Sha

Thank you so much for all your help on this one, Maurice. I'm sure you hear it all the time but what you guys do here is absolutely amazing. I shall be in touch if any issues arise. Thank you again and enjoy the rest of your weekend. Cheers

My music seems to be playing a lot better now. It was jumping constantly before, does not seem to do that now. I will continue to observe it as I use it more.

MBAM log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.23.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Sasha Gilby :: SHA [administrator] 23/06/2012 9:46:47 PM mbam-log-2012-06-23 (21-46-47).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 200510 Time elapsed: 7 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Hi Maurice, I have completed all the other steps and attach the logs below: aswMBR log: aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-06-22 20:24:14 ----------------------------- 20:24:14.390 OS Version: Windows 5.1.2600 Service Pack 3 20:24:14.390 Number of processors: 1 586 0x5F02 20:24:14.390 ComputerName: SHA UserName: 20:24:15.078 Initialize success 20:51:41.015 AVAST engine defs: 12062200 20:58:29.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e 20:58:29.390 Disk 0 Vendor: WDC_WD800JD-22MSA1 10.01E01 Size: 76319MB BusType: 3 20:58:29.390 Disk 0 MBR read successfully 20:58:29.390 Disk 0 MBR scan 20:58:29.421 Disk 0 Windows XP default MBR code 20:58:29.421 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63 20:58:29.421 Disk 0 scanning sectors +156296385 20:58:29.500 Disk 0 scanning C:\WINDOWS\system32\drivers 20:58:45.703 Service scanning 20:59:02.515 Modules scanning 20:59:08.078 Scan finished successfully 20:59:37.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sasha Gilby\Desktop\MBR.dat" 20:59:37.281 The log file has been saved successfully to "C:\Documents and Settings\Sasha Gilby\Desktop\aswMBR.txt"

Hi Maurice, I have tried three times now to run the Dr Web scan - each time it has 'encountered an error' and has had to close. What would you like me to do?

I have gone ahead and reactivated Spybot's Teatimer and AVG. Please let me know if I'm to keep these deactivated. Cheers

TDSSKiller log: 17:27:24.0500 2788 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 17:27:25.0531 2788 ============================================================ 17:27:25.0531 2788 Current date / time: 2012/06/22 17:27:25.0531 17:27:25.0531 2788 SystemInfo: 17:27:25.0531 2788 17:27:25.0531 2788 OS Version: 5.1.2600 ServicePack: 3.0 17:27:25.0531 2788 Product type: Workstation 17:27:25.0531 2788 ComputerName: SHA 17:27:25.0531 2788 Windows directory: C:\WINDOWS 17:27:25.0531 2788 System windows directory: C:\WINDOWS 17:27:25.0531 2788 Processor architecture: Intel x86 17:27:25.0531 2788 Number of processors: 1 17:27:25.0531 2788 Page size: 0x1000 17:27:25.0531 2788 Boot type: Normal boot 17:27:25.0531 2788 ============================================================ 17:27:27.0265 2788 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 17:27:27.0265 2788 ============================================================ 17:27:27.0265 2788 \Device\Harddisk0\DR0: 17:27:27.0265 2788 MBR partitions: 17:27:27.0265 2788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482 17:27:27.0265 2788 ============================================================ 17:27:27.0562 2788 C: <-> \Device\Harddisk0\DR0\Partition0 17:27:27.0562 2788 ============================================================ 17:27:27.0562 2788 Initialize success 17:27:27.0562 2788 ============================================================ 17:27:45.0703 2080 ============================================================ 17:27:45.0703 2080 Scan started 17:27:45.0703 2080 Mode: Manual; 17:27:45.0703 2080 ============================================================ 17:27:45.0937 2080 Abiosdsk - ok 17:27:45.0937 2080 abp480n5 - ok 17:27:46.0000 2080 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 17:27:46.0000 2080 ACPI - ok 17:27:46.0046 2080 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 17:27:46.0062 2080 ACPIEC - ok 17:27:46.0109 2080 ADIHdAudAddService (d392183cc5379e302e50ceba635248eb) C:\WINDOWS\system32\drivers\ADIHdAud.sys 17:27:46.0109 2080 ADIHdAudAddService - ok 17:27:46.0187 2080 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 17:27:46.0234 2080 AdobeFlashPlayerUpdateSvc - ok 17:27:46.0250 2080 adpu160m - ok 17:27:46.0265 2080 AEAudioService (9f59ae2de835641fbb0c6afd80d8fa9b) C:\WINDOWS\system32\drivers\AEAudio.sys 17:27:46.0265 2080 AEAudioService - ok 17:27:46.0312 2080 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 17:27:46.0328 2080 aec - ok 17:27:46.0375 2080 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 17:27:46.0375 2080 AFD - ok 17:27:46.0375 2080 Aha154x - ok 17:27:46.0390 2080 aic78u2 - ok 17:27:46.0406 2080 aic78xx - ok 17:27:46.0437 2080 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll 17:27:46.0437 2080 Alerter - ok 17:27:46.0468 2080 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe 17:27:46.0468 2080 ALG - ok 17:27:46.0484 2080 AliIde - ok 17:27:46.0500 2080 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 17:27:46.0500 2080 AmdK8 - ok 17:27:46.0500 2080 amsint - ok 17:27:46.0625 2080 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:27:46.0640 2080 Apple Mobile Device - ok 17:27:46.0640 2080 AppMgmt - ok 17:27:46.0656 2080 asc - ok 17:27:46.0656 2080 asc3350p - ok 17:27:46.0671 2080 asc3550 - ok 17:27:46.0765 2080 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 17:27:46.0796 2080 aspnet_state - ok 17:27:46.0843 2080 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 17:27:46.0843 2080 AsyncMac - ok 17:27:46.0875 2080 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 17:27:46.0875 2080 atapi - ok 17:27:46.0890 2080 Atdisk - ok 17:27:46.0953 2080 atksgt (3c4b9850a2631c2263507400d029057b) C:\WINDOWS\system32\DRIVERS\atksgt.sys 17:27:46.0968 2080 atksgt - ok 17:27:47.0000 2080 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 17:27:47.0000 2080 Atmarpc - ok 17:27:47.0062 2080 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll 17:27:47.0062 2080 AudioSrv - ok 17:27:47.0109 2080 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 17:27:47.0109 2080 audstub - ok 17:27:47.0234 2080 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe 17:27:47.0250 2080 AVG Security Toolbar Service - ok 17:27:47.0312 2080 avg8emc (b9ae3c63a53396cd669ef8ae9c9cbd85) C:\PROGRA~1\AVG\AVG8\avgemc.exe 17:27:47.0343 2080 avg8emc - ok 17:27:47.0406 2080 avg8wd (db338a6bd3976904eb0f8343f51e64eb) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 17:27:47.0421 2080 avg8wd - ok 17:27:47.0484 2080 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys 17:27:47.0484 2080 AvgLdx86 - ok 17:27:47.0531 2080 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys 17:27:47.0531 2080 AvgMfx86 - ok 17:27:47.0578 2080 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys 17:27:47.0578 2080 AvgTdiX - ok 17:27:47.0625 2080 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 17:27:47.0625 2080 Beep - ok 17:27:47.0687 2080 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll 17:27:47.0765 2080 BITS - ok 17:27:47.0859 2080 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 17:27:47.0875 2080 Bonjour Service - ok 17:27:47.0921 2080 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll 17:27:47.0921 2080 Browser - ok 17:27:47.0968 2080 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 17:27:47.0968 2080 cbidf2k - ok 17:27:47.0984 2080 cd20xrnt - ok 17:27:48.0031 2080 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 17:27:48.0031 2080 Cdaudio - ok 17:27:48.0078 2080 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 17:27:48.0078 2080 Cdfs - ok 17:27:48.0093 2080 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 17:27:48.0109 2080 Cdrom - ok 17:27:48.0109 2080 Changer - ok 17:27:48.0156 2080 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe 17:27:48.0156 2080 CiSvc - ok 17:27:48.0187 2080 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe 17:27:48.0187 2080 ClipSrv - ok 17:27:48.0281 2080 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:27:48.0343 2080 clr_optimization_v2.0.50727_32 - ok 17:27:48.0359 2080 CmdIde - ok 17:27:48.0359 2080 COMSysApp - ok 17:27:48.0375 2080 Cpqarray - ok 17:27:48.0421 2080 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll 17:27:48.0421 2080 CryptSvc - ok 17:27:48.0421 2080 dac2w2k - ok 17:27:48.0437 2080 dac960nt - ok 17:27:48.0500 2080 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll 17:27:48.0500 2080 DcomLaunch - ok 17:27:48.0546 2080 dgderdrv (3be1651c63954067940e7f473498ad70) C:\WINDOWS\system32\drivers\dgderdrv.sys 17:27:48.0546 2080 dgderdrv - ok 17:27:48.0609 2080 dgdersvc (10b8f89d146d0e20b1284d47bb4ec6c9) C:\WINDOWS\system32\dgdersvc.exe 17:27:48.0609 2080 dgdersvc - ok 17:27:48.0656 2080 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll 17:27:48.0656 2080 Dhcp - ok 17:27:48.0687 2080 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 17:27:48.0703 2080 Disk - ok 17:27:48.0703 2080 dmadmin - ok 17:27:48.0765 2080 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 17:27:48.0796 2080 dmboot - ok 17:27:48.0828 2080 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 17:27:48.0843 2080 dmio - ok 17:27:48.0859 2080 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 17:27:48.0875 2080 dmload - ok 17:27:48.0906 2080 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll 17:27:48.0906 2080 dmserver - ok 17:27:48.0937 2080 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 17:27:48.0937 2080 DMusic - ok 17:27:48.0968 2080 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll 17:27:48.0968 2080 Dnscache - ok 17:27:49.0031 2080 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll 17:27:49.0031 2080 Dot3svc - ok 17:27:49.0046 2080 dpti2o - ok 17:27:49.0062 2080 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 17:27:49.0062 2080 drmkaud - ok 17:27:49.0109 2080 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll 17:27:49.0109 2080 EapHost - ok 17:27:49.0156 2080 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll 17:27:49.0156 2080 ERSvc - ok 17:27:49.0203 2080 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 17:27:49.0203 2080 Eventlog - ok 17:27:49.0281 2080 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll 17:27:49.0281 2080 EventSystem - ok 17:27:49.0328 2080 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 17:27:49.0328 2080 Fastfat - ok 17:27:49.0390 2080 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 