419ba6937d089b1cfd7c862f43b9 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MD5: f6f72c70c12aac66c5b9efcbef484188 C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MD5: a4ec9e917285a39f6fe7fa40669aaa03 C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MD5: f73739ba177c749156f4ba29b314fc6a C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MD5: 2e7fab502a8615b1aab0eab35afbca3b C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MD5: 814b9d77b93f0f10d1619483e39a6141 C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MD5: 03571509ec8c5cda4c347e5398ae0e29 C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MD5: dc3ca97fe07a5e4387d53e3d77b4a7a7 C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MD5: 80afa16c347a60ba6ecabcfb7351585d C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MD5: 6a9e809b1f3a3a102158b9327d5647b0 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MD5: df8ea7c61bad44d22867a1b9aee4e3d8 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MD5: 14d1332bd5dedabd1c85a5d74eb4bada C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MD5: 2995d06505645fe3e58cf270a6653dc8 C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MD5: 1fb0a27b193819538267230cc56e0f8e C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MD5: 9d5f0100cef5ab1db7111e0004e61003 C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MD5: 614497232e50588481047b85f70b900c C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MD5: 986f472cdcd90453bbb0643a235ace09 C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MD5: f835d707a2756f3ac756331dc2e5fde2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MD5: dec7885b2ef0966ea285c9a40e7afba4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MD5: be14dc6443efe37e938bb303f64a1da9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll
MD5: d6853d7d19d9074d55356989483d0a35 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
MD5: 1d52bcaf65ec439c735ed109431d1c09 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MD5: c05a4d494c3096782f80cfdf7f4aefa8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MD5: 4da6843e52f8128156130b6d3679fd06 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MD5: b7a48556eb302cd02a725d2d425f2d0c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MD5: 1e5a9e180c2632361b38d4208828a843 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MD5: a7e9d45b18a13dc18e3c0311d1cf620f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MD5: 8563f5a4f6342ba64e7c398f7efcc350 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MD5: 72cadf7ee0722dae4a6b98eefeac06bc C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MD5: f746a5b455ce09862c229385d8663213 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
MD5: 632e0ce38fbcadeaae28077f4c9c45d5 C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: b560a085eed4d5d72b039929f9ae4991 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 1c88cf5977c016a37bfac1178daa7822 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: 80fd4d46b0e9b620cf757a9a5c789329 C:\WINDOWS\soundman.exe
MD5: 4bce9458d7db86503b9716872e290f0e C:\WINDOWS\system32\advpack.dll
MD5: 9663d8d8f038a8ecbaf608e400af5c96 C:\WINDOWS\system32\Ati2edxx.dll
MD5: 4ebc9af70e5ddedfdb8d9ddb530d7929 C:\WINDOWS\system32\Ati2evxx.dll
MD5: 471087b5e1e01cc82604e81ea14781d8 C:\WINDOWS\system32\ati2evxx.exe
MD5: b979ba0120b6db757196a8e2e873fe3c C:\WINDOWS\system32\ati2sgag.exe
MD5: fddb43a59b65006b2917239e1051c1f9 C:\WINDOWS\system32\atiadlxx.dll
MD5: 00c192bf2565c2e5b1ab7845174a50b3 C:\WINDOWS\system32\ATIDEMGX.dll
MD5: 25a6598909434f80535967a6472a4d75 C:\WINDOWS\system32\atipdlxx.dll
MD5: 0e674f69c754e853119dfa23de2dee86 C:\WINDOWS\system32\BROWSEUI.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: fa691baa45b009717b057ea326f9f698 C:\WINDOWS\system32\corpol.dll
MD5: 64416c6e07606720c1ece6dd374bdffd C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll
MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: bc87db4759083525f96a159861670c5e C:\WINDOWS\system32\DINPUT.dll
MD5: aa0507f0516a4dff1b1279ab4a2abb37 C:\WINDOWS\system32\DINPUT8.dll
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll
MD5: 678c8fdb9d6094d41f322b7159853c54 C:\WINDOWS\system32\DRIVERS\AE1000XP.sys
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: dd8520280304b6145a6be31008748c7c C:\WINDOWS\system32\drivers\ALCXWDM.SYS
MD5: efbb0956baed786e137351b5ca272aef C:\WINDOWS\system32\DRIVERS\AmdK8.sys
MD5: 116bff96077a4a724e0aab800525ceb5 C:\WINDOWS\system32\DRIVERS\AN983.sys
