etamoss

OTL Extras logfile created on: 1/12/2013 3:03:58 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mark\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.97 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 69.96% Memory free 4.81 Gb Paging File | 3.83 Gb Available in Paging File | 79.60% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 586.37 Gb Total Space | 523.61 Gb Free Space | 89.30% Space Free | Partition Type: NTFS Drive L: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Drive P: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Drive U: | 912.46 Gb Total Space | 13.54 Gb Free Space | 1.48% Space Free | Partition Type: NTFS Drive V: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Drive X: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Computer Name: PRINTER | User Name: Mark | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe" = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2 -- (BUFFALO INC.) "C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager -- (Intuit, Inc.) "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.) "C:\Program Files\Synology\Assistant\DSAssistant.exe" = C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{057A0C9D-5543-581B-612E-D87288AC113C}" = RedCart Desktop 1.3.4 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{11E0AC7D-6822-4F67-865F-EE1C13D28C38}" = QuickBooks Pro 2011 "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86 "{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007 "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2 "{B0513493-04B9-4F21-B4AB-83E750D54256}" = Adobe Photoshop Lightroom 2.7 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "Allied Color Labs' Digital Studio v5 5" = Allied Color Labs' Digital Studio v5 5 "Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "com.redcart.RedCartDesktop.3483DAB2E0A4C2F8F40D1ABD90B7D187155E6A71.1" = RedCart Desktop 1.3.4 "FileZilla Client" = FileZilla Client 3.6.0.2 "Full Color's Digital Studio v5 5" = Full Color's Digital Studio v5 5 "HDMI" = Intel® Graphics Media Accelerator Driver "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "McAfee Security Scan" = McAfee Security Scan Plus "MCL-Modern Image's Digital Studio v5 5" = MCL-Modern Image's Digital Studio v5 5 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime "Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSC" = McAfee SecurityCenter "MSNINST" = MSN "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Production Studio v5 5.0" = Production Studio v5 5.0 "SMALLBUSINESSR" = Microsoft Office Small Business 2007 "Synology Assistant" = Synology Assistant (remove only) "UN060501" = BUFFALO NAS Navigator2 "UN090928" = BUFFALO LinkStation(LX-WXL) Setup Guide "Windows Media Format Runtime" = Windows Media Format Runtime "WinLiveSuite_Wave3" = Windows Live Essentials "Xerox_Support_Centre" = Xerox Support Centre "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Allied Color ROES" = Allied Color ROES "Full Color Ordering System" = Full Color Ordering System "Full Color ROES" = Full Color ROES "Printmakers ProDesign" = Printmakers ProDesign ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 1/10/2013 12:50:53 PM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3024 Description = The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again. Context: Application, SystemIndex Catalog Error - 1/10/2013 9:05:39 PM | Computer Name = PRINTER | Source = Application Error | ID = 1000 Description = Faulting application mcupdmgr.exe, version 11.6.434.0, faulting module saupkeep.dll, version 3.5.0.229, fault address 0x0006132e. Error - 1/11/2013 3:12:23 PM | Computer Name = PRINTER | Source = QuickBooks | ID = 4 Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance Hand Error - 1/11/2013 3:12:23 PM | Computer Name = PRINTER | Source = QuickBooks | ID = 4 Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance Hand Error - 1/11/2013 3:12:23 PM | Computer Name = PRINTER | Source = QuickBooks | ID = 4 Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance Hand Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013 Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013 Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013 Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013 Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error - 1/12/2013 11:45:21 AM | Computer Name = PRINTER | Source = Application Hang | ID = 1002 Description = Hanging application DSAssistant.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ OSession Events ] Error - 7/13/2012 3:03:04 PM | Computer Name = PRINTER | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14120 seconds with 1380 seconds of active time. This session ended with a crash. [ System Events ] Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031 Description = The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031 Description = The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031 Description = The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031 Description = The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031 Description = The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 1/7/2013 11:05:57 AM | Computer Name = PRINTER | Source = DCOM | ID = 10010 Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout. Error - 1/9/2013 12:37:30 PM | Computer Name = PRINTER | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.1.4 on the Network Card with network address 002564056CC8. Error - 1/10/2013 12:37:59 PM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7000 Description = The SessionLauncher service failed to start due to the following error: %%3 Error - 1/10/2013 12:41:43 PM | Computer Name = PRINTER | Source = DCOM | ID = 10010 Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout. Error - 1/11/2013 3:12:49 PM | Computer Name = PRINTER | Source = DCOM | ID = 10010 Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register with DCOM within the required timeout. < End of report >

OTL logfile created on: 1/12/2013 3:03:54 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mark\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.97 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 69.96% Memory free 4.81 Gb Paging File | 3.83 Gb Available in Paging File | 79.60% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 586.37 Gb Total Space | 523.61 Gb Free Space | 89.30% Space Free | Partition Type: NTFS Drive L: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Drive P: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Drive U: | 912.46 Gb Total Space | 13.54 Gb Free Space | 1.48% Space Free | Partition Type: NTFS Drive V: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Drive X: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS Computer Name: PRINTER | User Name: Mark | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/12 15:03:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mark\My Documents\Downloads\OTL.exe PRC - [2012/11/16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe PRC - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe PRC - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe PRC - [2012/11/09 06:48:10 | 000,203,400 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe PRC - [2012/10/24 12:57:52 | 001,157,008 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe PRC - [2012/10/24 12:57:04 | 001,179,024 | ---- | M] (Intuit Inc.) -- C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE PRC - [2012/10/24 12:06:54 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe PRC - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/09/15 21:53:21 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe PRC - [2012/09/12 11:21:04 | 001,278,648 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe PRC - [2012/04/11 07:00:36 | 004,706,304 | ---- | M] () -- C:\Program Files\Synology\Assistant\DSAssistant.exe PRC - [2012/03/09 15:10:16 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe PRC - [2011/06/17 12:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe PRC - [2011/02/18 01:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe PRC - [2009/10/15 14:19:22 | 001,897,952 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe PRC - [2009/07/07 11:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe PRC - [2009/06/30 12:22:54 | 001,316,192 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2008/07/11 08:22:56 | 000,251,184 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe PRC - [2008/05/27 08:36:20 | 000,206,128 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\nassche.exe PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe ========== Modules (No Company Name) ========== MOD - [2013/01/10 03:16:23 | 015,880,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MenuSkinning\d0cb1071246f1705804bd053f738fab7\MenuSkinning.ni.dll MOD - [2013/01/10 03:16:13 | 000,284,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\562b1c946399aeedaa8178ebe6621f09\VistaBridgeLibrary.ni.dll MOD - [2013/01/10 03:16:10 | 002,571,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\DellDock\a9c0601a9857e118c45b6fbaac1e6d8b\DellDock.ni.exe MOD - [2013/01/10 03:16:10 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll MOD - [2013/01/10 03:16:08 | 000,286,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MyDock.Util\6abaf0283201a9f41a37dfcf2b1c94e1\MyDock.Util.ni.dll MOD - [2013/01/10 03:14:05 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\edbf4e4a55e63b9fbf0b0b40cba13063\System.Core.ni.dll MOD - [2013/01/10 03:14:00 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a351cdca2d71ee68ae3a581e13553b19\PresentationFramework.Luna.ni.dll MOD - [2013/01/10 03:13:58 | 000,368,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbfa6bdbfea6f90f3b604c3efce24047\PresentationFramework.Aero.ni.dll MOD - [2013/01/10 03:13:57 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll MOD - [2013/01/10 03:13:47 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7376da3c5dca2b5fadfad0b1eaf76da7\System.Web.Services.ni.dll MOD - [2013/01/10 03:13:23 | 014,329,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2abe0b9f0e996273614f4cf1f6808eed\PresentationFramework.ni.dll MOD - [2013/01/10 03:13:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll MOD - [2013/01/10 03:13:05 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll MOD - [2013/01/10 03:12:56 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013/01/10 03:12:50 | 000,060,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\0b5c7d832d0a10ddcfa764d3e4adce14\UIAutomationProvider.ni.dll MOD - [2013/01/10 03:12:44 | 012,218,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2e26794770e6d33cf79a7f8daa4a48c3\PresentationCore.ni.dll MOD - [2013/01/10 03:12:28 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll MOD - [2013/01/10 03:12:16 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013/01/10 03:12:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll MOD - [2013/01/10 03:12:06 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013/01/10 03:11:56 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2012/11/29 16:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll MOD - [2012/10/24 12:57:38 | 000,101,264 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\ReportBridge.DLL MOD - [2012/10/24 12:57:32 | 000,126,352 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll MOD - [2012/10/24 12:57:30 | 000,020,880 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL MOD - [2012/10/24 12:57:28 | 000,070,032 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QB2WPFBridge.dll MOD - [2012/10/24 12:57:22 | 000,093,072 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetInterop.dll MOD - [2012/10/24 12:57:22 | 000,070,544 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetBridge.DLL MOD - [2012/10/24 12:57:22 | 000,042,384 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll MOD - [2012/10/24 12:57:18 | 000,057,744 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\htmlhelper.dll MOD - [2012/10/24 12:57:10 | 000,268,688 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll MOD - [2012/10/24 12:57:10 | 000,176,528 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll MOD - [2012/10/24 12:57:08 | 000,348,048 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll MOD - [2012/10/24 09:57:44 | 000,098,192 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\Webification.DLL MOD - [2012/04/11 07:00:36 | 004,706,304 | ---- | M] () -- C:\Program Files\Synology\Assistant\DSAssistant.exe MOD - [2011/02/18 01:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe MOD - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe MOD - [2009/12/05 05:31:12 | 000,027,648 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qico4.dll MOD - [2009/12/05 05:31:02 | 000,290,816 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qtiff4.dll MOD - [2009/12/05 05:29:44 | 000,233,472 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qmng4.dll MOD - [2009/12/05 05:29:18 | 000,022,016 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qgif4.dll MOD - [2009/12/05 05:29:06 | 000,135,168 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qjpeg4.dll MOD - [2009/12/05 02:50:10 | 007,819,264 | ---- | M] () -- C:\Program Files\Synology\Assistant\QtGui4.dll MOD - [2009/12/05 02:06:28 | 000,712,704 | ---- | M] () -- C:\Program Files\Synology\Assistant\QtNetwork4.dll MOD - [2009/12/05 02:02:22 | 002,195,456 | ---- | M] () -- C:\Program Files\Synology\Assistant\QtCore4.dll MOD - [2009/07/07 11:24:00 | 000,268,528 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll MOD - [2009/07/07 11:24:00 | 000,140,528 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll MOD - [2009/07/07 11:24:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll MOD - [2009/07/07 11:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe MOD - [2009/07/07 11:23:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll MOD - [2009/07/07 11:23:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll MOD - [2009/06/05 03:23:52 | 000,745,472 | ---- | M] () -- C:\Program Files\Synology\Assistant\qwt5.dll MOD - [2005/07/19 