17:27:49.0390 2080 FastUserSwitchingCompatibility - ok 17:27:49.0406 2080 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 17:27:49.0406 2080 Fdc - ok 17:27:49.0421 2080 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 17:27:49.0421 2080 Fips - ok 17:27:49.0546 2080 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 17:27:49.0609 2080 FLEXnet Licensing Service - ok 17:27:49.0656 2080 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 17:27:49.0656 2080 Flpydisk - ok 17:27:49.0703 2080 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 17:27:49.0703 2080 FltMgr - ok 17:27:49.0859 2080 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 17:27:49.0859 2080 FontCache3.0.0.0 - ok 17:27:49.0921 2080 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS 17:27:49.0921 2080 FsUsbExDisk - ok 17:27:49.0984 2080 FsUsbExService (f96c429788350db4ba6771c3034dfd88) C:\WINDOWS\system32\FsUsbExService.Exe 17:27:49.0984 2080 FsUsbExService - ok 17:27:50.0046 2080 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:27:50.0046 2080 Fs_Rec - ok 17:27:50.0078 2080 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 17:27:50.0093 2080 Ftdisk - ok 17:27:50.0125 2080 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 17:27:50.0125 2080 GEARAspiWDM - ok 17:27:50.0156 2080 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 17:27:50.0156 2080 Gpc - ok 17:27:50.0218 2080 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 17:27:50.0218 2080 gupdate - ok 17:27:50.0218 2080 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe 17:27:50.0234 2080 gupdatem - ok 17:27:50.0281 2080 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 17:27:50.0281 2080 gusvc - ok 17:27:50.0328 2080 HdAudAddService (f58d2900c66a1e773e3375098e0e9337) C:\WINDOWS\system32\drivers\HdAudio.sys 17:27:50.0343 2080 HdAudAddService - ok 17:27:50.0359 2080 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 17:27:50.0375 2080 HDAudBus - ok 17:27:50.0421 2080 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 17:27:50.0421 2080 helpsvc - ok 17:27:50.0468 2080 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll 17:27:50.0468 2080 HidServ - ok 17:27:50.0500 2080 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 17:27:50.0500 2080 HidUsb - ok 17:27:50.0546 2080 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll 17:27:50.0546 2080 hkmsvc - ok 17:27:50.0562 2080 hpn - ok 17:27:50.0609 2080 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 17:27:50.0656 2080 HTTP - ok 17:27:50.0718 2080 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll 17:27:50.0718 2080 HTTPFilter - ok 17:27:50.0718 2080 i2omgmt - ok 17:27:50.0734 2080 i2omp - ok 17:27:50.0750 2080 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 17:27:50.0750 2080 i8042prt - ok 17:27:50.0812 2080 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 17:27:50.0828 2080 IDriverT - ok 17:27:50.0906 2080 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:27:50.0937 2080 idsvc - ok 17:27:50.0984 2080 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 17:27:50.0984 2080 Imapi - ok 17:27:51.0046 2080 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe 17:27:51.0046 2080 ImapiService - ok 17:27:51.0062 2080 ini910u - ok 17:27:51.0078 2080 IntelIde - ok 17:27:51.0109 2080 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 17:27:51.0109 2080 Ip6Fw - ok 17:27:51.0156 2080 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:27:51.0156 2080 IpFilterDriver - ok 17:27:51.0171 2080 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 17:27:51.0171 2080 IpInIp - ok 17:27:51.0203 2080 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 17:27:51.0203 2080 IpNat - ok 17:27:51.0328 2080 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe 17:27:51.0359 2080 iPod Service - ok 17:27:51.0406 2080 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 17:27:51.0421 2080 IPSec - ok 17:27:51.0437 2080 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 17:27:51.0437 2080 IRENUM - ok 17:27:51.0468 2080 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 17:27:51.0468 2080 isapnp - ok 17:27:51.0593 2080 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe 17:27:51.0593 2080 JavaQuickStarterService - ok 17:27:51.0640 2080 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 17:27:51.0640 2080 Kbdclass - ok 17:27:51.0687 2080 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 17:27:51.0703 2080 kbdhid - ok 17:27:51.0718 2080 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 17:27:51.0718 2080 kmixer - ok 17:27:51.0781 2080 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 17:27:51.0781 2080 KSecDD - ok 17:27:51.0843 2080 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll 17:27:51.0843 2080 lanmanserver - ok 17:27:51.0875 2080 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll 17:27:51.0890 2080 lanmanworkstation - ok 17:27:51.0890 2080 lbrtfdc - ok 17:27:51.0953 2080 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys 17:27:51.0953 2080 lirsgt - ok 17:27:51.0968 2080 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll 17:27:51.0984 2080 LmHosts - ok 17:27:52.0015 2080 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys 17:27:52.0015 2080 mbamchameleon - ok 17:27:52.0046 2080 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll 17:27:52.0046 2080 Messenger - ok 17:27:52.0093 2080 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 17:27:52.0093 2080 mnmdd - ok 17:27:52.0125 2080 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe 17:27:52.0125 2080 mnmsrvc - ok 17:27:52.0171 2080 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 17:27:52.0171 2080 Modem - ok 17:27:52.0187 2080 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 17:27:52.0187 2080 Mouclass - ok 17:27:52.0234 2080 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 17:27:52.0234 2080 mouhid - ok 17:27:52.0265 2080 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 17:27:52.0265 2080 MountMgr - ok 17:27:52.0328 2080 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 17:27:52.0328 2080 MozillaMaintenance - ok 17:27:52.0328 2080 mraid35x - ok 17:27:52.0375 2080 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 17:27:52.0390 2080 MRxDAV - ok 17:27:52.0437 2080 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:27:52.0453 2080 MRxSmb - ok 17:27:52.0515 2080 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe 17:27:52.0515 2080 MSDTC - ok 17:27:52.0531 2080 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 17:27:52.0531 2080 Msfs - ok 17:27:52.0546 2080 MSIServer - ok 17:27:52.0578 2080 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:27:52.0578 2080 MSKSSRV - ok 17:27:52.0609 2080 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:27:52.0609 2080 MSPCLOCK - ok 17:27:52.0640 2080 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 17:27:52.0640 2080 MSPQM - ok 17:27:52.0703 2080 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 17:27:52.0703 2080 mssmbios - ok 17:27:52.0750 2080 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys 17:27:52.0750 2080 MTsensor - ok 17:27:52.0812 2080 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 17:27:52.0812 2080 Mup - ok 17:27:52.0906 2080 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll 17:27:52.0921 2080 napagent - ok 17:27:52.0968 2080 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 17:27:52.0968 2080 NDIS - ok 17:27:53.0031 2080 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:27:53.0031 2080 NdisTapi - ok 17:27:53.0078 2080 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:27:53.0078 2080 Ndisuio - ok 17:27:53.0125 2080 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:27:53.0125 2080 NdisWan - ok 17:27:53.0187 2080 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 17:27:53.0187 2080 NDProxy - ok 17:27:53.0234 2080 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 17:27:53.0234 2080 NetBIOS - ok 17:27:53.0296 2080 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 17:27:53.0296 2080 NetBT - ok 17:27:53.0343 2080 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 17:27:53.0343 2080 NetDDE - ok 17:27:53.0359 2080 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 17:27:53.0359 2080 NetDDEdsdm - ok 17:27:53.0390 2080 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 17:27:53.0406 2080 Netlogon - ok 17:27:53.0453 2080 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll 17:27:53.0453 2080 Netman - ok 17:27:53.0625 2080 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:27:53.0625 2080 NetTcpPortSharing - ok 17:27:53.0656 2080 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll 17:27:53.0656 2080 Nla - ok 17:27:53.0671 2080 nmwcd - ok 17:27:53.0687 2080 nmwcdc - ok 17:27:53.0703 2080 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 17:27:53.0703 2080 Npfs - ok 17:27:53.0750 2080 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 17:27:53.0796 2080 Ntfs - ok 17:27:53.0812 2080 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 17:27:53.0812 2080 NtLmSsp - ok 17:27:53.0875 2080 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll 17:27:53.0921 2080 NtmsSvc - ok 17:27:53.0953 2080 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 17:27:53.0953 2080 Null - ok 17:27:54.0125 2080 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 17:27:54.0296 2080 nv - ok 17:27:54.0390 2080 NVENETFD (75da3510f311db3ba72378352ef848be) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 17:27:54.0390 2080 NVENETFD - ok 17:27:54.0437 2080 nvnetbus (84c71701fcea84d7f03e61039fe41b4a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 17:27:54.0437 2080 nvnetbus - ok 17:27:54.0453 2080 NVSvc (0febe37db6650faa5965c00545009d1d) C:\WINDOWS\system32\nvsvc32.exe 17:27:54.0453 2080 NVSvc - ok 17:27:54.0500 2080 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 17:27:54.0500 2080 NwlnkFlt - ok 17:27:54.0515 2080 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 17:27:54.0515 2080 NwlnkFwd - ok 17:27:54.0609 2080 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:27:54.0609 2080 ose - ok 17:27:54.0656 2080 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 17:27:54.0656 2080 Parport - ok 17:27:54.0703 2080 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 17:27:54.0703 2080 PartMgr - ok 17:27:54.0765 2080 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 17:27:54.0765 2080 ParVdm - ok 17:27:54.0796 2080 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys 17:27:54.0812 2080 pccsmcfd - ok 17:27:54.0828 2080 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 17:27:54.0828 2080 PCI - ok 17:27:54.0843 