MD5: c0b86ecb324e50f6bbd529f9d5c6b24b C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
MD5: 248dfa5762dde38dfddbbd44149e9d7a C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
MD5: 170e7093a77ad586f3a012a3db651d94 C:\WINDOWS\system32\drivers\LGBusEnum.sys
MD5: d2dd04d1c8df65eecd1f2c7fb947d43e C:\WINDOWS\system32\drivers\LGVirHid.sys
MD5: fb097bbc1a18f044bd17bd2fccf97865 C:\WINDOWS\system32\drivers\mbam.sys
MD5: f4ea1193a52c8fe4b8a135e210abe546 C:\WINDOWS\system32\DRIVERS\motccgp.sys
MD5: b812da6605caf02641312f1f65c75419 C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
MD5: 4813df77ede536a52e3737971f910baa C:\WINDOWS\system32\DRIVERS\motfilt.sys
MD5: 69814acd50a9d6d28296050ef6215d46 C:\WINDOWS\system32\DRIVERS\motmodem.sys
MD5: ddc489d40b49f443787e7ffa75373522 C:\WINDOWS\system32\DRIVERS\Motousbnet.sys
MD5: fd8c2cef7ad8b23c6714103d621fac1f C:\WINDOWS\system32\DRIVERS\motswch.sys
MD5: f780c53d98a0aad28f5b7403b184aea1 C:\WINDOWS\system32\DRIVERS\motusbdevice.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: c03e15101f6d9e82cd9b0e7d715f5de3 C:\WINDOWS\system32\DRIVERS\nvata.sys
MD5: 97724affdd7a5a47c3bc07ccd1b88745 C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
MD5: 82c2b3a89b9edfa6287c5aba1a4e6a99 C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
MD5: 2e2f0d988f6d46e5e5e84d9fcad39081 C:\WINDOWS\system32\DRIVERS\RzSynapse.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 84a90f13eebf4380345ef9474d30f10e C:\WINDOWS\system32\drivers\WmBEnum.sys
MD5: eb0034ac02a44dc784a3174d2b81e764 C:\WINDOWS\system32\drivers\WmFilter.sys
MD5: 72c4f5a748c74d8d4016ccfa7367210f C:\WINDOWS\system32\drivers\WmVirHid.sys
MD5: eacdcced934a185e61ce0684f71c2dec C:\WINDOWS\system32\drivers\WmXlCore.sys
MD5: 81b26a227154d6bb02f35ee386a60363 C:\WINDOWS\system32\Dxtmsft.dll
MD5: 7ee31279b0492b120c6cb42da1662548 C:\WINDOWS\system32\Dxtrans.dll
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: ebc5fdb68f47fa2e2457753254cb667a C:\WINDOWS\system32\ieapfltr.dll
MD5: ac79d3c967555a1db88ae8507d869c73 C:\WINDOWS\system32\ieframe.dll
MD5: ea1f8e0964c58e3c92f9497298c1cd0c C:\WINDOWS\system32\iepeers.dll
MD5: 24b8d57cfb2530a5b6b2afff16bf37d8 C:\WINDOWS\system32\iertutil.dll
MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll
MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll
MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\System32\logon.scr
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: 711fd53e441255983c0ab014e2f107f4 C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.DLL
MD5: 5ebae291aa1351e68855e23e7a3c3db8 C:\WINDOWS\system32\mshtml.dll
MD5: 5dbfcd7ea5208e38ffc2bb9bb9170171 C:\WINDOWS\system32\mshtmled.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: 358bce24576e414367868a2b700ba3c1 C:\WINDOWS\system32\MSRATING.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\System32\netshell.dll
MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: b54653db59a4f74d090ef268347dbb95 C:\WINDOWS\system32\pngfilt.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: 071fd7a8ca8f49a85b09a3587a0adf51 C:\WINDOWS\system32\RzMwApi.dll
MD5: ff257ccca321cd2a697bb5ca38c9ec87 C:\WINDOWS\system32\SCARDDLG.dll
MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll
MD5: f0a0ebf086597e645bc14b0d98f8ba58 C:\WINDOWS\system32\scrrun.dll
MD5: 7a1f71316a894aeaf557647d76f21f2f C:\WINDOWS\system32\SHDOCVW.dll
MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: 200c3f8e80b72b63558b3bc47a6807a0 C:\WINDOWS\system32\slbcsp.dll
MD5: 421b2f81cbb65f94a70a3316c7be0e7c C:\WINDOWS\system32\SlbIop.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: b79fa091e4dbffd78e22f32b6171d365 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: c4869e975893c7257ba5e920914a287a C:\WINDOWS\system32\webcheck.dll
MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
MD5: 4728b67cc9190c8f46500a9df97f1490 C:\WINDOWS\system32\WININET.dll
MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll
MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll
MD5: 5caf91e865fe0c85048a233e594544d2 c:\windows\system32\WUDFPlatform.dll
MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\xmllite.dll
MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\system32\XPOB2RES.DLL
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: 4928ab3a304ddf05c354de3807a4a66b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL
MD5: 686b224b4987c22b153fbb545fee9657 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll
MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll
No file uploaded.