22:18:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe -- (SessionLauncher) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\015145~1.EXE -- (0151451356539822mcinstcleanup) SRV - [2013/01/09 13:55:56 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp) SRV - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV - [2012/11/09 06:48:10 | 000,203,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2012/10/30 10:17:48 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/10/24 12:06:54 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService) SRV - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV - [2012/03/09 15:10:16 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS) SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2011/02/18 01:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Synology\Assistant\UsbClientService.exe -- (UsbClientService) SRV - [2010/02/04 13:59:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService) SRV - [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe -- (RoxMediaDB10) SRV - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008/07/11 08:22:56 | 000,251,184 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService) SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mark\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012/11/09 06:56:16 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids) DRV - [2012/11/09 06:53:02 | 000,091,168 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k) DRV - [2012/11/09 06:52:12 | 000,092,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet) DRV - [2012/11/09 06:51:12 | 000,565,352 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk) DRV - [2012/11/09 06:50:30 | 000,084,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp) DRV - [2012/11/09 06:50:30 | 000,084,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk) DRV - [2012/11/09 06:50:20 | 000,362,640 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek) DRV - [2012/11/09 06:50:00 | 000,065,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2012/11/09 06:49:40 | 000,234,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2012/11/09 06:49:10 | 000,132,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2012/04/20 15:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HipShieldK.sys -- (HipShieldK) DRV - [2011/02/18 01:20:08 | 000,046,304 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\busenum.sys -- (busenum) DRV - [2009/06/26 11:27:40 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter) DRV - [2009/03/04 17:14:22 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2009/03/04 16:59:56 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/1 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/sphome.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110801&tt=090113_new_0213_8&babsrc=SP_ss&mntrId=bc9457de000000000000002564056cc8 IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=110801&tt=090113_new_0213_8&babsrc=HP_ss&mntrId=bc9457de000000000000002564056cc8" FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10 FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.322.0 FF - prefs.js..extensions.enabledAddons: %7BD19CA586-DD6C-4a0a-96F8-14644F340D60%7D:14.4.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/11/23 13:04:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/12/20 15:57:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013/01/11 23:11:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/09 14:01:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/09 14:01:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/12/26 11:37:02 | 000,000,000 | ---D | M] [2010/02/11 17:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Extensions [2013/01/09 14:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions [2010/07/20 17:13:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/12/06 12:45:52 | 000,243,287 | ---- | M] () (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\amznUWL2@amazon.com.xpi [2012/09/25 13:20:28 | 000,054,396 | ---- | M] () (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\pricepeep@getpricepeep.com.xpi [2013/01/09 12:44:06 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\searchplugins\babylon1.xml [2011/12/14 10:13:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/01/11 23:11:00 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE [2012/10/30 10:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll [2013/01/09 12:43:49 | 000,002,360 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012/08/30 09:08:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/07/02 12:53:04 | 000,001,949 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2012/10/19 11:35:52 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\pdf.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Mark\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: SiteAdvisor = C:\Documents and Settings\Mark\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\ O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.) O4 - Startup: C:\Documents and Settings\Mark\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.) O4 - Startup: C:\Documents and Settings\Mark\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) O4 - Startup: C:\Documents and Settings\Mark\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7522808-F9B6-49CD-85A3-814533D3A0A4}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/04/25 16:29:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{40392688-086b-11e0-86aa-002564056cc8}\Shell - "" = AutoRun O33 - MountPoints2\{40392688-086b-11e0-86aa-002564056cc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{40392688-086b-11e0-86aa-002564056cc8}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\{6929288b-6916-11df-869d-002564056cc8}\Shell\AutoRun\command - "" = I:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/12 05:34:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee [2013/01/11 03:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2013/01/10 03:10:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/01/09 13:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\Malwarebytes [2013/01/09 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2013/01/09 12:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\MiponyDownloadManagerPackages [2013/01/09 12:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon [2013/01/09 12:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\Babylon [2013/01/05 15:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\QuickScan [2013/01/05 14:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2013/01/05 14:52:59 | 000,000,000 | ---D | C] -- C:\rsit [2013/01/05 14:52:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2013/01/04 15:37:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Desktop\Mario [2012/12/13 18:19:07 | 000,084,432 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys [1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/12 14:58:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/01/12 14:54:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/01/12 14:27:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012UA.job [2013/01/12 14:27:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012Core.job [2013/01/12 14:16:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011UA.job [2013/01/12 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Blanca.job [2013/01/12 02:00:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Mark.job [2013/01/11 22:58:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/11 15:16:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011Core.job [2013/01/11 14:10:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/10 16:53:23 | 000,000,359 | ---- | M] () -- C:\Documents and Settings\Mark\.DP4WEB_BAPHARI6MARKM.sdv [2013/01/10 11:37:49 | 002,207,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/01/10 11:37:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/10 11:37:35 | 3184,578,560 | -HS- | M] () -- C:\hiberfil.sys [2013/01/10 03:11:29 | 000,514,572 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/10 03:11:29 | 000,098,476 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/09 13:56:38 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/09 13:55:54 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/01/09 13:55:54 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/01/09 12:43:37 | 000,000,000 | ---- | M] () -- C:\end [2013/01/05 15:06:54 | 000,761,856 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\RogueKiller.exe [2013/01/05 14:55:20 | 000,856,731 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\SecurityCheck.exe [2013/01/05 14:51:49 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\RSIT.exe [2013/01/04 12:51:52 | 084,754,432 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\Harisch Inc. (Herb Version) (Backup Jan 04,2013 12 49 PM).QBB [2013/01/03 15:09:17 | 000,000,922 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\lightroom.lnk [2013/01/03 15:08:48 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\Photoshop.lnk [2013/01/03 15:08:21 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\firefox.lnk [2013/01/03 15:07:35 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\filezilla.lnk [2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll [2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll [2012/12/14 00:20:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/09 12:43:25 | 000,000,000 | ---- | C] () -- C:\end [2013/01/05 15:06:52 | 000,761,856 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\RogueKiller.exe [2013/01/05 14:55:16 | 000,856,731 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\SecurityCheck.exe [2013/01/05 14:51:44 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\RSIT.exe [2013/01/04 12:50:48 | 084,754,432 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\Harisch Inc. (Herb Version) (Backup Jan 04,2013 12 49 PM).QBB [2013/01/03 15:07:57 | 000,000,922 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\lightroom.lnk [2013/01/03 15:07:57 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\Photoshop.lnk [2013/01/03 15:07:57 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\firefox.lnk [2013/01/03 15:07:21 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\filezilla.lnk [2012/07/03 15:12:11 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini [2012/03/03 14:50:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Mark\Local Settings\Application Data\PUTTY.RND [2012/02/16 02:08:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/01/18 11:50:14 | 000,069,872 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010/11/24 16:47:59 | 000,000,359 | ---- | C] () -- C:\Documents and Settings\Mark\.DP4WEB_BAPHARI6MARKM.sdv [2010/11/17 14:32:57 | 000,000,029 | ---- | C] () -- C:\Documents and Settings\Mark\FullColor.config ========== ZeroAccess Check ========== [2008/04/25 16:34:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009/12/22 00:21:02 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013/01/09 12:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon [2012/07/03 15:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES [2012/07/03 15:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance [2011/01/17 13:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2012/07/03 15:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11 [2011/03/04 11:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall [2012/07/06 13:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xerox [2013/01/09 12:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Babylon [2011/01/17 14:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/02/25 12:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\com.redcart.RedCartDesktop.3483DAB2E0A4C2F8F40D1ABD90B7D187155E6A71.1 [2013/01/09 15:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\FileZilla [2010/05/26 17:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Leadertech [2013/01/09 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\MiponyDownloadManagerPackages [2010/05/10 12:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\NASNaviator2 [2013/01/05 15:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\QuickScan [2009/11/18 11:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Windows Desktop Search [2010/03/20 11:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Windows Live Writer [2009/12/22 12:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Windows Search [2010/01/28 16:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Xerox ========== Purity Check ========== < End of report >

Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 16 Java 7 Update 9 Adobe Flash Player 11.5.502.146 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (17.0.1) ````````Process Check: objlist.exe by Laurent```````` McAfee VirusScan mcods.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````

I'll run that other stuff in a little bit. I am not the only user, but the only user whose desktop icons are gone. The desktop had program icons, and they are easy to replace. But, it also had folders with data in them. The All Users desktop has nothing in it, and the Administrator Desktop has nothing in it.

And, no desktop files back yet.

Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.09.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 Mark :: PRINTER [administrator] Protection: Enabled 1/9/2013 1:24:02 PM mbam-log-2013-01-09 (13-24-02).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 367486 Time elapsed: 24 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 2 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Unhide by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Unhide.exe can be found at this link: http://www.bleepingc...opic405109.html Program started at: 01/09/2013 12:52:19 PM Windows Version: Windows XP Please be patient while your files are made visible again. Processing the C:\ drive Finished processing the C:\ drive. 383911 files processed. Processing the E:\ drive Finished processing the E:\ drive. 36 files processed. Processing the F:\ drive Finished processing the F:\ drive. 0 files processed. Processing the G:\ drive Finished processing the G:\ drive. 0 files processed. Processing the H:\ drive Finished processing the H:\ drive. 0 files processed. The C:\DOCUME~1\Mark\LOCALS~1\Temp\smtmp\ folder does not exist!! Unhide cannot restore your missing shortcuts!! Please see this topic in order to learn how to restore default Start Menu shortcuts: http://www.bleepingc...opic405109.html Searching for Windows Registry changes made by FakeHDD rogues. - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced No registry changes detected. Program finished at: 01/09/2013 01:14:19 PM Execution time: 0 hours(s), 22 minute(s), and 0 seconds(s)