2080 PCIDump - ok 17:27:54.0890 2080 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 17:27:54.0890 2080 PCIIde - ok 17:27:54.0937 2080 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 17:27:54.0937 2080 Pcmcia - ok 17:27:54.0953 2080 PDCOMP - ok 17:27:54.0953 2080 PDFRAME - ok 17:27:54.0968 2080 PDRELI - ok 17:27:54.0968 2080 PDRFRAME - ok 17:27:54.0984 2080 perc2 - ok 17:27:54.0984 2080 perc2hib - ok 17:27:55.0046 2080 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 17:27:55.0046 2080 PlugPlay - ok 17:27:55.0093 2080 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 17:27:55.0093 2080 PolicyAgent - ok 17:27:55.0140 2080 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 17:27:55.0140 2080 PptpMiniport - ok 17:27:55.0156 2080 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 17:27:55.0171 2080 Processor - ok 17:27:55.0171 2080 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 17:27:55.0171 2080 ProtectedStorage - ok 17:27:55.0187 2080 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 17:27:55.0187 2080 PSched - ok 17:27:55.0218 2080 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 17:27:55.0218 2080 Ptilink - ok 17:27:55.0234 2080 ql1080 - ok 17:27:55.0250 2080 Ql10wnt - ok 17:27:55.0250 2080 ql12160 - ok 17:27:55.0265 2080 ql1240 - ok 17:27:55.0265 2080 ql1280 - ok 17:27:55.0296 2080 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:27:55.0296 2080 RasAcd - ok 17:27:55.0343 2080 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll 17:27:55.0343 2080 RasAuto - ok 17:27:55.0375 2080 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 17:27:55.0375 2080 Rasl2tp - ok 17:27:55.0421 2080 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll 17:27:55.0421 2080 RasMan - ok 17:27:55.0453 2080 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:27:55.0453 2080 RasPppoe - ok 17:27:55.0453 2080 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 17:27:55.0468 2080 Raspti - ok 17:27:55.0515 2080 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:27:55.0515 2080 Rdbss - ok 17:27:55.0531 2080 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 17:27:55.0531 2080 RDPCDD - ok 17:27:55.0578 2080 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys 17:27:55.0593 2080 RDPWD - ok 17:27:55.0640 2080 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe 17:27:55.0640 2080 RDSessMgr - ok 17:27:55.0656 2080 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 17:27:55.0671 2080 redbook - ok 17:27:55.0703 2080 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll 17:27:55.0703 2080 RemoteAccess - ok 17:27:55.0750 2080 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys 17:27:55.0750 2080 ROOTMODEM - ok 17:27:55.0781 2080 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe 17:27:55.0781 2080 RpcLocator - ok 17:27:55.0812 2080 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll 17:27:55.0812 2080 RpcSs - ok 17:27:55.0859 2080 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe 17:27:55.0859 2080 RSVP - ok 17:27:55.0875 2080 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 17:27:55.0875 2080 SamSs - ok 17:27:55.0921 2080 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe 17:27:55.0921 2080 SCardSvr - ok 17:27:55.0968 2080 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll 17:27:55.0968 2080 Schedule - ok 17:27:56.0015 2080 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 17:27:56.0015 2080 Secdrv - ok 17:27:56.0062 2080 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll 17:27:56.0062 2080 seclogon - ok 17:27:56.0125 2080 SenFiltService (f22e6dd1d2cf71b77119eead1b3fc79d) C:\WINDOWS\system32\drivers\Senfilt.sys 17:27:56.0140 2080 SenFiltService - ok 17:27:56.0187 2080 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll 17:27:56.0187 2080 SENS - ok 17:27:56.0218 2080 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 17:27:56.0218 2080 serenum - ok 17:27:56.0250 2080 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 17:27:56.0250 2080 Serial - ok 17:27:56.0390 2080 ServiceLayer (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 17:27:56.0437 2080 ServiceLayer - ok 17:27:56.0453 2080 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 17:27:56.0468 2080 Sfloppy - ok 17:27:56.0515 2080 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll 17:27:56.0531 2080 SharedAccess - ok 17:27:56.0578 2080 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 17:27:56.0593 2080 ShellHWDetection - ok 17:27:56.0593 2080 Simbad - ok 17:27:56.0640 2080 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 17:27:56.0656 2080 SONYPVU1 - ok 17:27:56.0656 2080 Sparrow - ok 17:27:56.0671 2080 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 17:27:56.0671 2080 splitter - ok 17:27:56.0718 2080 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 17:27:56.0718 2080 Spooler - ok 17:27:56.0734 2080 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 17:27:56.0734 2080 sr - ok 17:27:56.0781 2080 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll 17:27:56.0781 2080 srservice - ok 17:27:56.0828 2080 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 17:27:56.0875 2080 Srv - ok 17:27:56.0937 2080 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys 17:27:56.0937 2080 ssadbus - ok 17:27:56.0968 2080 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys 17:27:56.0968 2080 ssadmdfl - ok 17:27:56.0984 2080 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys 17:27:56.0984 2080 ssadmdm - ok 17:27:57.0031 2080 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll 17:27:57.0031 2080 SSDPSRV - ok 17:27:57.0093 2080 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll 17:27:57.0093 2080 stisvc - ok 17:27:57.0156 2080 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 17:27:57.0156 2080 swenum - ok 17:27:57.0171 2080 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 17:27:57.0171 2080 swmidi - ok 17:27:57.0187 2080 SwPrv - ok 17:27:57.0187 2080 symc810 - ok 17:27:57.0203 2080 symc8xx - ok 17:27:57.0218 2080 sym_hi - ok 17:27:57.0218 2080 sym_u3 - ok 17:27:57.0234 2080 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 17:27:57.0234 2080 sysaudio - ok 17:27:57.0250 2080 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe 17:27:57.0250 2080 SysmonLog - ok 17:27:57.0281 2080 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll 17:27:57.0281 2080 TapiSrv - ok 17:27:57.0343 2080 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:27:57.0390 2080 Tcpip - ok 17:27:57.0437 2080 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 17:27:57.0437 2080 TDPIPE - ok 17:27:57.0484 2080 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 17:27:57.0484 2080 TDTCP - ok 17:27:57.0531 2080 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 17:27:57.0531 2080 TermDD - ok 17:27:57.0562 2080 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll 17:27:57.0562 2080 TermService - ok 17:27:57.0593 2080 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 17:27:57.0609 2080 Themes - ok 17:27:57.0609 2080 TosIde - ok 17:27:57.0640 2080 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll 17:27:57.0640 2080 TrkWks - ok 17:27:57.0671 2080 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 17:27:57.0687 2080 Udfs - ok 17:27:57.0687 2080 ultra - ok 17:27:57.0750 2080 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 17:27:57.0765 2080 Update - ok 17:27:57.0781 2080 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll 17:27:57.0781 2080 upnphost - ok 17:27:57.0812 2080 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe 17:27:57.0812 2080 UPS - ok 17:27:57.0859 2080 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 17:27:57.0859 2080 USBAAPL - ok 17:27:57.0921 2080 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 17:27:57.0921 2080 usbccgp - ok 17:27:57.0953 2080 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 17:27:57.0953 2080 usbehci - ok 17:27:57.0968 2080 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 17:27:57.0968 2080 usbhub - ok 17:27:58.0000 2080 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 17:27:58.0000 2080 usbohci - ok 17:27:58.0015 2080 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 17:27:58.0015 2080 usbscan - ok 17:27:58.0046 2080 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 17:27:58.0046 2080 USBSTOR - ok 17:27:58.0078 2080 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 17:27:58.0078 2080 VgaSave - ok 17:27:58.0078 2080 ViaIde - ok 17:27:58.0093 2080 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 17:27:58.0093 2080 VolSnap - ok 17:27:58.0156 2080 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe 17:27:58.0187 2080 VSS - ok 17:27:58.0375 2080 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe 17:27:58.0437 2080 vToolbarUpdater11.1.0 - ok 17:27:58.0500 2080 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll 17:27:58.0515 2080 W32Time - ok 17:27:58.0578 2080 W8335XP (7455b3c11a1d6a844b53febdb58646e9) C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys 17:27:58.0625 2080 W8335XP - ok 17:27:58.0671 2080 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:27:58.0671 2080 Wanarp - ok 17:27:58.0734 2080 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys 17:27:58.0765 2080 Wdf01000 - ok 17:27:58.0781 2080 WDICA - ok 17:27:58.0796 2080 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 17:27:58.0812 2080 wdmaud - ok 17:27:58.0859 2080 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll 17:27:58.0859 2080 WebClient - ok 17:27:58.0968 2080 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll 17:27:58.0968 2080 winmgmt - ok 17:27:59.0015 2080 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 17:27:59.0031 2080 WmdmPmSN - ok 17:27:59.0062 2080 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe 17:27:59.0078 2080 WmiApSrv - ok 17:27:59.0171 2080 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe 17:27:59.0187 2080 WMPNetworkSvc - ok 17:27:59.0203 2080 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 17:27:59.0203 2080 WpdUsb - ok 17:27:59.0234 2080 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 17:27:59.0234 2080 WS2IFSL - ok 17:27:59.0281 2080 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll 17:27:59.0296 2080 wscsvc - ok 17:27:59.0343 2080 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll 17:27:59.0359 2080 wuauserv - ok 17:27:59.0406 2080 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 17:27:59.0421 2080 WudfPf - ok 17:27:59.0437 2080 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 17:27:59.0453 2080 WudfRd - ok 17:27:59.0500 2080 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll 17:27:59.0500 2080 WudfSvc - ok 17:27:59.0562 2080 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll 17:27:59.0562 2080 WZCSVC - ok 17:27:59.0609 2080 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll 17:27:59.0625 2080 xmlprov - ok 17:27:59.0640 2080 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 17:27:59.0984 2080 \Device\Harddisk0\DR0 - ok 17:27:59.0984 2080 Boot (0x1200) (86694bad516a94c6930ce71b6445749b) \Device\Harddisk0\DR0\Partition0 17:27:59.0984 2080 \Device\Harddisk0\DR0\Partition0 - ok 17:28:00.0000 2080 ============================================================ 17:28:00.0000 2080 Scan finished 17:28:00.0000 2080 ============================================================ 17:28:00.0000 3456 Detected object count: 0 17:28:00.0000 3456 Actual detected object count: 0