Scan finished - communication took 3 sec
Total traffic - 0.02 MB sent, 1.52 KB recvd
Scanned 822 files and modules - 80 seconds
==============================================================================
RogueKiller V7.5.4 [06/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: California Raisin [Admin rights]
Mode: Scan -- Date: 06/19/2012 18:18:29
¤¤¤ Bad processes: 1 ¤¤¤
[sUSP PATH] c2c_service.exe -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> KILLED [TermProc]
¤¤¤ Registry Entries: 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AACS-07G8B0 +++++
--- User ---
[MBR] 3f2afa5016d756525b66795c3b69bbd5
[bSP] a1f7e178c2d5affb2913affc0f0f9925 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476938 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1].txt >>
RKreport[1].txt
-
Thank you very much for your time Maurice. Here are the requested logs.
Logfile of random's system information tool 1.09 (written by random/random)
Run by California Raisin at 2012-06-19 17:53:28
Microsoft Windows XP Professional Service Pack 3
System drive C: has 419 GB (88%) free of 477 GB
Total RAM: 3071 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:53:31 PM, on 6/19/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17110)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Motorola Media Link\NServiceEntry.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\California Raisin\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\California Raisin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xfinity.com/?cid=insDate03062012
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.logitech.com/gamepanel
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Razer Naga Driver] C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [zLoader] C:\Documents and Settings\California Raisin\My Documents\Downloads\zLoader
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
O4 - HKCU\..\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Program Files\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
info.txt logfile of random's system information tool 1.09 2012-06-19 17:53:32
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Reader X (10.1.3)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly
Apple Application Support-->MsiExec.exe /I{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}
Apple Mobile Device Support-->MsiExec.exe /I{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
BitComet 1.25-->C:\Program Files\BitComet\uninst.exe
Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
CA Pest Patrol Realtime Protection-->MsiExec.exe /X{F05A5232-CE5E-4274-AB27-44EB8105898D}
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
ClipGrab 3.1.0.2-->"C:\Program Files\ClipGrab\unins000.exe"
Comcast Desktop Software (v1.2.1)-->MsiExec.exe /I{118C3943-1683-42EF-824D-C22E70DB42E7}
Diablo III-->C:\Program Files\Common Files\Blizzard Entertainment\Diablo III\Uninstall.exe
ERUNT 1.1j-->"C:\Program Files\Anti-Virus_RootKit\ERUNT\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{23B8A91D-680B-462B-87AD-3D70F7341731}
Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
League of Legends-->"C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Logitech GamePanel Software 3.05.151-->MsiExec.exe /X{BF9FD124-1112-4C8D-8F79-779A11C6287D}
Logitech Gaming Software 5.08-->MsiExec.exe /X{33BC9D7E-E790-495E-A4EA-CFB160C17A91}
Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MotoHelper 2.1.32 Driver 5.4.0-->C:\Program Files\Motorola\MotoHelper\uninstall.exe
MotoHelper MergeModules-->MsiExec.exe /I{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}
MOTOROLA MEDIA LINK-->MsiExec.exe /X{D9DC70B6-BE13-41DD-9053-9E617E72D085}
Motorola Mobile Drivers Installation 5.4.0-->MsiExec.exe /X{6C12B6BF-3891-497B-B5CA-3D64DA093947}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
Razer Naga-->MsiExec.exe /X{ED4108A9-60FD-4F18-AF42-122219977773}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended
Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2416400)-->"C:\WINDOWS\$NtUninstallKB2416400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
StarCraft II-->C:\Program Files\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
Starcraft-->C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
USB Video Driver-->C:\Program Files\InstallShield Installation Information\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}\setup.exe -runfromtemp -l0x0009 -removeonly
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\embda.inf
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emaudio.inf
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
X3 Reunion v2.5-->"C:\Program Files\EGOSOFT\X3 Reunion\uninst\unins000.exe"
XFINITY Toolbar-->C:\Program Files\xfin_portal\uninstall.exe
======System event log======
Computer Name: GAMEPC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7997
Source Name: Tcpip
Time Written: 20111014075719.000000-300
Event Type: warning
User:
Computer Name: GAMEPC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7996
Source Name: Tcpip
Time Written: 20111014051240.000000-300
Event Type: warning
User:
Computer Name: GAMEPC
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Record Number: 7995
Source Name: W32Time
Time Written: 20111013180344.000000-300
Event Type: warning
User:
Computer Name: GAMEPC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7994
Source Name: Tcpip
Time Written: 20111013071753.000000-300
Event Type: warning
User:
Computer Name: GAMEPC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 7990
Source Name: Tcpip
Time Written: 20111013042511.000000-300
Event Type: warning
User:
=====Application event log=====
Computer Name: GAMEPC
Event Code: 0
Message: Could not detect IIS installation or IIS is disabled, skipping the Web Host Script Mappings component since it depends upon IIS to function properly.