The first one you want me to download isn't there. I get a server not found message.

Before I go through all of this -- will this result in me getting my files back?

RogueKiller V8.4.2 [Dec 31 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Mark [Admin rights] Mode : Scan -- Date : 01/05/2013 15:07:45 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND [HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400AAKS-75A7B2 +++++ --- User --- [MBR] 254954227fc8d2426f64ca64d9f0da3a [bSP] 3b83ad77660a0b1dca762ed603421109 : Dell MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 600439 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 1229791815 | Size: 9993 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_01052013_02d1507.txt >> RKreport[1]_S_01052013_02d1507.txt

QuickScan 32-bit v0.9.9.118 --------------------------- Scan date: Sat Jan 05 15:00:07 2013 Machine ID: BC9457DE No infection found. ------------------- Processes --------- AAM Updates Notifier Application 4308 C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe Bing Bar 10316 C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE Bing Bar 12152 C:\Program Files\Microsoft\BingBar\7.1.391.0\BingApp.exe Bing Bar 12204 C:\Program Files\Microsoft\BingBar\7.1.391.0\BingBar.exe Bing Bar 10260 C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe Bing Bar 10476 C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe Bing Bar 10572 C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe Bing Bar 3764 C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE Cyberlink PowerDVD 2860 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe DataSafeOnline 2144 C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe Dell Dock 3212 C:\Program Files\Dell\DellDock\DellDock.exe Dock Login Service 1540 C:\Program Files\Dell\DellDock\DockLogin.exe DSAssistant.exe 2408 C:\Program Files\Synology\Assistant\DSAssistant.exe Google Update 848 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe Intel® Common User Interface 4052 C:\WINDOWS\system32\hkcmd.exe Intel® Common User Interface 3432 C:\WINDOWS\system32\igfxpers.exe Intel® Common User Interface 2252 C:\WINDOWS\system32\igfxsrvc.exe Intel® Common User Interface 3436 C:\WINDOWS\system32\igfxtray.exe Java Platform SE 7 U9 476 C:\Program Files\Java\jre7\bin\jqs.exe Java Platform SE Auto Updater 2 0 2316 C:\Program Files\Common Files\Java\Java Update\jusched.exe McAfee Security Scanner 2452 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe McAfee SecurityCenter 4232 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe McAfee Shared Service Host 516 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe McAfee SiteAdvisor 12052 C:\PROGRA~1\McAfee\SITEAD~1\saUI.exe McAfee VirusScan 5856 C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe Microsoft Office Outlook 2007 with Busi 384 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe Microsoft SQL Server 648 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe Microsoft SQL Server 684 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe Microsoft® Windows® Operating System 3612 C:\Program Files\Windows Desktop Search\WindowsSearch.exe Microsoft® Windows® Operating System 2020 C:\WINDOWS\system32\spoolsv.exe Microsoft® Windows® Operating System 3720 C:\WINDOWS\system32\wuauclt.exe NAS Function Scheduling Application 1764 C:\Program Files\BUFFALO\NASNAVI\nassche.exe NAS Power Management Service 932 C:\Program Files\BUFFALO\NASNAVI\nassvc.exe NASNaviator2 3156 C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe QBIDPService 1964 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe QuickBooks 2484 C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE QuickBooks Automatic Update 1144 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe QuickBooks for Windows 1072 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe Realtek HD Audio Sound Effect Manager 3544 C:\WINDOWS\RTHDCPL.EXE Roxio Burn 2704 C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe SYSCORE 1660 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SYSCORE 916 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe UsbClientService.exe 808 C:\Program Files\Synology\Assistant\UsbClientService.exe VSCORE 940 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe Windows® Internet Explorer 11896 C:\Program Files\Internet Explorer\iexplore.exe (verified) Microsoft® .NET Framework 2748 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (verified) Microsoft® Windows® Operating System 1720 C:\WINDOWS\explorer.exe (verified) Microsoft® Windows® Operating System 4060 C:\WINDOWS\system32\alg.exe (verified) Microsoft® Windows® Operating System 1084 C:\WINDOWS\system32\csrss.exe (verified) Microsoft® Windows® Operating System 992 C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System 1164 C:\WINDOWS\system32\lsass.exe (verified) Microsoft® Windows® Operating System 3592 C:\WINDOWS\system32\searchindexer.exe (verified) Microsoft® Windows® Operating System 1152 C:\WINDOWS\system32\services.exe (verified) Microsoft® Windows® Operating System 1032 C:\WINDOWS\system32\smss.exe (verified) Microsoft® Windows® Operating System 748 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1820 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 268 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1708 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1416 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1332 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1552 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 780 C:\WINDOWS\system32\wdfmgr.exe (verified) Microsoft® Windows® Operating System 1108 C:\WINDOWS\system32\winlogon.exe Network activity ---------------- Process McSvHost.exe (516) connected on port 443 (HTTP over SSL) --> 8.18.25.10 Process McSvHost.exe (516) listens on ports: 6646 Process QBCFMonitorService.exe (1072) listens on ports: 8019 Process svchost.exe (1416) listens on ports: 135 (RPC) Autoruns and critical files --------------------------- Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe Adobe CS4 Service Manager C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe Adobe CS5 Service Manager C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Adobe Updater Startup Utility C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe AUTOBACK.EXE C:\Program Files\ERUNT\AUTOBACK.EXE CommonSDK c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe Cyberlink PowerDVD C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe Data Protect C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe DataSafeOnline C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe Dell Dock C:\Program Files\Dell\DellDock\DellDock.exe Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe IntuitSyncManager C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe McAfee Security Scanner C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe McAfee SecurityCenter c:\Program Files\McAfee.com\Agent\mcagent.exe Microsoft® Windows® Operating System C:\Program Files\Windows Desktop Search\WindowsSearch.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll NAS Function Scheduling Application C:\Program Files\BUFFALO\NASNAVI\nassche.exe NASNaviator2 C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe QuickBooks C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE QuickBooks Automatic Update C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe Realtek AC97 Audio - Event Monitor C:\WINDOWS\ALCMTR.EXE Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE Roxio Burn C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Windows® Search C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (verified) Google Update C:\Documents and Settings\Alex\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (verified) Google Update C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe (verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll Browser plugins --------------- AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll Akamai Download Manager ActiveX Control C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.ocx Akamai Download Manager ActiveX Control C:\WINDOWS\Downloaded Program Files\Manager.exe Bing Bar C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll Google Gears 0.5.36.0 C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll Google Update C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe Java Deployment Toolkit 7.0.70.11 C:\WINDOWS\system32\npDeployJava1.dll Java Platform SE 7 U9 c:\program files\java\jre7\bin\jp2ssv.dll Java Platform SE 7 U9 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll Java Platform SE 7 U9 C:\Program Files\Java\jre7\bin\ssv.dll McAfee SiteAdvisor c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll McAfee SiteAdvisor C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll npMcSnFFPl.dll c:\Program Files\McAfee\MSC\npMcSnFFPl.dll NPSWF32_11_5_502_135.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll Silverlight Plug-In c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll Software Manager C:\WINDOWS\Downloaded Program Files\isusweb.dll VSCORE C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll (verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll (verified) Microsoft® Windows Live Login Helper C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (verified) Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll Missing files ------------- File not found: "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll" --> HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)" File not found: c:\progra~1\mcafee\msk\mskapbho.dll --> HKLM\Software\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\InprocServer32\"(default)" Scan ---- MD5: e426229aaa46c7fece3778a2642bb6b3 C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\BingBar\Apps\Mail_15642ee020d2449d86382022aa6f2548\7.1.398\mailcomm.dll MD5: b018ecfeae42dc7c2d9c767a9438ffd3 C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\BingBar\Apps\Search_6f21d9007fa34bc78d94309126de58f5\7.1.382\SearchGhosting.dll MD5: 5c5f3722da38e9695af41baf86ef86d1 C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\BingBar\Apps\Search_6f21d9007fa34bc78d94309126de58f5\7.1.382\SearchHistoryStore.dll MD5: 4cd43010502a7e1337d72e2ad296b239 C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll MD5: 0600cb2613bea0c6c0987b58d56d77b9 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe MD5: e8f503eb5f9633a1547b3f0968f3b662 C:\Program Files\BUFFALO\NASNAVI\nasdmn.dll MD5: 08de24b7b61cbca3aefdf201a25f5d4e C:\Program Files\BUFFALO\NASNAVI\nasexo.dll MD5: 9653cd450c4001f5ebf71df801ee70ee C:\Program Files\BUFFALO\NASNAVI\nasfcn.dll MD5: 200d8288fcafbc0471ef6bf9f188d42a C:\Program Files\BUFFALO\NASNAVI\nasfsy.dll MD5: 8327313f3c13ffb4d2f0ebd70352638f C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe MD5: 56fb475a55bb4f322eca9c951530761b C:\Program Files\BUFFALO\NASNAVI\NasNavi2Res.dll MD5: da614f3014897fe46d6e4a2d483cddd2 C:\Program Files\BUFFALO\NASNAVI\nassche.exe MD5: 15e5abd9e03d57671bb74eb5cbab8019 C:\Program Files\BUFFALO\NASNAVI\nassvc.exe MD5: 42a2940d2177e2a7d3506c792ce95d3e C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll MD5: 0171a39ae9f529e4e49f02bcf8d22ebd C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll MD5: 392e9883ae3da54d00a2e1dba8a9a359 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll MD5: ab056f204be2b2754e25ab1f4a98f021 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll MD5: 185d50da1832a734dc9826037e82be40 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll MD5: 87af77718e3bfb5a7766f575609c057a C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: e43a851f7b12de589424d6c656155cfc C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe MD5: 639b783f5bc546d8d9662881730aff9b C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe MD5: 9c825b8bbef134fff112225202e22d1a C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\LogSession.dll MD5: 779a4ab4661fec74a95943f97a7cc2be C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dll MD5: 1da03f345eb9949f70fb5d266b82a5c9 C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe MD5: 9e5e9af398d1ae13b67b623d5c695ba9 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe MD5: 65e4bfc416f58b68d09bf2001c656679 C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Client\EntitlementClientBootstrap.dll MD5: 6c61a9b95fc6786393172d384561132d C:\Program Files\Common Files\Intuit\QuickBooks\addinmgr2.dll MD5: a1e14bad0c0da15a35a95188bb580305 C:\Program Files\Common Files\Intuit\QuickBooks\CFScan.dll MD5: 2572a4407bb6f1d85c5594e9dca0cb7f C:\Program Files\Common Files\Intuit\QuickBooks\CoLocator2.dll MD5: 6bee1814470dc12fa20c53dfc3c97ebb C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe MD5: dee107066b957d9846d5036a5d40ed0c C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe MD5: 4964f6d0b643cf57f4f0844d20437cb2 C:\Program Files\Common Files\Intuit\QuickBooks\QBDBPortFinder.dll MD5: 4a45af020d687c0291620ad5a100ecdb C:\Program Files\Common Files\Intuit\QuickBooks\QBInstanceFinder.dll MD5: f5dd097058c147cde4c5aa476b2f3f2c C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll MD5: 97e641325339938e22a1c11916280297 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgrps.dll MD5: 90d87714323df53c136de4e755bd024d C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgRequestMgr.dll MD5: 9443062f3d064479844cfb1e9735114b C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBSendError20.dll MD5: ce5ad8f10818a9fb67cf18aa4a078938 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUChannel.dll