RogueKiller log: RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Sasha Gilby [Admin rights] Mode: DNSFix -- Date: 06/22/2012 17:21:25 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71} : NameServer (195.242.208.40) -> REPLACED () [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71} : NameServer (195.242.208.40) -> REPLACED () Finished : << RKreport[1].txt >> RKreport[1].txt

Rogue Killer log: RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Sasha Gilby [Admin rights] Mode: Scan -- Date: 06/21/2012 18:58:54 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 4 ¤¤¤ [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71} : NameServer (195.242.208.40) -> FOUND [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71} : NameServer (195.242.208.40) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD800JD-22MSA1 +++++ --- User --- [MBR] 5f426c0572073d7237873973cb24ba4d [bSP] b01414c07720749cd4e923148626ee4f : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt

Bitdefender report: QuickScan 32-bit v0.9.9.114 --------------------------- Scan date: Thu Jun 21 18:55:19 2012 Machine ID: A8DA4102 No infection found. ------------------- Processes --------- Rainlendar2 432 C:\Program Files\Rainlendar2\Rainlendar2.exe Audio Control Panel 2204 C:\Program Files\Analog Devices\SoundMAX\SMax4.exe AVG Internet Security 684 C:\Program Files\AVG\AVG8\avgcsrvx.exe AVG Internet Security 220 C:\Program Files\AVG\AVG8\avgrsx.exe AVG Internet Security 1264 C:\PROGRA~1\AVG\AVG8\avgemc.exe AVG Internet Security 3796 C:\PROGRA~1\AVG\AVG8\avgnsx.exe AVG Internet Security 3236 C:\PROGRA~1\AVG\AVG8\avgtray.exe AVG Internet Security 1736 C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe Bonjour 1760 C:\Program Files\Bonjour\mDNSResponder.exe CwService 1868 C:\WINDOWS\system32\FsUsbExService.Exe Device Error Recovery SDK 1808 C:\WINDOWS\system32\dgdersvc.exe distnoted 2728 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe Firefox 3144 C:\Program Files\Mozilla Firefox\firefox.exe Firefox 3748 C:\Program Files\Mozilla Firefox\plugin-container.exe iTunes 228 C:\Program Files\iPod\bin\iPodService.exe iTunes 2808 C:\Program Files\iTunes\iTunes.exe iTunes 2516 C:\Program Files\iTunes\iTunesHelper.exe Java Platform SE 6 U29 288 C:\Program Files\Java\jre6\bin\jqs.exe Java Platform SE Auto Updater 2 0 3676 C:\Program Files\Common Files\Java\Java Update\jusched.exe Kies TrayAgent 3232 C:\Program Files\Samsung\Kies\KiesTrayAgent.exe Microsoft® Windows® Operating System 1600 C:\WINDOWS\system32\spoolsv.exe Microsoft® Windows® Operating System 2704 C:\WINDOWS\system32\wscntfy.exe MobileDeviceHelper 3280 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe MobileDeviceService 1712 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe NetgearCUv2 Application 1784 C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe NetgearCUv2 Application 904 C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe NetgearCUv2 Application 3860 C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe NVIDIA Driver Helper Service, Version 9 420 C:\WINDOWS\system32\nvsvc32.exe QuickTime 2388 C:\Program Files\QuickTime\QTTask.exe SMax4PNP Application 1252 C:\Program Files\Analog Devices\Core\smax4pnp.exe TeaTimer.exe 2676 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ToolbarU Application 248 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe VProtect Application 3000 C:\Program Files\AVG Secure Search\vprot.exe weather_tracker.exe 2796 C:\Program Files\Weatherzone Tracker\weather_tracker.exe Windows Live Messenger 3376 C:\Program Files\Windows Live\Messenger\msnmsgr.exe (verified) GoogleToolbarNotifier 3320 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (verified) Microsoft® Windows® Operating System 520 C:\WINDOWS\explorer.exe (verified) Microsoft® Windows® Operating System 2276 C:\WINDOWS\system32\alg.exe (verified) Microsoft® Windows® Operating System 736 C:\WINDOWS\system32\csrss.exe (verified) Microsoft® Windows® Operating System 3220 C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System 816 C:\WINDOWS\system32\lsass.exe (verified) Microsoft® Windows® Operating System 804 C:\WINDOWS\system32\services.exe (verified) Microsoft® Windows® Operating System 664 C:\WINDOWS\system32\smss.exe (verified) Microsoft® Windows® Operating System 572 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1680 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1360 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1284 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1124 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1092 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1052 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 988 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 760 C:\WINDOWS\system32\winlogon.exe (verified) Windows® Internet Explorer 2776 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 876 C:\Program Files\Internet Explorer\iexplore.exe Network activity ---------------- Process avgnsx.exe (3796) connected on port 80 (HTTP) --> 74.125.237.101 Process avgnsx.exe (3796) connected on port 80 (HTTP) --> 118.215.223.139 Process avgnsx.exe (3796) connected on port 80 (HTTP) --> 74.125.237.101 Process avgnsx.exe (3796) connected on port 80 (HTTP) --> 119.252.92.8 Process avgnsx.exe (3796) connected on port 80 (HTTP) --> 119.252.92.8 Process iexplore.exe (876) listens on ports: 2921 Process svchost.exe (1052) listens on ports: 135 (RPC) Process iTunes.exe (2808) listens on ports: 3689 (iTunes) Autoruns and critical files --------------------------- Rainlendar2 C:\Program Files\Rainlendar2\Rainlendar2.exe Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe Audio Control Panel C:\Program Files\Analog Devices\SoundMAX\SMax4.exe AUTOBACK.EXE C:\Program Files\ERUNT\AUTOBACK.EXE AVG Internet Security C:\Program Files\AVG\AVG8\avgtray.exe AVG Internet Security C:\WINDOWS\system32\avgrsstx.dll iTunes C:\Program Files\iTunes\iTunesHelper.exe Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe Kies TrayAgent C:\Program Files\Samsung\Kies\KiesTrayAgent.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\HDAShCut.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\ssstars.scr Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\NvCpl.dll NVIDIA Media Center Library C:\WINDOWS\system32\NvMcTray.dll nwiz.exe C:\WINDOWS\system32\nwiz.exe QuickTime C:\Program Files\QuickTime\QTTask.exe ROC_roc_dec12.exe C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe SMax4PNP Application C:\Program Files\Analog Devices\Core\smax4pnp.exe TeaTimer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe VProtect Application C:\Program Files\AVG Secure Search\vprot.exe weather_tracker.exe C:\Program Files\Weatherzone Tracker\weather_tracker.exe Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe (verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe (verified) GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll (verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Browser plugins --------------- AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll AVG Internet Security c:\program files\avg\avg8\avgssie.dll AVG Secure Search c:\program files\avg secure search\11.1.0.7\avg secure search_toolbar.dll AVG SiteSafety plugin C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll Bonjour C:\Program Files\Bonjour\mdnsNSP.dll Facebook Photo Uploader 5 C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx Facebook Photo Uploader 5 C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx Facebook Plugin C:\Documents and Settings\Sasha Gilby\Application Data\Facebook\npfbplugin_1_0_3.dll Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll Google Update C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll Grab Pro C:\Program Files\Orbitdownloader\GrabPro.dll Java Deployment Toolkit 6.0.290.11 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll Java Platform SE 6 U29 c:\program files\java\jre6\bin\jp2ssv.dll Java Platform SE 6 U29 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll Java Platform SE 6 U29 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll NPSWF32_11_3_300_257.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll Orbitcth c:\program files\orbitdownloader\orbitcth.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin8.