If you believe this message is an error, check your IIS installation to make sure it is installed properly.
Record Number: 93
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20120511040529.000000-300
Event Type: warning
User:
Computer Name: GAMEPC
Event Code: 1002
Message: Hanging application chrome.exe, version 18.0.1025.168, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 75
Source Name: Application Hang
Time Written: 20120507095640.000000-300
Event Type: error
User:
Computer Name: GAMEPC
Event Code: 1002
Message: Hanging application spotify.exe, version 0.8.2.610, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 67
Source Name: Application Hang
Time Written: 20120416080920.000000-300
Event Type: error
User:
Computer Name: GAMEPC
Event Code: 1
Message:
Record Number: 65
Source Name: Chrome
Time Written: 20120415185624.000000-300
Event Type: error
User: GAMEPC\California Raisin
Computer Name: GAMEPC
Event Code: 1103
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Record Number: 50
Source Name: .NET Runtime Optimization Service
Time Written: 20120412042425.000000-300
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Results of screen317's Security Check version 0.99.42
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java 6 Update 29
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 19% Defragment your hard drive soon!
````````````````````End of Log``````````````````````
-
I can't seem to get rid of this item, apparently along with some other people. Here are my logs from Malwarebytes and DDS. Will post Attach.txt if need be.
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.18.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
California Raisin :: GAMEPC [administrator]
Protection: Enabled
6/18/2012 1:31:53 AM
mbam-log-2012-06-18 (01-31-53).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214095
Time elapsed: 2 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by California Raisin at 1:29:55 on 2012-06-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2024 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Motorola Media Link\NServiceEntry.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\California Raisin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.xfinity.com/?cid=insDate03062012
uInternet Connection Wizard,ShellNext = hxxp://www.logitech.com/gamepanel
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - c:\program files\xfin_portal\auxi\comcastAu.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\california raisin\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
uRun: [spotify Web Helper] "c:\program files\spotify\data\SpotifyWebHelper.exe"
mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [soundMan] SOUNDMAN.EXE
mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Razer Naga Driver] c:\program files\razer\naga\RazerNagaSysTray.exe
mRun: [start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [zLoader] c:\documents and settings\california raisin\my documents\downloads\zLoader
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
uPolicies-system: DisableTaskMgr = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A23E82BC-680E-4814-8F9F-A74BCB0A0CF0} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\NServiceEntry.exe [2010-11-5 81920]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-1-30 654408]
R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]
R3 AE1000;Linksys AE1000 Driver;c:\windows\system32\drivers\AE1000XP.sys [2011-5-1 816672]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2010-12-28 14856]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-1-30 22344]
R3 RzSynapse;Razer Driver;c:\windows\system32\drivers\RzSynapse.sys [2011-2-20 103424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2011-12-24 6016]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2011-12-24 20480]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2011-12-24 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2011-12-24 23424]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-12-24 11008]
S3 rt2870;Belkin 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys --> c:\windows\system32\drivers\rt2870.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-18 05:37:56 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-18 05:31:17 -------- d-----w- c:\program files\Anti-Virus_RootKit
2012-05-24 23:28:53 -------- d-----w- c:\documents and settings\california raisin\application data\LolClient2
.
==================== Find3M ====================
.
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:46:47 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:46:47 1830912 ------w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:46:47 17408 ----a-w- c:\windows\system32\corpol.dll
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 1:30:12.75 ===============
PUM.Hijack.TaskManager problem
in Resolved Malware Removal Logs
Posted
I ran the scanner and it came back clean. No log was created however.