MD5: f25f18edc248037ed30d107f02ae89e3 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe MD5: 763f825bba16e28018c07bf820a0525e C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUServiceMgr.dll MD5: fc2741a70b84d7e7ba5f51a352669ee8 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\stlport_r50.dll MD5: fc2741a70b84d7e7ba5f51a352669ee8 C:\Program Files\Common Files\Intuit\QuickBooks\stlport_r50.dll MD5: a055fb9195bad9f2c7ad18b2fa9ff87c C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files\Common Files\Java\Java Update\jusched.exe MD5: 28e60c4ec03340ee7c5d51d79c19498b c:\Program Files\Common Files\McAfee\Core\mccoreps.dll MD5: c3333dd48a39c17689414275e09d7cc7 c:\Program Files\Common Files\McAfee\Core\McEvtBrk.dll MD5: 43979c30662f322e720b50b3d95f5d95 c:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.dll MD5: f0012f09428ad9952ff57c93acaab585 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll MD5: ecab006ac6136f1307e140b633cdb8c2 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe MD5: f721987c5a710ef2eda2cba9cffafaf7 C:\Program Files\Common Files\Mcafee\MNA\McNASvc.dll MD5: ae02e6dac99fa4dc642c71b10fee9971 C:\Program Files\Common Files\McAfee\MSC\LangSel.dll MD5: b1e8af364027029272758c8e34776144 C:\Program Files\Common Files\McAfee\MSC\LogCntrl.dll MD5: 85ad707f3c3af8079b2f22c1dc7238c0 C:\Program Files\Common Files\McAfee\MSC\mcbrwsr2.dll MD5: 017ec72c3c9add080daa10956374884a c:\Program Files\Common Files\McAfee\MSC\McDspWrp.dll MD5: 4be8d8fb641f43f4c4d6cf6ab5ade968 C:\Program Files\Common Files\McAfee\MSC\McRtMui.dll MD5: 2e50b9e0c0647475116247dce4357161 c:\Program Files\Common Files\McAfee\MSC\mcutil\11,6,277,0\mcutil.dll MD5: 08e110d89b8c831bf8c3748b8458b82e C:\Program Files\Common Files\McAfee\MSC\sqlite3.dll MD5: b17440a103bc883b57974d63f43b7485 C:\Program Files\Common Files\Mcafee\NMC\McDisc.dll MD5: 3eca9b282687a529995953e1c048bb2d c:\Program Files\Common Files\McAfee\NMC\McMPFEvt.dll MD5: a518d3c9fb121f0f37f86b3f1f5d1c32 C:\Program Files\Common Files\Mcafee\NMC\McNDSv.dll MD5: 6c169a7b9cd228cd56bd95814ebc6194 C:\Program Files\Common Files\Mcafee\NMC\McNmcSrv.dll MD5: 6c2d89c52da8592c57fb0dc7bab36ff7 C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe MD5: 4e13ea496e202bcb4fcc342d96faf83a C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe MD5: 250304dc7238574a6cecc88f13e07538 C:\Program Files\Common Files\McAfee\SystemCore\FTL.Dll MD5: a4d46b6fa6ad0e3aa309d060f00a3808 C:\Program Files\Common Files\McAfee\SystemCore\LockDown.dll MD5: 240f879f13cffae974b8929adc42a257 C:\Program Files\Common Files\McAfee\SystemCore\McShield.dll MD5: 6c2d89c52da8592c57fb0dc7bab36ff7 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe MD5: f0898390403be08777978b4f483953a8 C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll MD5: da7212a2e5df4058ff72840bf4ef67ec C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll MD5: 9f0b0280d1aa8f9b733ad35d7ca92adf C:\Program Files\Common Files\McAfee\SystemCore\mfebopa.dll MD5: e64585a16e4452df3f756ec4ca809e75 C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll MD5: 4e13ea496e202bcb4fcc342d96faf83a C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe MD5: fc76f0803bf2b86e3abd2c63bb0fdefd C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll MD5: 7509744ad3eca4d625520b55633cb2cf C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll MD5: f2afa7e4c5408872cfe6ea814c2d1aaf C:\Program Files\Common Files\McAfee\SystemCore\mferkda.dll MD5: 55e8267140290d8e1bf291252f3723d1 C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll MD5: 82b7415d5a8fb24d3f6736400f5e1600 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe MD5: 01e8d9b07eeb603cc6bf5cdb21f1dcc9 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll MD5: 8d3ff64e90496c73c0344774329581b6 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll MD5: d37356755af6b5a6c84735258edbbc57 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll MD5: 9e94814109a822d4618e8a0a7bd2f722 C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll MD5: a4d46b6fa6ad0e3aa309d060f00a3808 C:\Program Files\Common Files\McAfee\VSCore\Lockdown.dll MD5: 2424231bbd703a677d115c29983b4293 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE MD5: 744cd19aa835ec79384ba19343291a86 c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\cdral.DLL MD5: 3431100adeaa484a1a36bc4623097420 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe MD5: 05fc44d32a144925eae45570029fd6e1 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe MD5: ff5eb78af7dfb68c2fb363537aaf753e c:\Program Files\Common Files\SureThing Shared\stllssvr.exe MD5: 2133b82cd52f1b62cdea633769819a60 C:\Program Files\Common Files\System\ado\msado15.dll MD5: a0c2cb21f4b521429f033fdeb18d63d7 C:\Program Files\Common Files\System\directdb.dll MD5: a74db1e8ebd71b5337defa078b4bbcef C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\CyberLink\PowerDVD DX\MFC71.DLL MD5: be4c00e9bf06c136a1f63856bb7aac5e C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe MD5: d225a5294a135f409cc6354561066e3a C:\Program Files\Dell DataSafe Online\BalloonWindow.dll MD5: b2a31dfeeea314104b16ea238ff24e26 C:\Program Files\Dell DataSafe Online\BuEng.dll MD5: 5f41266a590682f2f831884d007dac30 C:\Program Files\Dell DataSafe Online\cpputils.dll MD5: 4cd6180cb65630f9d8028e9cf51cd64f C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe MD5: 456d4d2759ae9f84c5290749f1e77115 C:\Program Files\Dell DataSafe Online\OlbEng.dll MD5: 1eb873f19426a826dca41c08cdad98b4 C:\Program Files\Dell DataSafe Online\SdbShared.dll MD5: a5d805752fbe16d6ab6e5f52cb01563d C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll MD5: 2eb78ee9e99b49e1e2ec329e6b3b6de5 C:\Program Files\Dell DataSafe Online\SdbUI.dll MD5: 80e69585023a52f3cc5daf2abce5e17e C:\Program Files\Dell\DellDock\DellDock.exe MD5: 0840abbbdf438691ee65a20040635cbe C:\Program Files\Dell\DellDock\DockLogin.exe MD5: 68bdda3fc149d5d605efdf249695c129 C:\Program Files\Dell\DellDock\MyDockLib.dll MD5: e00de20f0f6bed5cd2160247ddc9443b C:\Program Files\ERUNT\AUTOBACK.EXE MD5: 13e9240c63604f14fd1b3a0b0f66910e C:\Program Files\FileZilla FTP Client\fzshellext.dll MD5: 432226e3e9c09a73f389a65dec49bb2f C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll MD5: ae5a69f44c1f97edc83237fc0b29b6fb C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\ieproxy.dll MD5: f77e696991fed3b92e09ac0ce91e9bca C:\Program Files\Internet Explorer\iexplore.exe MD5: cb7c8ecc2ac0acc7018a1028b9bc914a C:\Program Files\Intuit\QuickBooks 2011\abmapi.dll MD5: 639fee12f0b8652bf98c142cdc2cf8c1 C:\Program Files\Intuit\QuickBooks 2011\Accountant.dll MD5: a5fb1a83d2e3a78687dd3fad21b70a7b C:\Program Files\Intuit\QuickBooks 2011\AccountRegistersUI.dll MD5: 1d1d0bd1907b65d481c50d2464e47742 C:\Program Files\Intuit\QuickBooks 2011\ACE.dll MD5: 6e014878193d46028dd1340931fcd6b5 C:\Program Files\Intuit\QuickBooks 2011\ACM.dll MD5: 3ba31650e083d9332c07bc8286ddeb54 C:\Program Files\Intuit\QuickBooks 2011\ADR.dll MD5: c5e95147f745269071131fb0500d59c5 C:\Program Files\Intuit\QuickBooks 2011\APPCORE.dll MD5: 7bb295f36f3217885a7e9071b6f4ce59 C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll MD5: cb41206780d5f45039210dce3d140466 C:\Program Files\Intuit\QuickBooks 2011\bizutil.dll MD5: 8ab0a83b4133d29c4f00ca904b7577c2 C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll MD5: 7c87d481895349db3e897be6b04ef7b5 C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll MD5: 585987f3efa93560243e945410c8bfed C:\Program Files\Intuit\QuickBooks 2011\cindexdb.dll MD5: f8f970ae961a41cd2c4b045db7882b5f C:\Program Files\Intuit\QuickBooks 2011\components\payroll\FilePay\Rules.dll MD5: 0117089b3546196c69f991cd2bfb0503 C:\Program Files\Intuit\QuickBooks 2011\components\payroll\FilePay\Rules.Resources.dll MD5: b75aadfbb4ede4e99f337a97692e9521 C:\Program Files\Intuit\QuickBooks 2011\DatabaseManager.dll MD5: f5dd097058c147cde4c5aa476b2f3f2c C:\Program Files\Intuit\QuickBooks 2011\dbghelp.dll MD5: 7f83f3380b0265eced742387697e6181 C:\Program Files\Intuit\QuickBooks 2011\dbicu11.dll MD5: dfe34774a89f456a99d386b14ad68e41 C:\Program Files\Intuit\QuickBooks 2011\dbicudt11.dll MD5: ea5fb736f9437a99f39d9aa53498f5be C:\Program Files\Intuit\QuickBooks 2011\dblgen11.dll MD5: e0ade91c23e5402e70d5d1a8fd3ffdd2 C:\Program Files\Intuit\QuickBooks 2011\dblib11.dll MD5: 5f4cebf8febb68378b58369f3774dfbc C:\Program Files\Intuit\QuickBooks 2011\dbtool11.dll MD5: 469b487a46c6b17c359bad4036520e27 C:\Program Files\Intuit\QuickBooks 2011\DMAccountant.dll MD5: 04370cb80b6851451c650f7dadffde1d C:\Program Files\Intuit\QuickBooks 2011\DMALIAS.dll MD5: 088f571eb8df0b92e783af7536d12490 C:\Program Files\Intuit\QuickBooks 2011\DMAUDIT.dll MD5: 5a9b8ffbb45926934ac5c39f7abbc4fa C:\Program Files\Intuit\QuickBooks 2011\DMBUDGET.dll MD5: b563a123e821e0dc67c2c94b61f3c9b0 C:\Program Files\Intuit\QuickBooks 2011\DMCore.dll MD5: 0225c3aae96489fe52bdf2e1bfb632ba C:\Program Files\Intuit\QuickBooks 2011\DMDATASYNC.dll MD5: 9302b5446a77a407466cc1da72dac455 C:\Program Files\Intuit\QuickBooks 2011\DMDQE.dll MD5: 80f428f767dc73504001ffd835763d20 C:\Program Files\Intuit\QuickBooks 2011\DMEDL.dll MD5: 91394575905b5b1d66d2945c78ec53de C:\Program Files\Intuit\QuickBooks 2011\DMGenPrefs.dll MD5: 993b1a2c8895987240e1adfed7079ef8 C:\Program Files\Intuit\QuickBooks 2011\DMInventory.dll MD5: b91974425069b668ea41799f493397e0 C:\Program Files\Intuit\QuickBooks 2011\DMOLB.dll MD5: 1120b5783806c8e23a1e5cddf3c681cb C:\Program Files\Intuit\QuickBooks 2011\DMPAYROLL.dll MD5: b33744d5b166e33b72d2681788eefac0 C:\Program Files\Intuit\QuickBooks 2011\DMPREFS.dll MD5: a0da57c2bfd29bebeace2cbceccd89e2 C:\Program Files\Intuit\QuickBooks 2011\DMTIME.dll MD5: ca2c0fbee3fce40d08c48c40eab5140b C:\Program Files\Intuit\QuickBooks 2011\DMTXN.dll MD5: 2e9f7f8dd16b6af9ff96413e22ffd43d C:\Program Files\Intuit\QuickBooks 2011\DMUI.dll MD5: 24a6678ff8faf1a042372dbae7b37e68 C:\Program Files\Intuit\QuickBooks 2011\DMUSERS.dll MD5: cee1c6261dc6a71a69b5ad79d7ea7f65 C:\Program Files\Intuit\QuickBooks 2011\DocumentManagement.dll MD5: 67c9d22c9a08fe86903c77724a994074 C:\Program Files\Intuit\QuickBooks 2011\ELCORE.dll MD5: c4cccb24be1298c731063b1bdd70852e C:\Program Files\Intuit\QuickBooks 2011\ESHELL.dll MD5: 8d171c0355e89960c1890c1dbbc0f3a9 C:\Program Files\Intuit\QuickBooks 2011\FeatureMgr.dll MD5: 33c9314284e70668c00067e8021c9e53 C:\Program Files\Intuit\QuickBooks 2011\Features.dll MD5: b713e072b9ef22d2e34d14fc9bebc5a2 C:\Program Files\Intuit\QuickBooks 2011\FileManifest.dll MD5: 83b4fa2eb706a811f38b5ad86596dfa6 C:\Program Files\Intuit\QuickBooks 2011\htmlhelper.dll MD5: 6393038e358d6cd04a510ead43e85c94 C:\Program Files\Intuit\QuickBooks 2011\IdentityMine.Windows.dll MD5: 520ce25901b9c561a4f50a1ad9d9df99 C:\Program Files\Intuit\QuickBooks 2011\IdentityMine.Windows.Media3D.dll MD5: ce3a70030bc77cc896f77040d74771ba C:\Program Files\Intuit\QuickBooks 2011\IdentityMine.Windows.Panels.dll MD5: e8f8cfb5136d38d77155c6580ba5631d C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetBridge.dll MD5: 00c7a6f949854e26671564aacb391603 C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetInterop.dll MD5: 9a8b3db586ac03702b4623607de28671 C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetLibrary.dll MD5: f49a32f911469d3ae9fc46c4b3b0f536 C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll MD5: 2491c412924f0d959b103207be24eab9 C:\Program Files\Intuit\QuickBooks 2011\msgDBAddIn.dll MD5: 45937c60a8a51eee148cefcae32e6bd9 C:\Program Files\Intuit\QuickBooks 2011\NAAuthTool.dll MD5: 252133372e997b96e41dfa2a12e6c2fa C:\Program Files\Intuit\QuickBooks 2011\OLBService.DLL MD5: 0f69c03ac76b25d28276e554d52aea99 C:\Program Files\Intuit\QuickBooks 2011\OPAQUEBUFFER.dll MD5: fb064852aee17c1f78f3fa7b4876e14d C:\Program Files\Intuit\QuickBooks 2011\paycore.dll MD5: 11ff49461e9b99ca85d619ed0e9945ef C:\Program Files\Intuit\QuickBooks 2011\PAYRES.dll MD5: 6921550f8fe4377a90ea6f56eda7acc8 C:\Program Files\Intuit\QuickBooks 2011\PAYSERV.dll MD5: c325c1ba9bc99af49915bae3fc4eb305 C:\Program Files\Intuit\QuickBooks 2011\PAYUTIL.dll MD5: ca435ec75bc7db6a77f04248fa0d95f8 C:\Program Files\Intuit\QuickBooks 2011\payxsgen.dll MD5: a71851325c78f2fddea188eb8e3aac65 C:\Program Files\Intuit\QuickBooks 2011\PM.dll MD5: 37622df7ff716674c1fe20b50a7e58f0 C:\Program Files\Intuit\QuickBooks 2011\PortFile.dll MD5: 7c9bf69524ddd1a44fb94ba7da1ac3a2 C:\Program Files\Intuit\QuickBooks 2011\PREFS.dll MD5: b73648432725e8fb59f5ba493540fcfb C:\Program Files\Intuit\QuickBooks 2011\PRLoader.dll MD5: 3af35620ad9ae47c1f73247156732687 C:\Program Files\Intuit\QuickBooks 2011\PRNotificationLoader.dll MD5: 9d15bdb3085c459b9a54bac3a579dad1 C:\Program Files\Intuit\QuickBooks 2011\QB2WPFBridge.dll MD5: c640795903b9841a0380fc76e504fc42 C:\Program Files\Intuit\QuickBooks 2011\QBATTR32.dll MD5: d1e7cdd9ce2ef79b6c6c51e19694a061 C:\Program Files\Intuit\QuickBooks 2011\qbbrow32.dll MD5: ca178183b6be0dd2439de3315abe1dc4 C:\Program Files\Intuit\QuickBooks 2011\QBCHAO32.dll MD5: 8499d4a9054ff25f6bd9a9d00fd6aff8 C:\Program Files\Intuit\QuickBooks 2011\qbci32.dll MD5: c829b4ba559668d3577f8b1854e3c46e C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.dll MD5: 96fe99a003497bd9635d44b1d04e669c C:\Program Files\Intuit\QuickBooks 2011\QBCONV32.dll MD5: 18c38a8898c2f45fc0e51226c7c2b525 C:\Program Files\Intuit\QuickBooks 2011\QBDomain.dll MD5: 93b38f34b8509cd5aef4eb8595d32a8b C:\Program Files\Intuit\QuickBooks 2011\qbform32.dll MD5: 5807513bfbf975dd759494eaec661b53 C:\Program Files\Intuit\QuickBooks 2011\QBInbox.dll MD5: 22edc659a1555a89854341d25b6e6aca C:\Program Files\Intuit\QuickBooks 2011\QBINTR32.dll MD5: 25c8567cf720875f7623cac8cedf2e13 C:\Program Files\Intuit\QuickBooks 2011\QBITools.dll MD5: 75de945e9e106f829499fc48e6410bbe C:\Program Files\Intuit\QuickBooks 2011\qblist32.dll MD5: 12cd30b193a692dcfc895a91cfbf693e C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll MD5: dcd8566e28e7e5be8976dd4881a38280 C:\Program Files\Intuit\QuickBooks 2011\QBMAS32.dll MD5: 1984cd7f78f66688e9b96fd570ea5888 C:\Program Files\Intuit\QuickBooks 2011\QBMFCT32.dll MD5: c6299ba47b15b696ed42cb141afa2800 C:\Program Files\Intuit\QuickBooks 2011\QBMSIntg.DLL MD5: 