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll sdhelper.dll c:\program files\spybot - search & destroy\sdhelper.dll Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (verified) RealPlayer Version Plugin C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (verified) RealPlayer G2 LiveConnect-Enabled P C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll Missing files ------------- File not found: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe --> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Adobe Reader Speed Launcher" Scan ---- MD5: 11783673be7b701e673366cc03a38d91 C:\Documents and Settings\Sasha Gilby\Application Data\Facebook\npfbplugin_1_0_3.dll MD5: 956a64612d84f0ce40788c783b0f5be3 C:\Documents and Settings\Sasha Gilby\Local Settings\Temp\mProjector3565698728\File.3.1.1e.mfx MD5: 0a8c31d62ca42f44a43f04992c94b5d0 C:\Documents and Settings\Sasha Gilby\Local Settings\Temp\mProjector3565698728\Flash6MovieV2.3.1.1e.mvx MD5: 99f80ca1ebe95677668f54cac6f4ad6d C:\Documents and Settings\Sasha Gilby\Local Settings\Temp\mProjector3565698728\FlashPlayer.3.1.1e.ocx MD5: a156ba848ca29e2787c491ece147d630 C:\Documents and Settings\Sasha Gilby\Local Settings\Temp\mProjector3565698728\mPlayer.3.1.1e.dll MD5: 1c04c1968aaa760458f4ee9042f57b40 C:\Documents and Settings\Sasha Gilby\Local Settings\Temp\mProjector3565698728\Registry.3.1.1e.mfx MD5: a6ea12de7903f46b0d3142b1186bf142 C:\Documents and Settings\Sasha Gilby\Local Settings\Temp\mProjector3565698728\System.3.1.1e.mfx MD5: e0ad06be7dbec6ef843711e97080549a C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll MD5: 115332a83ac2726fa974d30db4bfd8de C:\Program Files\Analog Devices\Core\smax4pnp.exe MD5: 0af32313f692e894f8e1b5b98956ba24 C:\Program Files\Analog Devices\Core\SMWDMIF.dll MD5: f2c53b16fefd00dc79a15871a5738573 C:\Program Files\Analog Devices\SoundMAX\SMax4.exe MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe MD5: a3be8dddf02718a88b9e2aa7883c0386 c:\program files\avg secure search\11.1.0.7\avg secure search_toolbar.dll MD5: c1c525f57ea2c077efbd13a3ad06bcfd C:\Program Files\AVG Secure Search\iGearedHelper.dll MD5: d29046dc1d22561f3ce08dac22bbb17b C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe MD5: e3a45b096b68a255c814a94e6208b5c5 C:\Program Files\AVG Secure Search\vprot.exe MD5: df53d3b6c154c94d89102e81e600f906 C:\Program Files\AVG\AVG8\avgtray.exe MD5: 88dc708cfc7173465ae7ff26b3d0affb C:\Program Files\AVG\AVG8\avgwd.dll MD5: 25ba2b1efef67f89a1d35b38a56e05e1 C:\Program Files\AVG\AVG8\avgxpl.dll MD5: d45b7995761253a92ab071d576114f28 C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe MD5: c47f17aa10348d7f8cf2f8b8f04ff0b8 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll MD5: 885ba7ae8f650e7d7bcb5b966e00ddce C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll MD5: 83151cce7c35471d192d8327e3ce6d9c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: 2f9bc257e314003ff0c332583c4f36c8 C:\Program Files\Common Files\Apple\Apple Application Support\ApplePushService.dll MD5: 1f3ff6c062b311fe410ec89f6bfac213 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll MD5: 49c9bcd63390b14c7b14f56dad8daa7d C:\Program Files\Common Files\Apple\Apple Application Support\AVFoundationCF.dll MD5: 5d76c8cc87d0efbe0b4a3bef6b67ebf0 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll MD5: 6183b5113169081b986f5841ef73d489 C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll MD5: 6fe3e3a215e55c76a811b9b56a5aeb09 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll MD5: e055b583c291fa8153087295144fc89f C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll MD5: 7ae27dc9c6a4c7caacd18a5721e98618 C:\Program Files\Common Files\Apple\Apple Application Support\CoreMedia.dll MD5: 9211b90cd39502caba4f9b32d9084785 C:\Program Files\Common Files\Apple\Apple Application Support\CoreVideo.dll MD5: 7539d96a5ae8a59dab8c024a7f820514 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe MD5: 126f34ac5d9e681d06499eec0dd6679e C:\Program Files\Common Files\Apple\Apple Application Support\Foundation.dll MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll MD5: ff3fdae555c8b67857c677fd2e1b542c C:\Program Files\Common Files\Apple\Apple Application Support\JavaScriptCore.dll MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll MD5: 9b290e80e819ba56a8ec7b07249b7865 C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll MD5: 5e33c164dc7fa74728d8a83036c438bb C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MD5: 74573bd40fde60be4010941a735383c2 C:\Program Files\Common Files\Apple\Apple Application Support\MediaToolbox.dll MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll MD5: e164b0ed457403a44365adb5573970dd C:\Program Files\Common Files\Apple\Apple Application Support\QuartzCore.dll MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll MD5: f32811d226c2eab53e4337d2d26b4d69 C:\Program Files\Common Files\Apple\Apple Application Support\VideoToolbox.dll MD5: 6a3099d942d393820a36449a054f9862 C:\Program Files\Common Files\Apple\Apple Application Support\WebKit.dll MD5: edd5e0b248f0ab292a06ee6f1213a2e4 C:\Program Files\Common Files\Apple\Apple Application Support\WebKitQuartzCoreAdditions.dll MD5: 2503287bd19ae52e36e9de42834a2ac0 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MD5: ca84c2931bd2da278be015fbce5661c3 C:\Program Files\Common Files\Apple\CoreFP\CoreFP.dll MD5: 031d7d9d76180bb7e8f80b2ee74289ef C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe MD5: 292d767a51333eb202d3e2f04f9d21e5 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper_main.dll MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe MD5: 1224bc6de919f8cd8c1c945280e63852 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll MD5: 6cceffca0f4a24f7edeeb3f012146d86 C:\Program Files\Common Files\Apple\Mobile Device Support\DeviceLink.dll MD5: 06a4250c9e3606cae3f68da45702f342 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll MD5: 905b5bf5be0a86e8412801bf20357195 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll MD5: f12dae7dae01687e329129e71c12b936 C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices.dll MD5: 41ad454888c7bb4afb3e2f919d21b236 C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll MD5: 39019b19c95e78dd2d01fa0e98721122 C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll MD5: 5fa45791413acce628d5361458f32dde C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe MD5: 81f63a7037e2815b771646ce44884800 C:\Program Files\Common Files\Microsoft Shared\Speech\sapi.dll MD5: 219064ee1addebe69d969e54e6a54578 C:\Program Files\Common Files\SpeechEngines\Microsoft\spcommon.dll MD5: d5c97349855db59fb88c236278391d3a C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS\1033\spttseng.dll MD5: e00de20f0f6bed5cd2160247ddc9443b C:\Program Files\ERUNT\AUTOBACK.EXE MD5: 5b97ab550022b2783894c558fa2e1310 c:\program files\google\google toolbar\googletoolbar_32.dll MD5: e460233208906ecc0e8f057b25562f13 C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll MD5: ab3668c159e1cfea184f72650bd66807 C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll MD5: a350f4ae2450eb11d621ba0f54966e30 C:\Program Files\Internet Explorer\ieproxy.dll MD5: 3ca2dfd1ee857cde7dccf4235f52d142 C:\Program Files\Internet Explorer\pdm.dll MD5: e0ad06be7dbec6ef843711e97080549a C:\Program Files\Internet Explorer\plugins\nppdf32.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin8.dll MD5: 5a7e7d3eea5c5c497f4b008a9f869026 C:\Program Files\Internet Explorer\xpshims.dll MD5: 49918803b661367023bf325cf602afdc C:\Program Files\iPod\bin\iPodService.exe MD5: a0b7fc085b98dbbc995f6b35cb50280f C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL MD5: 9b7c7a89c8bec0a8df3dbef3291b2cf7 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL MD5: de95378a999e333c7b0f00e9f0967da2 C:\Program Files\iTunes\GNSDK_DSP.DLL MD5: 0657da79adcac2e30c4a8f4ba454b200 C:\Program Files\iTunes\GNSDK_MUSICID.DLL MD5: fd494fdadf170175d6ad33671c42846e C:\Program Files\iTunes\GNSDK_SDKMANAGER.DLL MD5: b9539f97648861223d20f929808e5fa4 C:\Program Files\iTunes\GNSDK_SUBMIT.DLL MD5: 9a4ef0946cd8c48b50c7efe98a27f8e9 C:\Program Files\iTunes\iTunes.dll MD5: 5e817f27870c2b41c5b1c53172ba6180 C:\Program Files\iTunes\iTunes.exe MD5: 823aac80822289f567b2817d63645e99 C:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.DLL MD5: 47a17a9ecd71385ef8b2d660194abc51 C:\Program Files\iTunes\iTunes.Resources\iTunes.DLL MD5: 08d1c8cd02c5702e6a24b1b5685abd4d C:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.DLL MD5: e4ce6c4ae730e0ec87fc5da4cd1946ad C:\Program Files\iTunes\iTunesHelper.dll MD5: 0dcac41eb58a45049bd7ff665c32d5f4 C:\Program Files\iTunes\iTunesHelper.exe MD5: e7be61eb1bde3921ff0cdd24f1535332 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL MD5: 93a67ad03fd9c2286a4a5ad9a67f381a C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL MD5: 64151c0799431e0304ae1bd6202131a7 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll MD5: dc365b6e595683f67bc21a203432e336 c:\program files\java\jre6\bin\jp2ssv.dll MD5: 381b25dc8e958d905b33130d500bbf29 C:\Program Files\Java\jre6\bin\jqs.exe MD5: 1e96525ae85d402f9f8047f8caef5f06 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll MD5: e3a7850421a4ab8b15fc174eb587bc6b c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe MD5: 711a2e6a55ec7bfd59b5f649d58b704b c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll MD5: 76e47408f544b70a0de4590f7bf8ac77 C:\Program Files\Mozilla Firefox\components\browsercomps.dll MD5: d3c0837346c49095b8af9ef54ad7e90a C:\Program Files\Mozilla Firefox\firefox.exe MD5: ae383d208b896d17c5201d1f156353cb C:\Program Files\Mozilla Firefox\freebl3.dll MD5: 3551fb8621274bc451356eff70ecc2dc C:\Program Files\Mozilla Firefox\gkmedias.dll MD5: 16c1297d836ad87a53dd6ab69bc7b570 C:\Program Files\Mozilla Firefox\mozalloc.dll MD5: 3de755a30d131be8671a638d5c0e898d C:\Program Files\Mozilla Firefox\mozglue.dll MD5: a013b3ad1626c27fdccbe27f9eac3d7a C:\Program Files\Mozilla Firefox\mozjs.dll MD5: c09ac580bf42e84b0cb3f2fa73382fef C:\Program Files\Mozilla Firefox\mozsqlite3.dll MD5: 03e9314004f504a14a61c3d364b62f66 C:\Program Files\Mozilla Firefox\MSVCP100.dll MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Mozilla Firefox\MSVCR100.dll MD5: a0f448a3aedad420b13866355f538b61 C:\Program Files\Mozilla Firefox\nspr4.dll MD5: 9f58b16676ff68ab0ffc618078f83725 C:\Program Files\Mozilla Firefox\nss3.dll MD5: 2cc8aa20e1132b362daac938098a7d2e C:\Program Files\Mozilla Firefox\nssckbi.dll MD5: 3e4fc76314f0dd59946552d0b19bcc2b C:\Program Files\Mozilla Firefox\nssdbm3.dll MD5: 06d12d2cc88f7c6228f28bac0aa9b716 C:\Program Files\Mozilla Firefox\nssutil3.dll MD5: a4c78c8ba7afc2b5c7b4581e8796c63d C:\Program Files\Mozilla Firefox\plc4.dll MD5: 346644d82e19dada9934504025bfa5cb C:\Program Files\Mozilla Firefox\plds4.dll MD5: 41623176fef9df3c113eaadadbb5fb42 C:\Program Files\Mozilla Firefox\plugin-container.exe MD5: 47aff25b68ce4885fec6cfdef8febb5c C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll MD5: e0ad06be7dbec6ef843711e97080549a C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll MD5: 62593d2afec7c88a61c0858c9c4e6c6e C:\Program Files\Mozilla Firefox\smime3.dll MD5: 8ea5e15de69c2acb292b1d48f00de031 C:\Program Files\Mozilla Firefox\softokn3.dll MD5: 11e885d7336bd50f3abbf0e3a5fde894 C:\Program Files\Mozilla Firefox\ssl3.dll MD5: 6d1a6c5a5d05d230c9d90c77f1a48ac2 C:\Program Files\Mozilla Firefox\xpcom.dll MD5: 86f963944a1badd1cfbc66f54e7583f1 C:\Program Files\Mozilla Firefox\xul.dll MD5: 15d5398eed42c2504bb3d4fc875c15d1 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe MD5: 3a42d0b282e2e77bb0ae744f38d1e19d C:\Program Files\NETGEAR\WG311v3\AutoLinkLib.dll MD5: adb6233be83e049d3831de09f1aa7dde C:\Program Files\NETGEAR\WG311v3\DNSAPI.dll MD5: 2241b7da7259258cdcfc6d7e10c873f6 C:\Program Files\NETGEAR\WG311v3\Mrv8000x.dll MD5: cb21d826d9c39aed19dd431c1880f5de C:\Program Files\NETGEAR\WG311v3\MSVCP60.dll MD5: 39611ab3dbb77e642c34f7d059a268e1 C:\Program Files\NETGEAR\WG311v3\odSupp_M.dll MD5: b0136786e9007fdf765126329787b454 C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe MD5: b0136786e9007fdf765126329787b454 C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe MD5: 275b68a6752431ce56ec832f3e79caa9 C:\Program Files\NETGEAR\WG311v3\WlanDll.dll MD5: 0581b85449ec91d1a62d5ad6679d4b69 C:\Program Files\Orbitdownloader\GrabKernel.dll MD5: a1dc47dc80208724eebe1d0a59a9c59b C:\Program Files\Orbitdownloader\GrabPro.dll MD5: 3f58187898dba479fd32d29ff7fc2e75 c:\program files\orbitdownloader\orbitcth.dll MD5: 697d59591bfc78a0d054f0753231151b C:\Program Files\Orbitdownloader\winfile.dll MD5: 2d841b7b7f6dec32162edfcc69d61f42 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe MD5: 8b4202ecc10d4868476fc0d62c3c0dcd C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx MD5: b4128e08c7fcb87f18c110728f326b88 C:\Program Files\QuickTime\QTSystem\QTCF.dll MD5: e58ce86d472613a7b8b76a5b9efe51e5 C:\Program Files\QuickTime\QTSystem\QuickTime.qts MD5: 29a6de9708f86cf5213890b0999b8f6f C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx MD5: f25e5e8e54b8b66f1adf931e7540c6f1 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx MD5: f7b437e5c2325ffd0277775415db74c6 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx MD5: d35d47479d7697a4ecd62d586e45da7d C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx MD5: 5eb3889c5456fe592caea9ca90e43c45 C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx MD5: e54453e9db76979c3008a59316fe53cf C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx MD5: 0e23252e5ae79967ce04eccdda405d81 C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx MD5: ac8f76f0598cbc24158537342be7b067 C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx MD5: 3c82c80920050798882882cbf3efd890 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx MD5: df5a141d3db468207b6b70b2ad122df1 C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx MD5: 385ec86178a37edec44717a86a89783e C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx MD5: 46c62c86c5b96a8fc0eea6c7c027e55d C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx MD5: 4b7bdf1690a7468aded10836ee6b5825 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx MD5: 418edb0df655f2152ca9d9855e8500bc C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx MD5: 5891edf65ef6396306958e80cc2e9f26 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx MD5: a6660592449f734ee731aca01bf06150 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx MD5: 7a29400b93a74bf55ea14e8164abc788 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx MD5: b68b7f53f6c7d4705e7f0b8fd4a57e9a C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx MD5: af43c4f7f3c8bc95dad95024f96cdc4a C:\Program Files\QuickTime\QTTask.exe MD5: 6b573665742f856b0b9f6c1491dc548d C:\Program Files\Rainlendar2\lfs.dll MD5: fc3235064d4b19910930512d47d6e947 C:\Program Files\Rainlendar2\libcurl.dll MD5: aaf99ba73e239c9119dc3c3da1a8eeed C:\Program Files\Rainlendar2\LIBEAY32.dll MD5: 010ca1ba52b7608e4fec2fe02a7e11a8 C:\Program Files\Rainlendar2\lua51.dll MD5: 966fe4f82237e86cf541ba4db389b367 C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll MD5: 98635ded2d7d265110fc861abd75c344 C:\Program Files\Rainlendar2\Rainlendar2.exe MD5: e7a8309150177c01738407fc2a1915c3 C:\Program Files\Rainlendar2\SSLEAY32.dll MD5: 952a224b34bab4517d18087589ff2aba C:\Program Files\Samsung\Kies\KiesTrayAgent.exe MD5: 390679f7a217a5e73d756276c40ae887 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe MD5: 4048115ca3cdd87b59bf2eabc2b52204 C:\Program Files\Weatherzone Tracker\weather_tracker.exe MD5: 488052996d1278dab0f2c7dcbe51ef46 C:\Program Files\Windows Live\Messenger\msnmsgr.exe MD5: f11fe030158f8ef14a56a3ea9e9bd47d C:\Program Files\WinRAR\rarext.dll MD5: df53d3b6c154c94d89102e81e600f906 C:\PROGRA~1\AVG\AVG8\avgtray.exe MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll MD5: 64416c6e07606720c1ece6dd374bdffd C:\WINDOWS\system32\CRYPT32.dll MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL MD5: 367465dd8e2bffe4c5477c86c8217e8c C:\WINDOWS\system32\dgderapi.dll MD5: 10b8f89d146d0e20b1284d47bb4ec6c9 C:\WINDOWS\system32\dgdersvc.exe MD5: 1bd976dd77b31fe0f25708ad5c1351ae C:\WINDOWS\system32\DIFXAPI.dll MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll MD5: d392183cc5379e302e50ceba635248eb C:\WINDOWS\system32\drivers\ADIHdAud.sys MD5: 9f59ae2de835641fbb0c6afd80d8fa9b C:\WINDOWS\system32\drivers\AEAudio.sys MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys MD5: 59301936898ae62245a6f09c0aba9475 C:\WINDOWS\system32\DRIVERS\AmdK8.sys MD5: 3c4b9850a2631c2263507400d029057b C:\WINDOWS\system32\DRIVERS\atksgt.sys MD5: 92d8e1e8502e649b60e70074eb29c380 C:\WINDOWS\System32\Drivers\avgtdix.sys MD5: 3be1651c63954067940e7f473498ad70 C:\WINDOWS\System32\drivers\dgderdrv.sys MD5: f58d2900c66a1e773e3375098e0e9337 C:\WINDOWS\system32\drivers\HdAudio.sys MD5: 4127e8b6ddb4090e815c1f8852c277d3 C:\WINDOWS\system32\DRIVERS\lirsgt.sys MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys MD5: ba1b732c1a70cfea0c1b64f2850bf44f C:\WINDOWS\system32\DRIVERS\nv4_mini.sys MD5: 75da3510f311db3ba72378352ef848be C:\WINDOWS\system32\DRIVERS\NVENETFD.sys MD5: 84c71701fcea84d7f03e61039fe41b4a C:\WINDOWS\system32\DRIVERS\nvnetbus.sys MD5: fd2041e9ba03db7764b2248f02475079 C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys MD5: f22e6dd1d2cf71b77119eead1b3fc79d C:\WINDOWS\system32\drivers\Senfilt.sys MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys MD5: 6d83ff6722baf7e82a4521dbec363e5a C:\WINDOWS\system32\DRIVERS\ssadbus.sys MD5: 5ae42e90f99749e0e35b9989a2d0275c C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys MD5: 9285d8aba50a4d6482b1574448f9eb76 C:\WINDOWS\system32\DRIVERS\ssadmdm.sys MD5: 83cafcb53201bbac04d822f32438e244 C:\WINDOWS\System32\Drivers\usbaapl.sys MD5: 7455b3c11a1d6a844b53febdb58646e9 C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll MD5: 303a63f4b913aa5d8998161cb77a8ce7 C:\WINDOWS\system32\feclient.dll MD5: b07663a810e861eebfd0eac7e82ca62d C:\WINDOWS\system32\FsUsbExDisk.SYS MD5: f96c429788350db4ba6771c3034dfd88 C:\WINDOWS\system32\FsUsbExService.Exe MD5: 21c8a24455fdafc9d6d8bcd38d62b10b C:\WINDOWS\system32\HDAShCut.exe MD5: 3618313f7dfb605571a48fcf55d7868f C:\WINDOWS\system32\ieframe.dll MD5: d9ee4442a74dd7d65d1bcfff4e37be96 C:\WINDOWS\system32\iepeers.dll MD5: ad850c33a8ac45cf66574e62d1645272 C:\WINDOWS\system32\iertutil.dll MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll MD5: 57aa18b2896055e8cb269b19dd85e7f3 C:\WINDOWS\system32\inetcomm.dll MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll MD5: c0ba72929738685dbd714907733f2335 C:\WINDOWS\system32\jsproxy.dll MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll MD5: f3cd7b20b27d1772c946df993ff3635c C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe MD5: c25b91466d8c383299e9e2023f8f7a5a C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.DLL MD5: 415cea6eafa521f0a3b3d9ebf5fe546b C:\WINDOWS\system32\MrvGINA.dll MD5: 3f790874a85819e94574f3e7af9c5806 C:\WINDOWS\system32\msctfime.ime MD5: 3d811bf538d6f359735d757c94f484b6 C:\WINDOWS\system32\msdbg2.dll MD5: fdf8cf2cb78754d634d6228e12d65aa2 C:\WINDOWS\system32\msfeeds.dll MD5: 886b62a906b3967cbbf0fd2c833a30bf C:\WINDOWS\system32\mshtml.dll MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll MD5: a007278ec9d59216274dd0154ff0bbaa C:\WINDOWS\system32\nvapi.dll MD5: c1ea489dd8b5e57b03e2fd5a1500621b C:\WINDOWS\system32\NvCpl.dll MD5: 1ff171fbaf6e5a29c07b1f8d318b607a C:\WINDOWS\system32\NvMcTray.dll MD5: 0febe37db6650faa5965c00545009d1d C:\WINDOWS\system32\nvsvc32.exe MD5: 0294e2a5e89bf786f24a9cc2fd753191 C:\WINDOWS\system32\nwiz.exe MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll MD5: 34ffb6aba2da398bb33422e1e9275ba9 C:\WINDOWS\system32\quartz.dll MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll MD5: ff257ccca321cd2a697bb5ca38c9ec87 C:\WINDOWS\system32\SCARDDLG.dll MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll MD5: 0e3605a5e7c23f1139c5c448e1eaf494 C:\WINDOWS\system32\shimgvw.dll MD5: 29b6a85a733abe65b371023f790b2599 C:\WINDOWS\system32\shmedia.dll MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll MD5: 200c3f8e80b72b63558b3bc47a6807a0 C:\WINDOWS\system32\slbcsp.dll MD5: 421b2f81cbb65f94a70a3316c7be0e7c C:\WINDOWS\system32\SlbIop.dll MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll MD5: 86984e591641191236033d2a4d80ed56 C:\WINDOWS\system32\ssstars.scr MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll MD5: d0049860b63dd87a73a5d165c829c65f C:\WINDOWS\system32\t2embed.dll MD5: fdf44991cb9a33c901ffcbdf19ce95be C:\WINDOWS\system32\urlmon.dll MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll MD5: 6b1774334e2975aa60596e54f5ea1430 C:\WINDOWS\system32\WININET.dll MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\system32\wscntfy.exe MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80.DLL MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL MD5: 28a09777d2d952122567a8a82f1a2c7b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80ENU.DLL MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll No file uploaded. Scan finished - communication took 6 sec Total traffic - 0.01 MB sent, 1.22 KB recvd Scanned 780 files and modules - 70 seconds ==============================================================================

Checkup.txt: Results of screen317's Security Check version 0.99.42 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Free 8.5 `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.61.0.1400 CCleaner Java 6 Update 29 Java 2 Runtime Environment, SE v1.4.2_15 Java version out of Date! Adobe Flash Player 11.3.300.257 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 32% Defragment your hard drive soon! ````````````````````End of Log``````````````````````