7b69dd38c71612d6a266bcf01ae403df C:\Program Files\Intuit\QuickBooks 2011\QBOESD32.dll MD5: 8d700722afaf2f2709bb1c36a2980949 C:\Program Files\Intuit\QuickBooks 2011\QBONLI32.dll MD5: 7fccb6d7a1a03c47bebb1304785957ea C:\Program Files\Intuit\QuickBooks 2011\qbot.dll MD5: 8c6f180ced16487ebb7b8997ab2d5bc0 C:\Program Files\Intuit\QuickBooks 2011\QBPrefs.dll MD5: 852b5895e6d98cce8157613fcca09d7d C:\Program Files\Intuit\QuickBooks 2011\QBQWUT32.DLL MD5: 9e64315fe08e89b9b6c37c53a892e756 C:\Program Files\Intuit\QuickBooks 2011\QBSDKNotify.dll MD5: 9443062f3d064479844cfb1e9735114b C:\Program Files\Intuit\QuickBooks 2011\QBSendError20.dll MD5: 90a6660f934dcd02ee54527476b5f616 C:\Program Files\Intuit\QuickBooks 2011\QBSTYL32.dll MD5: 55b6065d9b94b9e0627cbbb40063b92b C:\Program Files\Intuit\QuickBooks 2011\qbtool32.dll MD5: 9f76d01eeea2b757e2001fa34a447aa9 C:\Program Files\Intuit\QuickBooks 2011\qbtxn32.dll MD5: 288e2bdb21d79555196444f404f9d475 C:\Program Files\Intuit\QuickBooks 2011\QBUtilities.dll MD5: 0f60deab1c21980d7557cee936bb37ce C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE MD5: e8c3a335556edff8e6259dcad32190ae C:\Program Files\Intuit\QuickBooks 2011\qbwfls32.dll MD5: 8cd42c28f36536f3ebf08494f03dcd27 C:\Program Files\Intuit\QuickBooks 2011\QBWIN32.dll MD5: 9f68229fe11fa640189e45ce004121f1 C:\Program Files\Intuit\QuickBooks 2011\QBWMain.dll MD5: c21fbc7177ff165ef9394ce17a813d36 C:\Program Files\Intuit\QuickBooks 2011\qbwpr32.dll MD5: a7d5304afbc71ef73cbd9a57d7f0a985 C:\Program Files\Intuit\QuickBooks 2011\qbwpsrun.dll MD5: 15f7dcc1e1e412a70b6dc200a0c71638 C:\Program Files\Intuit\QuickBooks 2011\QBWRPT32.dll MD5: f5f89223674d5fd4dd0e6017397e17a7 C:\Program Files\Intuit\QuickBooks 2011\qbxladin.dll MD5: b330a60d0592707c08efd6833aecc14b C:\Program Files\Intuit\QuickBooks 2011\ReportBridge.dll MD5: 3bb9c53a577b0f707c43b06116278e84 C:\Program Files\Intuit\QuickBooks 2011\ReportCenter.dll MD5: 4ee8c4889b68e038226c7e220c4af602 C:\Program Files\Intuit\QuickBooks 2011\ReportInterop.dll MD5: 6ebb726bbd705a8b304f4580b854508f C:\Program Files\Intuit\QuickBooks 2011\sdkutil.dll MD5: 321f2ffcbc080607f300ead05fcc7f5f C:\Program Files\Intuit\QuickBooks 2011\skucore.dll MD5: 913c2a4f1c2cfe40869d2f44b43ba94f C:\Program Files\Intuit\QuickBooks 2011\SSCE5232.dll MD5: fc2741a70b84d7e7ba5f51a352669ee8 C:\Program Files\Intuit\QuickBooks 2011\stlport_r50.dll MD5: f9cdca327724c66ac62646e7c4d0b7d1 C:\Program Files\Intuit\QuickBooks 2011\TaxAlertsECL.dll MD5: 776212b389c0d60dbc2358e0de334504 C:\Program Files\Intuit\QuickBooks 2011\TEJ32.dll MD5: 4b6f5061b5baac342ea1944d91f12c85 C:\Program Files\Intuit\QuickBooks 2011\TRACKING.dll MD5: 04d316de0481d5550712458fa878092e C:\Program Files\Intuit\QuickBooks 2011\txncore.dll MD5: e4481d23c175a148d0afca95a85a5f95 C:\Program Files\Intuit\QuickBooks 2011\TXNFORM.dll MD5: 15fbe2b1cea8e3cc8f8a8c0fa6ebbee5 C:\Program Files\Intuit\QuickBooks 2011\ui.dll MD5: ae56e8e5ab9db2ce0208ee36327faeef C:\Program Files\Intuit\QuickBooks 2011\UM.dll MD5: c34069531ef9d83f1df92ee1335d64c7 C:\Program Files\Intuit\QuickBooks 2011\Webification.dll MD5: 195ed09e0b4f3b09ea4a3b67a0d3f396 C:\Program Files\Intuit\QuickBooks 2011\WPFToolkit.dll MD5: eb47e405a9222ca595e5e763b4156529 c:\program files\java\jre7\bin\jp2ssv.dll MD5: b591e761161d1ef547d76ef236eaa6a5 C:\Program Files\Java\jre7\bin\jqs.exe MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\MSVCR100.dll MD5: c04fcb7eebeb5097b30468828f20fb9e C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll MD5: a7a6954e500715117b64b414ab81cb44 C:\Program Files\Java\jre7\bin\ssv.dll MD5: 22a7776c5d8eb5930edf9c8dd0884259 C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe MD5: 8ac44f0e443974442b574e1de77c8877 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe MD5: 581a9fe27c17b1679085a066b069b65d c:\Program Files\McAfee.com\Agent\mcagent.exe MD5: a727eaf1c956f05f51592d715e50f725 c:\Program Files\McAfee\MPF\MpfApi.dll MD5: 355db4f5e585ca04c08519ce98cd5ca2 c:\Program Files\McAfee\MPF\MpfEvt.dll MD5: a75338fabf3c24ebc4058faf8a7203d7 c:\Program Files\McAfee\MPF\MpfShm.dll MD5: 8cd7f18d1ef09160fd201446ca70a2fd c:\Program Files\McAfee\MPF\MpfSvc.dll MD5: e666404ad413cc1bb2bdaa441d285a52 C:\Program Files\McAfee\MPF\MPFSvcPS.dll MD5: 5fb8031590222674792690fe7f7ae004 C:\Program Files\McAfee\MPF\Twerp.dll MD5: 9fe5cc1913db45fa859c8584e240b32e c:\Program Files\McAfee\MPS\mps.dll MD5: 2b6cb9e78f40b3a7b857548495a6d99d c:\Program Files\McAfee\MPS\mpscfg.dll MD5: 44e59f0bbbb90bdac3304f023937ac19 c:\Program Files\McAfee\MPS\mpsevh.dll MD5: f158180ace853c7c698c4b905b3e6cb5 c:\Program Files\McAfee\MPS\MPSMisp.dll MD5: f891d113ae1488653db2c0fa34a6fbe9 c:\Program Files\McAfee\MQS\QCProgressIcon.dll MD5: ff4b12cc3f0676b7dd945705339b8865 c:\Program Files\McAfee\MQS\ShrCore.dll MD5: aa9b202222cb4870a523fb658188d976 c:\Program Files\McAfee\MQS\ShredExt.dll MD5: 42b4b5f028b10cdede7829ce4de80d1e c:\Program Files\McAfee\MQS\ShredShm.dll MD5: 3c7f5eede350c98723699d8afd4aa691 c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll MD5: 45df6a66256026df51d719c87c16b2ce c:\Program Files\McAfee\MSC\McDBMgr.dll MD5: 9aa3ee13e8cb7671db730015a23f5af5 c:\Program Files\McAfee\MSC\McGsShm.dll MD5: 7c51822e2c94257f3c39551b2e4b8d6a c:\Program Files\McAfee\MSC\McIPTShm.dll MD5: fd83993dbfec4eee7c13bc8fa74dfacc C:\Program Files\McAfee\MSC\mclwapi.dll MD5: d390cda2d132c6d8cc27db7e007970fa c:\Program Files\McAfee\MSC\mcmispps.dll MD5: c76be4b014d2fad9a3e38f2a773bd912 c:\Program Files\McAfee\MSC\mcmschlp.dll MD5: b01860e256305c775c4678f66710aa60 c:\Program Files\McAfee\MSC\McMscShm.dll MD5: cac6f6f206c978deea928b9302646a09 c:\Program Files\McAfee\MSC\mcmscsub.dll MD5: 9f2a6d4198fb88e7fdf7cc487845a489 C:\Program Files\McAfee\MSC\McOemRes.dll MD5: 2b07418ae23172777fe4ad68361f24df C:\Program Files\McAfee\MSC\mcprlalt.dll MD5: 516f2ed421d9689696d38d5b5f825370 C:\Program Files\McAfee\MSC\mcprlres.dll MD5: e6d44bf4a7a11bc06520b8ce54128f7b c:\Program Files\McAfee\MSC\mcsubmgr\11,6,434,0\mcsubmgr.dll MD5: e7abc004978055616431654f63a3e5a7 c:\Program Files\McAfee\MSC\mcuicfg.dll MD5: 354277d6e1b93f111351d523845b6257 c:\Program Files\McAfee\MSC\McUpdShm.dll MD5: 4b06ba13e36358ddabb87b59abe16c3b C:\Program Files\McAfee\MSC\mscjsres.dll MD5: 3234e4bb71dad2c13dc5c8cd85203e8b c:\Program Files\McAfee\MSC\mscuild.dll MD5: a44bffa5d6cc1e909e6a3c16d9bb009b c:\Program Files\McAfee\MSC\npMcSnFFPl.dll MD5: 051aba8438e45f5588a80d93f372f2e7 C:\Program Files\McAfee\MSC\OemUI.dll MD5: 7f24fd14fba86d7672d01ae0b320323e c:\Program Files\McAfee\MSC\oemuild.dll MD5: 33aa9832aa41fa73f44abc29e7cabe5a C:\Program Files\McAfee\MSK\masecore.dll MD5: 6fab79b6d0eb1b31f6b11b0ef377563b c:\Program Files\McAfee\MSK\mskcshim.dll MD5: 8c0aff34d1a0c55a8cb027304f9887fc c:\Program Files\McAfee\MSK\mskengn.dll MD5: 2ce646e579a241d1143c3c858d31ed54 C:\Program Files\McAfee\MSK\MSKSet.dll MD5: 22571be48a7aa4a3621d8a39fa51a56d c:\Program Files\McAfee\MSK\msksrvr.dll MD5: 79aed0cebdb7ef4ea0569ce5d3f95a37 c:\Program Files\McAfee\MSK\mskupd.dll MD5: 69210ed819ecd8c989295b1f183a2ba9 c:\Program Files\McAfee\MSK\mskwm.dll MD5: b326d1ad6db689f62624083aadb23543 c:\Program Files\McAfee\MSK\mskxaif.dll MD5: 5686edb3b234003c5e110f49c07a99b8 c:\Program Files\McAfee\SiteAdvisor\mcbrwctl.dll MD5: 5c4ba8ef8fba80397c33cc33f7f3922f c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll MD5: f9f003ecab0ac26e2aba43e672f15bd9 c:\Program Files\McAfee\SiteAdvisor\McSACorePS.dll MD5: c6fd288c265157410a17ae0531d3af4c C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll MD5: 1d702a6e768510f2623171c963afae36 c:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll MD5: cd64b78db77d443181a9e2e834796863 c:\Program Files\McAfee\SiteAdvisor\saUI.exe MD5: 7ded7521eb8b8d56dadcd044d1b77709 c:\Program Files\McAfee\SiteAdvisor\saupkeep.dll MD5: 80a617849b004d1c6c4beab7aa86f021 C:\Program Files\McAfee\VirusScan\Engine\5500.1093\mcscan32.dll MD5: 22917d103c9c814ad6409c12b828fe4e c:\Program Files\McAfee\VirusScan\mcctxmnu.dll MD5: 9bd0c29c5c78c74a8d177399f07bd194 c:\Program Files\McAfee\VirusScan\McOasShm.dll MD5: c7da06c9a9aeefbe37aac281ea6385d5 C:\Program Files\McAfee\VirusScan\mcods.exe MD5: 93624b1849df1f5ed709522a302a1db2 c:\Program Files\McAfee\VirusScan\mcodsax.dll MD5: 512e8d19d800eaa67bed5e65e8579251 c:\Program Files\McAfee\VirusScan\mcodsps.dll MD5: 57ccef1a8228d9386a474076edf3c5be c:\Program Files\McAfee\VirusScan\McOdsShm.dll MD5: b8b742537bfa1ac4f742b36beb310bf6 c:\Program Files\McAfee\VirusScan\McVsPs.dll MD5: 2e645c11aab7a7e5f607355f6cbdf068 c:\Program Files\McAfee\VirusScan\MVsCfg.dll MD5: 2f25b52b0cf0f6f5be2d789181d61735 c:\Program Files\McAfee\VirusScan\mvslog.dll MD5: 0b3abac9eae7aeabe5063c012ad306bb c:\Program Files\McAfee\VirusScan\MVsScan.dll MD5: 7cc9484fbc922f7dc0b1d767a256c1e5 c:\Program Files\McAfee\VirusScan\NaiAnn.dll MD5: 149da63ed179de9b46d5c38a867f3199 c:\Program Files\McAfee\VirusScan\NaiAnnPs.dll MD5: 618b5e4d16dcba693b421c5062d84f9a c:\Program Files\McAfee\VirusScan\VSJsRes.dll MD5: bfcce364e88a2cb9d64327f7ba7a77f5 C:\Program Files\McAfee\VirusScan\vsores.dll MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe MD5: 5d999bf519415d1c8ee0b97ff6a254db C:\Program Files\Microsoft Office\Office12\msohevi.dll MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll MD5: 6163664c7e9cd110af70180c126c3fdc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe MD5: 1d89eb4e2a99cabd4e81225f4f4c4b25 c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe MD5: 86ebd8b1f23e743aad21f4d5b4d40985 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe MD5: d89083c4eb02daca8f944b0e05e57f9d C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe MD5: d1e2786d29a34009a54868b6b0449296 c:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll MD5: 837608240884733792ddae81e50b802a c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe MD5: f48feb7da35821da15e0b006dcb9a169 C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE MD5: e7f15ac633256f4f472400041ff56b6d C:\Program Files\Microsoft\BingBar\7.1.391.0\BingApp.exe MD5: 26f3927a3e593ed4503e53a2c189e243 C:\Program Files\Microsoft\BingBar\7.1.391.0\BingBar.exe MD5: 0ee4008e662b0647310b696b62dc4a1b C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll MD5: feff48fdd7a604e8ca96f543df045fcf C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe MD5: e37469afaa254472f079f3a10843ffa2 C:\Program Files\Microsoft\BingBar\7.1.391.0\common.dll MD5: 1aac4ed32ca948de4ae802d524fb72f4 C:\Program Files\Microsoft\BingBar\7.1.391.0\DefMgr.DLL MD5: 9172e6bc1cbcf2ee2ee87a4184e0033c C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaNote.dll MD5: 8e16f7a85441986fd2b9ce6c879524e4 C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE MD5: c62d44164113cd26378382747fd3ce78 C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll MD5: 39c4fddc44de555514bd765b567939e3 C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll MD5: 4cd43010502a7e1337d72e2ad296b239 C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll MD5: 8c7336950f1e69cdfd811cbbd9cf00a2 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe MD5: 116aa2b169abd0b620961caff0aeac84 C:\Program Files\Outlook Express\msoeres.dll MD5: 60f58070e56145b8b2ccb264d5e53136 C:\Program Files\Roxio\Roxio Burn\AS_Storage_w32.dll MD5: 0ce025436a9b94d28eea7ec45bdd67b6 C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe MD5: e4e2e8a11ceb6095e84bfe54a1ee70dc c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll MD5: 0bc7957dbc5f368cf5c21df2aa5fc319 C:\Program Files\Synology\Assistant\DSAssistant.exe MD5: 2afb0b621427c93bf077a70d177f4671 C:\Program Files\Synology\Assistant\imageformats\qgif4.dll MD5: 5f06bc11d322fded73e4a779fdd4137e C:\Program Files\Synology\Assistant\imageformats\qico4.dll MD5: d354b14dd3e86e8198a447159737aadf C:\Program Files\Synology\Assistant\imageformats\qjpeg4.dll MD5: 35fbc23ed5dee1298f8563ea929e4a80 C:\Program Files\Synology\Assistant\imageformats\qmng4.dll MD5: 17d980c7f2fedfc41b2d129961cb0078 C:\Program Files\Synology\Assistant\imageformats\qtiff4.dll MD5: c331dcde2fa9972e24f9a1a65c361717 C:\Program Files\Synology\Assistant\QtCore4.dll MD5: 1e4942146c6a9e722b94cb95d1f9df9a C:\Program Files\Synology\Assistant\QtGui4.dll MD5: c9a8cbe7f345aee7dad2bb75cd2878c9 C:\Program Files\Synology\Assistant\QtNetwork4.dll MD5: 98bc512887de6daf8a373a035a980a12 C:\Program Files\Synology\Assistant\qwt5.dll MD5: 6af12011c88c80920d0543616e107cff C:\Program Files\Synology\Assistant\UsbClientService.exe MD5: f2ece68acf2c051effb305708c3aefa9 C:\Program Files\Windows Desktop Search\dbres.dll MD5: e8a3670314b3ddfe6dd18c4b501a9476 C:\Program Files\Windows Desktop Search\deskbar.dll MD5: 2a0b76fcc5138ac0321a01766c980387 C:\Program Files\Windows Desktop Search\en-us\dbres.dll.mui MD5: 0e28e671281ebf1f1f8fe093d2bd4a7b C:\Program Files\Windows Desktop Search\en-us\msnlExtRes.dll.mui MD5: 56183fb6413b7c5cb42b8ac1541a4ee8 C:\Program Files\Windows Desktop Search\en-us\WindowsSearchRes.dll.mui MD5: 2996faeca864ee4938aa247b2386a69b C:\Program Files\Windows Desktop Search\msnlExtRes.dll MD5: 994ad0d8550b8b26990a6e3aa0791502 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll MD5: f23a5d407b753f2e5e2bb6a95ab6d12b C:\Program Files\Windows Desktop Search\WdsMktTools.dll MD5: b5c9f63c01fcfec3f64ec6a0940a1825 C:\Program Files\Windows Desktop Search\WindowsSearch.exe MD5: cbfd0fb0a9491ed3f1bab4c64a04d2f1 C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll MD5: b5b27b057b97a947c31b41f0ef3b4d44 C:\Program Files\Windows Desktop Search\wordwheel.dll MD5: 581a9fe27c17b1679085a066b069b65d C:\PROGRA~1\McAfee.com\Agent\mcagent.exe MD5: cd64b78db77d443181a9e2e834796863 C:\PROGRA~1\McAfee\SITEAD~1\saUI.exe MD5: c7da06c9a9aeefbe37aac281ea6385d5 C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe MD5: ea31039e691c6f8f5469649526eea5fb C:\WINDOWS\ALCMTR.EXE MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL MD5: 486e625601ede9a2b51ad7b4cc0b1861 C:\WINDOWS\assembly\GAC_MSIL\Intuit.QuickBooks.XmlDigitalSignature\1.2.0.0__5b3f47ba29970ccb\Intuit.QuickBooks.XmlDigitalSignature.dll MD5: a5b646ca8b89060e01873df41f8a4369 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\b5af2249e2d550f2752176a75c7a7656\Accessibility.ni.dll MD5: d6adf4834abef49e715153d612444060 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\DellDock\c0500377f64db8373d998a5f85890df5\DellDock.ni.exe MD5: 6a1f974b02ce7b6cfa08eb771d9426c8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MenuSkinning\3dee9e6a1851625c72078d739b237635\MenuSkinning.ni.dll MD5: 7a4d7b91bc815ed33e63122ca7078fd0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll MD5: 2d957ea508f0e9d4e3c33c194829c09a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MyDock.Util\3cf15041c72a9931d913d0e4b195bed6\MyDock.Util.ni.dll MD5: cba9fcb0c3f24f787c28d3633c4990cd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\1ce67382fb5f6eff28ec02c1d5f9d692\PresentationCore.ni.dll MD5: 1c06208aa9f11af32dd8ca0dda03b3fd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\a8884cf6a7985974e7b80c2ae6978cfb\PresentationFontCache.ni.exe MD5: 3e6169a2bd50f2b07a01636cad43ecf2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3524383abc7d257cdb5d3f6f22ee8068\PresentationFramework.Luna.ni.dll MD5: a025c34ddffe817a8160e25cc95135a1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\607521f6878e37764b6a2272f89996f6\PresentationFramework.ni.dll MD5: fc311345223c68abc9c897a204cff1a1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c14cec63fc2a347b26e146d390e6e4e\PresentationFramework.Classic.ni.dll MD5: 6f0cba0b23e4a6a2101bf9e8e3956e0d C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9bd44fadf9b7854e5b565cb3223193bc\PresentationFramework.Aero.ni.dll MD5: 878f6183cef9bef0019fe03ee10ad269 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll MD5: 9484c25664af5d5e44d68e6d36bdd00a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\3710da7b61c2c4ed10903487dbde1c35\System.Core.ni.dll MD5: c1a1f10bd3839c6c583ae84c9d6d0b22 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll MD5: aca57ba96a51229cc4574fde502d03dd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll MD5: 5d94897515e29aed850352803a3a9450 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\e564bacf8526a85451e0eaaf5b1137bb\System.Security.ni.dll MD5: 7dd59b0ff41ea39d320ffcd825d61b4f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll MD5: f0860d6e7cdd4ca9247be1f3df037b20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7fba5762199fc6763c8aaddc16abebcd\System.Web.Services.ni.dll MD5: bb5b7e95212d816aff7a329f248a1adf C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll MD5: 89be7f1e47ade757e0460027ec5cd998 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll MD5: c2b9b86d3037ad3902058939954d6109 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll MD5: a2f60d2f57b7b9f429bf319859322b49 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f3f0a408362eaceda1b3493d2798cd97\UIAutomationProvider.ni.dll MD5: 86a69f4c05b622aeb11a8319c7faf37c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\31368559b4afa9eb6085e6f599982b88\VistaBridgeLibrary.ni.dll MD5: e37aa27a26d7186d02dca016285f25b1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\e42848e8620740a16ef83db124a05803\WindowsBase.ni.dll MD5: 352ab6c3942e509332dec566aabcfd62 C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.ocx MD5: d715a946e66028cdb04c9e9f8c7137f5 C:\WINDOWS\Downloaded Program Files\dwusplay.exe MD5: 2d54daecba60eb03f9e63dd50669f634 C:\WINDOWS\Downloaded Program Files\isusweb.dll MD5: 455ca248a92816766fad91b5ce258773 C:\WINDOWS\Downloaded Program Files\Manager.exe MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll MD5: 860fad57b4668a9f5f350a9d5444ae89 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll MD5: ea3af33a9341b88d23fdc20d6ec826fe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll MD5: b560a085eed4d5d72b039929f9ae4991 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MD5: f282d4edd85d53e20d902cc92190c5f5 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll MD5: fb53a700132d9a97d1e10e9f80bd6174 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MD5: 35a936c7c029a5b705d3ffd40518d660 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: 2c53b6e2e2c6a80b2d3d56b3219c448d C:\WINDOWS\RTHDCPL.EXE MD5: 77abfeb4ecb42824aaa975621e93ee0e C:\WINDOWS\system32\advpack.dll MD5: 00d2c06a552f782c1f16acf77db765a5 C:\WINDOWS\system32\ATL100.DLL MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll MD5: 46ae5ab9b5083bb94a46dae00e203d3b C:\WINDOWS\system32\corpol.dll MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll MD5: 78e862846112347eee8214b649ae563f C:\WINDOWS\system32\dispex.dll MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys MD5: cec1dbed5ea31801cdeb12833234f139 C:\WINDOWS\system32\DRIVERS\busenum.sys MD5: 67b20da4727f54aea29fddad810c898d C:\WINDOWS\system32\drivers\cfwids.sys MD5: d61e53e3fec0c92bc8dd3969fad63f87 C:\WINDOWS\system32\drivers\HipShieldK.sys MD5: 66a685b05066683621920bc14a45cfe8 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys MD5: ba3004f4c0a0cd19db9c2c0ab3a84efe C:\WINDOWS\system32\drivers\mfeapfk.sys MD5: 39c20b7d9ac19bfe616ca09dd3a240af C:\WINDOWS\system32\drivers\mfeavfk.sys MD5: e3470decda0a4015a0ca00ed645f2ebe C:\WINDOWS\system32\drivers\mfebopk.sys MD5: c8ac8147e02ed8795e1fd946165baccf C:\WINDOWS\system32\drivers\mfefirek.sys MD5: 7aaf92954d8d2801b17a1163c60abfe9 C:\WINDOWS\system32\drivers\mfehidk.sys MD5: 3474b9391903c0ab2e9987cb4de943d8 C:\WINDOWS\system32\DRIVERS\mfendisk.sys MD5: 62d55d882d58a1250348f324bc0afc06 C:\WINDOWS\system32\drivers\mferkdet.sys MD5: fcfab391e3736769fe5865f3acb3dccb C:\WINDOWS\system32\drivers\mfetdi2k.sys MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys MD5: 2feb5bf0312e1cb76cd2caa875cbaa5d C:\WINDOWS\system32\drivers\RtkHDAud.sys MD5: aabb1d240862349181f5350dd62faae7 C:\WINDOWS\system32\DRIVERS\RxFilter.sys MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys MD5: 4bac8df07f1d8434fc640e677a62204e C:\WINDOWS\system32\DRIVERS\usbehci.sys MD5: 1385e5aa9c9821790d33a9563b8d2dd0 C:\WINDOWS\System32\Drivers\wpdusb.sys MD5: 613570c245cbfbf40972b825c1ea6784 C:\WINDOWS\system32\Dxtmsft.dll MD5: 8607b97b59c3364d201014b5a365215a C:\WINDOWS\system32\Dxtrans.dll MD5: ffb3115aa757abefba7fba90bad5dd0a C:\WINDOWS\system32\en-us\tQuery.dll.mui MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll MD5: 4f1c45f1f0fd7d9a8940a285d44e7b8b C:\WINDOWS\system32\hccutils.DLL MD5: 1760f39b51a1cadabaf8d763c271ac52 C:\WINDOWS\system32\hkcmd.exe MD5: e185f45c2cad36de9e7cb9677c625dc5 C:\WINDOWS\system32\ieapfltr.dll MD5: e8e70fe0a1357342503af4c8976f0965 C:\WINDOWS\system32\ieframe.dll MD5: 5dd6cea06d9398b6f9379e969741cd0f C:\WINDOWS\system32\iepeers.dll MD5: 1ff73b39179b05b320404a2b0717a286 C:\WINDOWS\system32\iertutil.dll MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll MD5: 3f2c683f25ef6f397f6638f3e0c521ff C:\WINDOWS\system32\igfxdev.dll MD5: 0e153ba8123c525ff2b6771138d710a0 C:\WINDOWS\system32\igfxpers.exe MD5: c8f9114280feb509f413742dd342b18a C:\WINDOWS\system32\igfxpph.dll MD5: cd39737952134241fcac0ca9fff93586 C:\WINDOWS\system32\igfxrENU.lrc MD5: 5d14d913dff72a84650a8b4263903f95 C:\WINDOWS\system32\igfxress.dll MD5: 2c5918420a2fc3245629d7a1ec29ed25 C:\WINDOWS\system32\igfxsrvc.dll MD5: c6dba50f46176398d07dafb34e440e95 C:\WINDOWS\system32\igfxsrvc.exe MD5: b729360204dcd8d1d0e5b8516ab6b6ba C:\WINDOWS\system32\igfxtray.exe MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll MD5: a77f650fe3c5ac3b5d26dbd86d7e18e0 C:\WINDOWS\system32\InetClnt.dll MD5: 57aa18b2896055e8cb269b19dd85e7f3 C:\WINDOWS\system32\INETCOMM.dll MD5: b6932761058dc21beaa7a1245b1b20e6 C:\WINDOWS\system32\infosoft.dll MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\system32\JScript.dll MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr MD5: 7bd2d27143f94b2103ac694ebbb7ce10 C:\WINDOWS\system32\LPRHELP.dll MD5: ecff42413e9744a6f80ba8f2a77704af C:\WINDOWS\system32\lprmon.dll MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll MD5: 25def2ef843275862ffbf55487cefddd C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx MD5: 95ce557d16a75606ccc2d7f3b0b0bccb C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe MD5: 54fc590185d7d00d65e53b9a5990dc14 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll MD5: 1e744353bd534405187a404667da3dc3 C:\WINDOWS\system32\mgmtapi.dll MD5: 69a5adf546505f4c69ef3046bf798b49 C:\WINDOWS\system32\MPRUI.dll MD5: 3f790874a85819e94574f3e7af9c5806 C:\WINDOWS\system32\msctfime.ime MD5: 75450799db55482cbdc7a54c51a0f238 C:\WINDOWS\system32\mshtml.dll MD5: 40dbbd3c11217ac666b0f8a0744ef1ab C:\WINDOWS\system32\mshtmled.dll MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll MD5: 85ac5f11d4759d13674b3e92eac3f140 C:\WINDOWS\system32\msident.dll MD5: 7ed041c7f82a381417aa3f43ab55f95a C:\WINDOWS\system32\msidntld.dll MD5: 140ef97b64f560fd78643cae2cdad838 C:\WINDOWS\system32\MsPMSNSv.dll MD5: 6e914eedd145c5acce56f4d5f3d606fc C:\WINDOWS\system32\mssph.dll MD5: 64b33cc5bf131def2721394cf9b3f8ed C:\WINDOWS\system32\MSVBVM60.DLL MD5: e3c817f7fe44cc870ecdbcbc3ea36132 C:\WINDOWS\system32\MSVCP100.dll MD5: bf38660a9125935658cfa3e53fdc7d65 C:\WINDOWS\system32\MSVCR100.dll MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll MD5: a0ae7f043497c9971e9d7fe291099d40 C:\WINDOWS\system32\msxml6.dll MD5: bbdfdbead1b7a1cfd44bfffd177fb627 C:\WINDOWS\system32\mucltui.dll MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\NETAPI32.dll MD5: 20fd44370267ccd0a64a1b31861c21d2 C:\WINDOWS\system32\netmsg.dll MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll MD5: 1414e666316ca7d9823dbd2d4ada5971 C:\WINDOWS\system32\NETUI2.dll MD5: ab87c54ca19675880b0cae65b8af140c C:\WINDOWS\system32\npDeployJava1.dll MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll MD5: d59a7119054d70fc745a1bf9c06dcc65 C:\WINDOWS\system32\oeph.dll MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll MD5: 9a257b90323470ab065e9544bec5c01c C:\WINDOWS\system32\pngfilt.dll MD5: 77de1f81666a4766bfed712dc7232f4e C:\WINDOWS\system32\PresentationNative_v0300.dll MD5: b2cf9f1f606dec23f70a40b01df3c396 C:\WINDOWS\system32\printui.dll MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll MD5: f0a0ebf086597e645bc14b0d98f8ba58 C:\WINDOWS\system32\scrrun.dll MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\security.dll MD5: 62bdf8e945f23bee485bb3cb4ed19cb7 C:\WINDOWS\system32\SHDOCVW.dll MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll MD5: adc086a90695945b2a0544ac2397b114 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PS5UI.DLL MD5: 8365b78c019d145b705cc0819fe35693 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL MD5: 4dd6e923d831257531ba564c7860038c C:\WINDOWS\System32\spool\PRTPROCS\W32X86\x5print.dll MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe MD5: 77a54bdfbad4604e6131ae68e3cf76d6 C:\WINDOWS\system32\srclient.dll MD5: 92e2a2574186bcbb7027a6048e1b8b1b C:\WINDOWS\system32\srrstr.dll MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll MD5: 8357809e111e09393633039769d96281 C:\WINDOWS\system32\tcpmib.dll MD5: 32933b07fc16d9f778bee12545fa1b1a C:\WINDOWS\system32\tcpsvcs.exe MD5: 4763ce0b8cf4ca355db2fe6c74675db8 C:\WINDOWS\system32\twext.dll MD5: ba8fdf82d0b1316d5eaf60f5a0498de1 C:\WINDOWS\system32\uncdms.dll MD5: 11220e8430101cc5d47521a9515d173f C:\WINDOWS\system32\urlmon.dll MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll MD5: 142e08e570d8fcd87e845f1463c1aece C:\WINDOWS\system32\VBScript.dll MD5: d37f42709d6ecc7642eec8843a676a7b C:\WINDOWS\system32\VXBLOCK.dll MD5: 4306fa2f1099d7c606139255fdb62b19 C:\WINDOWS\system32\wbem\framedyn.dll MD5: 116c7a47401a06ffc8e08c7e6d9a6daa C:\WINDOWS\system32\webcheck.dll MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll MD5: 8381b36d077d043d0d4fe6ac94c44a1f C:\WINDOWS\system32\WININET.dll MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll MD5: 277f3e3333f1d10ca428568197fcce70 C:\WINDOWS\system32\wsnmp32.dll MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\WINDOWS\system32\wuauclt.exe MD5: c31dd4cec06d2908ae5f212a0b13805b C:\WINDOWS\system32\wuaucpl.cpl MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll MD5: c88c65df1ed4dfd34cfbd11cdfe519a3 C:\WINDOWS\system32\wucltui.dll MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\XmlLite.dll MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll MD5: ccdb8749499ba6568b085e4511485d92 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_35349982\ATL90.DLL MD5: 5af224814de97058de7622bb8276770c C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcm90.dll MD5: 0d94140fc0c701d8e93d2eceb0b44057 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\MSVCP90.dll MD5: fa093f6a65507f7c2ae9697ce2a904cc C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\MSVCR90.dll MD5: 465e465d3346af882a066a660c1d3c69 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90.dll MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll No file uploaded. Scan finished - communication took 2 sec Total traffic - 0.04 MB sent, 1.15 KB recvd Scanned 998 files and modules - 283 seconds ==============================================================================

Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 16 Java 7 Update 9 Adobe Flash Player 11.5.502.135 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (17.0.1) ````````Process Check: objlist.exe by Laurent```````` McAfee VirusScan mcods.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````