info.txt: info.txt logfile of random's system information tool 1.09 2012-06-21 18:42:17 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8} Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe -maintain plugin Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F} Adobe Reader 9.5.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001} Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D} Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Apple Application Support-->MsiExec.exe /I{343666E2-A059-48AC-AD67-230BF74E2DB2} Apple Mobile Device Support-->MsiExec.exe /I{8153ED9A-C94A-426E-9880-5E6775C08B62} Apple Software Update-->MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66} Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9 AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B} Caesar IV-->C:\Program Files\InstallShield Installation Information\{B7666229-351B-47D9-AA6F-DF777CF04BBF}\Setup.exe -runfromtemp -l0x0009 -removeonly Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033 Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{001AB29C-5468-4972-8D24-2EBDB2B12133} Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A} Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{89EB3ED7-225A-412E-B048-623D502C000F} Canon MovieEdit Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68D27126-BF6A-457D-8DD0-5F35E8D41310} Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{001EB665-D9EC-415E-9E13-AD2125B2B992} Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Doremi FLV to MP3 Converter 1.6-->C:\Program Files\Doremisoft\DoremiSoft Flv to MP3 Converter\uninst.exe ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_F91D44FAA5479127.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Heroes of Might and Magic II-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Heroes2\DeIsL1.isu" High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" iPod for Windows 2005-09-23-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC} /l1033 iTunes-->MsiExec.exe /I{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C} Java 2 Runtime Environment, SE v1.4.2_15-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142150} Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kies-->"C:\Program Files\InstallShield Installation Information\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}\Setup.exe" -runfromtemp -l0x0409 -removeonly Kies-->MsiExec.exe /X{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47} K-Lite Mega Codec Pack 4.7.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0409-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Mozilla Firefox 12.0 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe" MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600} MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC} MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723} NETGEAR WG311v3 PCI Adapter-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{70014586-7BBA-4A92-A610-CDC896C48F8F} NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{B148AB4B-C8FA-474B-B981-F2943C5B5BCD} Orbit Downloader-->"C:\Program Files\Orbitdownloader\unins000.exe" OutlookAddInNet3Setup-->MsiExec.exe /I{5B4383F2-37EE-4E97-AD81-F5FF76F286DA} PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298} PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C} Rainlendar2 (remove only)-->"C:\Program Files\Rainlendar2\uninst.exe" SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\Samsung\USB Drivers\Uninstall.exe Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT="" Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe" Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe" Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe" Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe" Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Sims2Pack Clean Installer -->C:\Program Files\Sims2Pack Clean Installer\uninstall.exe SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" THE SETTLERS - Rise of an Empire-->"C:\Program Files\InstallShield Installation Information\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}\setup.exe" -runfromtemp -l0x0009 -removeonly The Sims 2 Glamour Life Stuff-->C:\Program Files\EA GAMES\The Sims 2 Glamour Life Stuff\EAUninstall.exe The Sims 2 Nightlife-->C:\Program Files\EA GAMES\The Sims 2 Nightlife\EAUninstall.exe The Sims 2 Open For Business-->C:\Program Files\EA GAMES\The Sims 2 Open For Business\EAUninstall.exe The Sims 2 Pets-->C:\Program Files\EA GAMES\The Sims 2 Pets\EAUninstall.exe The Sims 2 University-->C:\Program Files\EA GAMES\The Sims 2 University\EAUninstall.exe The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe The Sims™ 2 Celebration! Stuff-->C:\Program Files\EA GAMES\The Sims 2 Celebration! Stuff\EAUninstall.exe The Sims™ 2 Kitchen & Bath Interior Design Stuff-->C:\Program Files\EA GAMES\The Sims 2 Kitchen & Bath Interior Design Stuff\EAUninstall.exe The Sims™ 2 Mansion and Garden Stuff-->C:\Program Files\EA GAMES\The Sims 2 Mansion and Garden Stuff\EAUninstall.exe Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe" Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Update for Windows XP (KB2616676-v2)-->"C:\WINDOWS\$NtUninstallKB2616676-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe" Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe" Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Weatherzone Tracker v2.04-->"C:\Program Files\Weatherzone Tracker\unins000.exe" Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Worms2-->C:\WINDOWS\IsUninst.exe -fC:\Team17\Worms2\Uninst.isu ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: AVG Anti-Virus Free ======System event log====== Computer Name: SHA Event Code: 1003 Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00146CC32B1A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Record Number: 73969 Source Name: Dhcp Time Written: 20120512201053.000000+480 Event Type: warning User: Computer Name: SHA Event Code: 1003 Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00146CC32B1A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Record Number: 73856 Source Name: Dhcp Time Written: 20120511171239.000000+480 Event Type: warning User: Computer Name: SHA Event Code: 20 Message: Printer Driver Microsoft Office Document Image Writer Driver for Windows NT x86 Version-3 was added or updated. Files:- mdigraph.dll, mdiui.dll, mdiui.dll. Record Number: 73811 Source Name: Print Time Written: 20120510211744.000000+480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: SHA Event Code: 3 Message: Printer Microsoft Office Document Image Writer was deleted. Record Number: 73810 Source Name: Print Time Written: 20120510211742.000000+480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: SHA Event Code: 4 Message: Printer Microsoft Office Document Image Writer is pending deletion. Record Number: 73809 Source Name: Print Time Written: 20120510211742.000000+480 Event Type: warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: SHA Event Code: 1002 Message: Hanging application Photoshop.exe, version 10.0.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 2187 Source Name: Application Hang Time Written: 20120123171636.000000+480 Event Type: error User: Computer Name: SHA Event Code: 1002 Message: Hanging application Photoshop.exe, version 10.0.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 2186 Source Name: Application Hang Time Written: 20120123171636.000000+480 Event Type: error User: Computer Name: SHA Event Code: 1020 Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i. Record Number: 2038 Source Name: ASP.NET 2.0.50727.0 Time Written: 20120111220758.000000+480 Event Type: warning User: Computer Name: SHA Event Code: 1020 Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i. Record Number: 1137 Source Name: ASP.NET 2.0.50727.0 Time Written: 20111013225001.000000+480 Event Type: warning User: Computer Name: SHA Event Code: 1002 Message: Hanging application wmplayer.exe, version 11.0.5721.5145, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 1080 Source Name: Application Hang Time Written: 20111009131443.000000+480 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=5f02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "asl.log"=Destination=file;OnFirstLog=command,environment "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------

Hi Maurice, Thank you for your reply and your assistance, it is much appreciated. I have done all you have asked and logs are as below: Log.txt: Logfile of random's system information tool 1.09 (written by random/random) Run by Sasha Gilby at 2012-06-21 18:41:34 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 13 GB (17%) free of 76 GB Total RAM: 1535 MB (33% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:42:10 PM, on 21/06/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe C:\WINDOWS\system32\dgdersvc.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Weatherzone Tracker\weather_tracker.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Sasha Gilby\Desktop\Dropper\RSIT.exe C:\Program Files\trend micro\Sasha Gilby.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file) O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Weather Tracker3] C:\Program Files\Weatherzone Tracker\weather_tracker.exe O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = ? O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194700741281 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71}: NameServer = 195.242.208.40 O17 - HKLM\System\CS1\Services\Tcpip\..\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71}: NameServer = 195.242.208.40 O17 - HKLM\System\CS2\Services\Tcpip\..\{3E763E93-5FB7-4F64-B8D8-637FF83B2C71}: NameServer = 195.242.208.40 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\WINDOWS\system32\dgdersvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- End of file - 11950 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Sasha Gilby\Application Data\Mozilla\Firefox\Profiles\ew3p7oej.default prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, avg@igeared:7.005.030.004, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24" prefs.js - "keyword.URL" - "http://search.avg.com/route/?d=4cc6b5c1&v=7.005.030.004&i=23&tp=ab&iy=&ychte=au&lng=en-US&q=" "{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff "avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.3.300.257 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69] "Description"=RealPlayer LiveConnect-Enabled Plug-In "Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69] "Description"=6.0.12.69 "Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\plugins\ npdeployJava1.