info.txt logfile of random's system information tool 1.09 2013-01-05 14:53:41 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07} Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07} Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E} Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8} Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0} Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191} Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F} Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100} Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D} Adobe Community Help-->msiexec /qb /x {A127C3C0-055E-38CF-B38F-1E85F8BBBFFE} Adobe Community Help-->MsiExec.exe /I{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE} Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF} Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A} Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C} Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972} Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain plugin Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67} Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A} Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD} Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1 Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} Adobe Photoshop Lightroom 2.7-->MsiExec.exe /I{B0513493-04B9-4F21-B4AB-83E750D54256} Adobe Reader 9.5.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001} Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23} Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4} AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} Allied Color Labs' Digital Studio v5 5-->C:\Program Files\LabPrints\Allied Color Labs' Digital Studio v5\uninstall.exe Bing Bar-->MsiExec.exe /X{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF} BUFFALO LinkStation(LX-WXL) Setup Guide-->C:\WINDOWS\UN090928.EXE /U BUFFALO NAS Navigator2-->C:\WINDOWS\UN060501.EXE /U Business Contact Manager for Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {B32C4059-6E7A-41EF-AD20-56DF1872B923} Business Contact Manager for Outlook 2007 SP2-->MsiExec.exe /X{B32C4059-6E7A-41EF-AD20-56DF1872B923} Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D} Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml" Dell DataSafe Online-->MsiExec.exe /X{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1} Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76} DirectXInstallService-->MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75} ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" FileZilla Client 3.6.0.2-->C:\Program Files\FileZilla FTP Client\uninstall.exe Full Color's Digital Studio v5 5-->C:\Program Files\LabPrints\Full Color's Digital Studio v5\uninstall.exe Google Gears-->MsiExec.exe /I{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe" Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF} Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243} McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe" McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall MCL-Modern Image's Digital Studio v5 5-->C:\Program Files\LabPrints\MCL-Modern Image's Digital Studio v5\uninstall.exe Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB2698023)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2698023\M2698023Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9} Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Small Business 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SMALLBUSINESSR /dll OSETUP.DLL Microsoft Office Small Business 2007-->MsiExec.exe /X{91120000-00CA-0000-0000-0000000FF1CE} Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F} Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Native Client-->MsiExec.exe /I{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686} Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual Studio 2005 Tools for Office Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe" MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9} PowerDVD DX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x9 -cluninstall Production Studio v5 5.0-->C:\Program Files\LabPrints\Production Studio v5\uninstall.exe QuickBooks Pro 2011-->msiexec.exe /I {1D70AABC-CB59-4700-A708-EA56D1CA07B0} UNIQUE_NAME="pro" QBFULLNAME="QuickBooks Pro 2011" ADDREMOVE=1 QB_IS_SUBSCRIPTION=0 QuickBooks-->MsiExec.exe /I{1D70AABC-CB59-4700-A708-EA56D1CA07B0} RedCart Desktop 1.3.4-->msiexec /qb /x {057A0C9D-5543-581B-612E-D87288AC113C} RedCart Desktop 1.3.4-->MsiExec.exe /I{057A0C9D-5543-581B-612E-D87288AC113C} Reimage Repair-->C:\Program Files\Reimage\Reimage Repair\uninst.exe Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7} Roxio Burn-->C:\Documents and Settings\All Users\Application Data\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe /x {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87} Roxio Burn-->MsiExec.exe /I{A33E7B0C-B99C-4EC9-B702-8A328B161AF9} Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693} Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} Roxio Easy CD and DVD Burning-->C:\Documents and Settings\All Users\Application Data\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817} Roxio Easy CD and DVD Burning-->MsiExec.exe /I{612B5D2E-8084-4102-91DE-24281E4EFB2C} Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9} Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F} Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7} Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5} Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12} Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2722913)-->"C:\WINDOWS\ie7updates\KB2722913-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2744842)-->"C:\WINDOWS\ie7updates\KB2744842-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB2761465)-->"C:\WINDOWS\ie7updates\KB2761465-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe" Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe" Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe" Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe" Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe" Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe" Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe" Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe" Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe" Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe" Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe" Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe" Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe" Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe" Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe" Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe" Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe" Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe" Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe" Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shared C Run-time for x86-->MsiExec.exe /I{1945A4B5-73B6-4DE9-99A3-05261B7FDED0} Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B} Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434} Synology Assistant (remove only)-->C:\Program Files\Synology\Assistant\Uninstall.exe Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C} Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C} Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {ED38F8A3-4F61-494E-8BCA-E3AC7760C924} Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {5DB2894C-2DA4-4DEF-A051-795AE799964A} Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {2F2E7045-D922-4BF4-8F87-1583B61D1D6E} Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe" Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe" Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe" Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe" Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe" Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe" Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe" Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87} Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5} Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5} Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Xerox Support Centre-->C:\Program Files\Xerox\Support Centre\supportuninstall.exe ======Security center information====== AV: McAfee Anti-Virus and Anti-Spyware FW: McAfee Firewall ======System event log====== Computer Name: PRINTER Event Code: 64008 Message: The protected system file c:\windows\system32\batmeter.dll could not be verified as valid because Windows File Protection is terminating. Use the SFC utility to verify the integrity of the file at a later time. Record Number: 56032 Source Name: Windows File Protection Time Written: 20121212032224.000000-300 Event Type: warning User: Computer Name: PRINTER Event Code: 1073 Message: The attempt to reboot PRINTER failed Record Number: 56031 Source Name: USER32 Time Written: 20121212032210.000000-300 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRINTER Event Code: 36 Message: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Record Number: 55993 Source Name: W32Time Time Written: 20121212000319.000000-300 Event Type: warning User: Computer Name: PRINTER Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 55911 Source Name: Tcpip Time Written: 20121211124113.000000-300 Event Type: warning User: Computer Name: PRINTER Event Code: 1073 Message: The attempt to unknown PRINTER failed Record Number: 55907 Source Name: USER32 Time Written: 20121211111611.000000-300 Event Type: warning User: PRINTER\Blanca =====Application event log===== Computer Name: PRINTER Event Code: 4 Message: An unexpected error has occured in "QuickBooks Pro 2011": DB-82 Error: -816 ErrorMessage:'Specified database file already in use' Record Number: 15780 Source Name: QuickBooks Time Written: 20120918112159.000000-240 Event Type: error User: Computer Name: PRINTER Event Code: 3013 Message: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Record Number: 15772 Source Name: Windows Search Service Time Written: 20120917200235.000000-240 Event Type: error User: Computer Name: PRINTER Event Code: 3013 Message: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Record Number: 15771 Source Name: Windows Search Service Time Written: 20120917200235.000000-240 Event Type: error User: Computer Name: PRINTER Event Code: 1002 Message: Hanging application Photoshop.exe, version 11.0.2.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 15766 Source Name: Application Hang Time Written: 20120917103134.000000-240 Event Type: error User: Computer Name: PRINTER Event Code: 3013 Message: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Record Number: 15735 Source Name: Windows Search Service Time Written: 20120915073332.000000-240 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Common Files\Intuit\QBPOSSDKRuntime "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\ "EMC_AUTOPLAY"=c:\Program Files\Common Files\Roxio Shared\ -----------------EOF-----------------

Logfile of random's system information tool 1.09 (written by random/random) Run by Mark at 2013-01-05 14:52:59 Microsoft Windows XP Professional Service Pack 3 System drive C: has 538 GB (90%) free of 600 GB Total RAM: 3037 MB (62% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:53:30 PM, on 1/5/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17115) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files\BUFFALO\NASNAVI\nassvc.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synology\Assistant\UsbClientService.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell\DellDock\DellDock.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe C:\Program Files\BUFFALO\NASNAVI\nassche.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\Program Files\Synology\Assistant\DSAssistant.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\McAfee\VirusScan\mcods.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Mark\Desktop\RSIT.exe C:\Program Files\trend micro\Mark.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s%s R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: BUFFALO NAS Navigator2.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: McAfee Application Installer Cleanup (0151451356539822) (0151451356539822mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\015145~1.EXE (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NAS PM Service (NasPmService) - BUFFALO INC. - C:\Program Files\BUFFALO\NASNAVI\nassvc.exe O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: SessionLauncher - Unknown owner - c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe -- End of file - 13778 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Blanca.job C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Mark.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011UA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012UA.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.4" prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=mcafee&p=" "{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "{000a9d1c-beef-4f90-9363-039d445309b8}"=C:\Program Files\Google\Google Gears\Firefox\ "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor "{D19CA586-DD6C-4a0a-96F8-14644F340D60}"=C:\Program Files\Common Files\McAfee\SystemCore [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.135 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2] "Description"=Java™ Deployment Toolkit "Path"=C:\WINDOWS\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin] "Description"= "Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll npCouponPrinter.xpt Scriptff.dll C:\Program Files\Mozilla Firefox\plugins\ npCouponPrinter.dll npMozCouponPrinter.dll nppdf32.dll C:\Program Files\Mozilla Firefox\searchplugins\ amazondotcom.xml bing.xml eBay.xml google.xml McSiteAdvisor.xml twitter.xml wikipedia.xml yahoo.xml C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\ {20a82645-c095-46ed-80e3-08825760534b} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-24 449512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll [2012-05-25 79776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}] Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-04 18084864] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-03-04 57344] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-04 150040] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-04 178712] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-04 150040] "Dell DataSafe Online"=C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [2009-07-07 1779952] "PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-02-04 128232] "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2012-09-12 1278648] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208] "AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "Desktop Disc Tool"=C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-12-15 498160] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008] "Intuit SyncManager"=C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [2012-10-08 2643320] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "AdobeBridge"= [] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Intuit Data Protect.lnk - C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe QuickBooks_Standard_21.lnk - C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Mark\Start Menu\Programs\Startup BUFFALO NAS Navigator2.lnk - C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE NAS Scheduler.lnk - C:\Program Files\BUFFALO\NASNAVI\nassche.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2009-03-04 217088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent" "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe"="C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2" "C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe"="C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager" "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host" "C:\Program Files\Synology\Assistant\DSAssistant.exe"="C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.siren"=sirenacm.dll ======File associations====== .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2013-01-05 14:53:00 ----D---- C:\Program Files\trend micro 2013-01-05 14:52:59 ----D---- C:\rsit 2013-01-05 14:52:00 ----D---- C:\WINDOWS\ERDNT 2013-01-05 14:50:00 ----D---- C:\Program Files\ERUNT 2013-01-03 14:36:14 ----D---- C:\WINDOWS\LastGood 2012-12-21 03:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$ 2012-12-13 18:19:07 ----A---- C:\WINDOWS\system32\drivers\mfendisk.sys 2012-12-12 03:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$ 2012-12-12 03:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$ 2012-12-12 03:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$ 2012-12-12 03:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$ 2012-12-12 03:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$ ======List of files/folders modified in the last 1 month====== 2013-01-05 14:53:35 ----RSHDC---- C:\WINDOWS\system32\dllcache 2013-01-05 14:53:32 ----D---- C:\WINDOWS\Temp 2013-01-05 14:53:15 ----D---- C:\WINDOWS\Prefetch 2013-01-05 14:53:00 ----RD---- C:\Program Files 2013-01-05 14:52:00 ----AD---- C:\WINDOWS 2013-01-05 10:36:29 ----D---- C:\WINDOWS\system32\CatRoot 2013-01-05 10:35:09 ----HD---- C:\WINDOWS\inf 2013-01-04 16:02:42 ----RSD---- C:\WINDOWS\Fonts 2013-01-04 15:44:19 ----D---- C:\Documents and Settings\Mark\Application Data\FileZilla 2013-01-04 13:54:15 ----A---- C:\WINDOWS\SchedLgU.Txt 2013-01-03 14:36:07 ----D---- C:\WINDOWS\system32\CatRoot2 2013-01-03 14:33:20 ----D---- C:\Documents and Settings 2013-01-03 14:29:14 ----D---- C:\WINDOWS\system32\config 2013-01-03 14:28:48 ----D---- C:\WINDOWS\system32\wbem 2013-01-03 14:28:47 ----D---- C:\WINDOWS\Registration 2013-01-03 14:24:22 ----D---- C:\WINDOWS\system32\Restore 2013-01-02 16:39:34 ----AD---- C:\WINDOWS\system32 2012-12-28 10:32:47 ----D---- C:\Program Files\Adobe 2012-12-27 14:11:28 ----SHD---- C:\WINDOWS\Installer 2012-12-27 14:11:18 ----A---- C:\WINDOWS\OEWABLog.txt 2012-12-26 12:37:11 ----D---- C:\Program Files\Mozilla Firefox 2012-12-21 09:20:20 ----D---- C:\Program Files\Mozilla Maintenance Service 2012-12-21 03:01:15 ----HD---- C:\WINDOWS\$hf_mig$ 2012-12-20 15:57:13 ----D---- C:\Program Files\Common Files\McAfee 2012-12-16 07:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll 2012-12-13 18:19:07 ----D---- C:\WINDOWS\system32\drivers 2012-12-12 14:09:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2012-12-12 03:06:42 ----A---- C:\WINDOWS\imsins.BAK 2012-12-12 03:06:16 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2012-12-12 03:05:31 ----D---- C:\WINDOWS\system32\en-US 2012-12-12 03:05:31 ----D---- C:\Program Files\Internet Explorer 2012-12-12 03:05:20 ----D---- C:\WINDOWS\ie7updates 2012-12-12 03:00:39 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2012-11-09 565352] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-07-09 45200] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592] R1 mfetdi2k;McAfee Inc. mfetdi2k; C:\WINDOWS\system32\drivers\mfetdi2k.sys [2012-11-09 91168] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R3 busenum;Synology Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\busenum.sys [2011-02-18 46304] R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2012-11-09 60480] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-04 6048768] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-04 5027840] R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2012-11-09 132912] R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2012-11-09 234824] R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2012-11-09 65488] R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2012-11-09 362640] R3 mfendiskmp;mfendiskmp; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-11-09 84432] R3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2012-11-09 92192] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-04 117888] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 cpuz134;cpuz134; \??\C:\DOCUME~1\Mark\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [] S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-04-20 146872] S3 mbr;mbr; \??\C:\DOCUME~1\Mark\LOCALS~1\Temp\mbr.sys [] S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys [] S3 mfendisk;McAfee Core NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-11-09 84432] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2008-05-06 11520] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944] S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368] S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928] S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752] S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2009-06-26 57328] S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960] S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-11 30312] R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-24 161768] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-11-09 203400] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 168880] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-11-09 167344] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784] R2 NasPmService;NAS PM Service; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [2008-07-11 251184] R2 QBCFMonitorService;QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [2012-10-24 45056] R2 QBVSS;QBIDPService; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-03-09 1248256] R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944] R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2011-02-18 245760] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208] R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] R3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2012-11-16 279048] S2 0151451356539822mcinstcleanup;McAfee Application Installer Cleanup (0151451356539822); C:\WINDOWS\TEMP\015145~1.EXE -cleanup -nolog [] S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-23 136176] S2 SessionLauncher;SessionLauncher; c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-04 655624] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-23 136176] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LPDSVC;TCP/IP Print Server; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-30 115168] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 QBFCService;Intuit QuickBooks FCS; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [2009-07-23 61440] S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Two files attached Rkill 2.4.5 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/04/2013 12:43:57 PM in x86 mode. Windows Version: Microsoft Windows XP Service Pack 3 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 01/04/2013 12:45:13 PM Execution time: 0 hours(s), 1 minute(s), and 16 seconds(s) DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 7.0.6000.17115 BrowserJavaVersion: 10.9.2 Run by Mark at 12:46:29 on 2013-01-04 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3037.1901 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Disabled* . ============== Running Processes ================ . C:\Program Files\Dell\DellDock\DockLogin.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files\BUFFALO\NASNAVI\nassvc.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Synology\Assistant\UsbClientService.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell\DellDock\DellDock.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe C:\Program Files\BUFFALO\NASNAVI\nassche.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\Program Files\Synology\Assistant\DSAssistant.exe C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgr.exe C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\PROGRA~1\Intuit\QUICKB~1\dbextclr11.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.live.com uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120627111946.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [AdobeBridge] <no file> mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [Desktop Disc Tool] "c:\program files\roxio\roxio burn\RoxioBurnLauncher.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\docume~1\mark\startm~1\programs\startup\buffal~1.lnk - c:\program files\buffalo\nasnavi\NasNavi.exe StartupFolder: c:\docume~1\mark\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe StartupFolder: c:\docume~1\mark\startm~1\programs\startup\nassch~1.lnk - c:\program files\buffalo\nasnavi\nassche.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2011\QBW32.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D7522808-F9B6-49CD-85A3-814533D3A0A4} : DHCPNameServer = 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - c:\program files\intuit\quickbooks 2011\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Notify: igfxcui - igfxdev.dll SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\mark\application data\mozilla\firefox\profiles\g3lri5gy.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - ExtSQL: 2012-12-06 12:45; amznUWL2@amazon.com; c:\documents and settings\mark\application data\mozilla\firefox\profiles\g3lri5gy.default\extensions\amznUWL2@amazon.com.xpi FF - ExtSQL: !HIDDEN! 2010-03-02 13:33; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-28 565352] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-28 91168] R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784] R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784] R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-28 203400] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-28 168880] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-28 167344] R2 NasPmService;NAS PM Service;c:\program files\buffalo\nasnavi\nassvc.exe -service_execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 --> c:\program files\buffalo\nasnavi\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 [?] R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2012-3-9 1248256] R2 UsbClientService;UsbClientService;c:\program files\synology\assistant\UsbClientService.exe [2011-2-18 245760] R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [2011-2-18 46304] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-28 60480] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-28 234824] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-28 65488] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-28 362640] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-13 84432] S2 0151451356539822mcinstcleanup;McAfee Application Installer Cleanup (0151451356539822);c:\windows\temp\015145~1.exe -cleanup -nolog --> c:\windows\temp\015145~1.EXE -cleanup -nolog [?] S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?] S3 cpuz134;cpuz134;\??\c:\docume~1\mark\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\mark\locals~1\temp\cpuz134\cpuz134_x32.sys [?] S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-10-27 146872] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-13 84432] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-28 92192] S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2009-6-26 1124848] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] . =============== File Associations =============== . FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs5\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-01-03 19:28:47 -------- d-----w- c:\windows\system32\wbem\repository\FS 2013-01-03 19:28:47 -------- d-----w- c:\windows\system32\wbem\Repository 2012-12-13 23:19:07 84432 ----a-w- c:\windows\system32\drivers\mfendisk.sys 2012-12-13 17:20:31 73696 ----a-w- c:\program files\mozilla firefox\updated\breakpadinjector.dll 2012-12-13 17:20:31 261600 ----a-w- c:\program files\mozilla firefox\updated\components\browsercomps.dll 2012-12-13 17:20:31 18912 ----a-w- c:\program files\mozilla firefox\updated\AccessibleMarshal.dll . ==================== Find3M ==================== . 2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-12-12 19:09:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-12 19:09:40 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-13 11:20:36 1875456 ----a-w- c:\windows\system32\win32k.sys 2012-11-09 11:56:16 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys 2012-11-09 11:53:02 91168 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys 2012-11-09 11:52:22 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-11-09 11:52:12 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-11-09 11:51:12 565352 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-11-09 11:50:20 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2012-11-09 11:50:00 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2012-11-09 11:49:40 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-11-09 11:49:10 132912 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll 2012-11-01 03:30:04 832512 ----a-w- c:\windows\system32\wininet.dll 2012-11-01 03:30:04 78336 ----a-w- c:\windows\system32\ieencode.dll 2012-11-01 03:30:04 1830912 ------w- c:\windows\system32\inetcpl.cpl 2012-11-01 03:30:04 17408 ----a-w- c:\windows\system32\corpol.dll . ============= FINISH: 12:47:44.98 ===============

Computer restarted to install an update. Desktop is blank, and there is nothing in the desktop folder on the c drive for that user.