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll npqtplugin8.dll QuickTimePlugin.class C:\Program Files\Mozilla Firefox\searchplugins\ amazondotcom.xml avg-secure-search.xml bing.xml eBay.xml google.xml twitter.xml wikipedia.xml yahoo.xml C:\Documents and Settings\Sasha Gilby\Application Data\Mozilla\Firefox\Profiles\ew3p7oej.default\extensions\ {20a82645-c095-46ed-80e3-08825760534b} {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}] Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2012-04-20 241448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll [2012-06-12 2068536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-22 192112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-13 1003576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2012-04-20 696000] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll [2012-06-12 2068536] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-22 192112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-28 61952] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-08 716800] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-23 7700480] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-23 86016] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696] "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2011-10-18 2042208] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-01-16 421736] "vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-06-12 1104440] "ROC_roc_dec12"=C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe [2012-02-16 928096] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-13 68856] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2011-02-18 3877888] "Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "Weather Tracker3"=C:\Program Files\Weatherzone Tracker\weather_tracker.exe [2009-07-17 2888403] "KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2010-10-27 3365176] C:\Documents and Settings\All Users\Start Menu\Programs\Startup NETGEAR WG311v3 Smart Wizard.lnk - C:\WINDOWS\Installer\{70014586-7BBA-4A92-A610-CDC896C48F8F}\NewShortcut1_1.exe C:\Documents and Settings\Sasha Gilby\Start Menu\Programs\Startup ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2009-08-18 11952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x95000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe" "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe" "C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe" "C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe" "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" "C:\Program Files\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Rise of an Empire\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Rise of an Empire" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Java\jre6\bin\javaws.exe"="C:\Program Files\Java\jre6\bin\javaws.exe:*:Disabled:Java Web Start Launcher" "C:\Documents and Settings\Sasha Gilby\Local Settings\Application Data\qnxwqtu\lnlyvx.exe"="C:\Documents and Settings\Sasha Gilby\Local Settings\Application Data\qnxwqtu\lnlyvx.exe:*:Disabled:lnlyvx" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit" "C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "C:\Documents and Settings\Sasha Gilby\Desktop\WORMS2\START.EXE"="C:\Documents and Settings\Sasha Gilby\Desktop\WORMS2\START.EXE:*:Disabled:Worms 2 Frontend" "C:\Team17\Worms2\frontend.exe"="C:\Team17\Worms2\frontend.exe:*:Disabled:Worms 2 Frontend" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll "vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll "VIDC.DIVX"=divx.dll "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm "VIDC.FFDS"=ff_vfw.dll "msacm.siren"=sirenacm.dll "VIDC.MKVC"=KMVIDC32.DLL ======List of files/folders created in the last 1 month====== 2012-06-21 18:41:35 ----D---- C:\Program Files\trend micro 2012-06-21 18:41:34 ----D---- C:\rsit 2012-06-17 21:03:43 ----A---- C:\WINDOWS\ntbtlog.txt 2012-06-14 22:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2707511$ 2012-06-14 22:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2685939$ 2012-06-14 22:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$ 2012-06-05 22:58:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2718704$ ======List of files/folders modified in the last 1 month====== 2012-06-21 18:41:35 ----RD---- C:\Program Files 2012-06-21 18:41:25 ----D---- C:\WINDOWS\Prefetch 2012-06-21 18:38:53 ----D---- C:\WINDOWS\ERDNT 2012-06-21 18:38:38 ----D---- C:\Program Files\ERUNT 2012-06-21 17:54:08 ----D---- C:\Program Files\Mozilla Firefox 2012-06-21 17:52:23 ----D---- C:\WINDOWS\system32\drivers\Avg 2012-06-21 17:48:25 ----D---- C:\WINDOWS\Temp 2012-06-20 23:13:27 ----A---- C:\WINDOWS\SchedLgU.Txt 2012-06-18 17:24:07 ----D---- C:\WINDOWS\system32\drivers 2012-06-18 17:21:50 ----HD---- C:\$AVG8.VAULT$ 2012-06-17 23:01:36 ----D---- C:\WINDOWS\system32\drivers\etc 2012-06-17 21:32:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2012-06-17 21:03:43 ----D---- C:\WINDOWS 2012-06-17 20:58:54 ----D---- C:\WINDOWS\system32\CatRoot2 2012-06-17 14:51:44 ----SHD---- C:\WINDOWS\Installer 2012-06-17 14:51:43 ----SHD---- C:\Config.Msi 2012-06-17 14:51:14 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2012-06-17 14:50:15 ----D---- C:\WINDOWS\system32 2012-06-15 19:49:04 ----D---- C:\WINDOWS\Microsoft.NET 2012-06-15 19:49:02 ----RSD---- C:\WINDOWS\assembly 2012-06-14 22:57:09 ----HD---- C:\WINDOWS\inf 2012-06-14 22:57:04 ----RSHDC---- C:\WINDOWS\system32\dllcache 2012-06-14 22:56:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2012-06-14 22:56:04 ----D---- C:\WINDOWS\WinSxS 2012-06-14 22:51:30 ----A---- C:\WINDOWS\system32\MRT.exe 2012-06-14 22:51:19 ----A---- C:\WINDOWS\imsins.BAK 2012-06-14 22:51:03 ----D---- C:\Program Files\Internet Explorer 2012-06-14 22:49:55 ----HD---- C:\WINDOWS\$hf_mig$ 2012-06-12 17:53:12 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search 2012-06-12 17:53:10 ----D---- C:\Program Files\AVG Secure Search 2012-06-12 17:53:08 ----D---- C:\WINDOWS\system32\cache 2012-06-12 17:53:04 ----D---- C:\Program Files\Common Files\AVG Secure Search 2012-06-12 16:55:06 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2012-05-31 21:22:09 ----A---- C:\WINDOWS\system32\crypt32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904] R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-10 36352] R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-18 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-18 27784] R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-15 108552] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-09-17 278984] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-15 25416] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312] R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872] R3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2010-09-06 18120] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-23 3994624] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-06-29 57856] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-06-29 20480] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888] R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-10-10 393088] R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 W8335XP;NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335); C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys [2005-10-07 280576] S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-28 145920] S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12160] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2010-07-20 96488] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2010-07-20 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2010-07-20 121576] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224] S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144] R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-18 908056] R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-18 297752] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 dgdersvc;Device Error Recovery Service; C:\WINDOWS\system32\dgdersvc.exe [2010-09-06 95568] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-09-06 217088] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-23 159810] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-12 935480] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 821608] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 257224] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe [2011-11-10 167264] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-11-04 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-18 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-05 129976] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Hi all, Yesterday I went out for a few hours and left a few browsers open. When I came home, all my browsers were gone. I tried to open Firefox but it didn't work. I then tried to open IE, AVG and every other icon on my desktop but none opened. I then restarted in safe mode and was able to perform scans with AVG, Malwarebytes and Spybot S&D. Malwarebytes didn't find anything. Spybot found TrojansC-05 and C-02 under 'Search - Explorer'. AVG found 'registry key with reference to infected file C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe. I was able to either heal or move these to the virus vault. I then updated, restarted in normal mode and all applications ran as per usual. I ran scans again this morning and 5 infected files were found during the scan. These have once again been moved to the vault. However, I don't feel like it is 100% clean as my computer is a bit slower than usual and music skips or jumps when I play it. I have attached the DDS and Attach files. DDS.txtAttach.txt Any help on this would be greatly appreciated. Cheers DDS (Ver_10-03-17.01) - NTFSx86 Run by Sasha Gilby at 18:32:10.45 on Mon 18/06/2012 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29 Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.1535.557 [GMT 8:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dgdersvc.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe C:\Program Files\NETGEAR\WG311v3\WinDomainlogon.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Weatherzone Tracker\weather_tracker.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Documents and Settings\Sasha Gilby\My Documents\Sasha\dds.com ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com.au/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = <local>;*.local mURLSearchHooks: H - No File BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [Weather Tracker3] c:\program files\weatherzone tracker\weather_tracker.exe uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe mRun: [soundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\windows\installer\{70014586-7bba-4a92-a610-cdc896c48f8f}\NewShortcut1_1.exe IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194700741281 DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: {3E763E93-5FB7-4F64-B8D8-637FF83B2C71} = 195.242.208.40 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.1.0\ViProtocol.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\sashag~1\applic~1\mozilla\firefox\profiles\ew3p7oej.default\ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc6b5c1&v=7.005.030.004&i=23&tp=ab&iy=&ychte=au&lng=en-US&q= FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\program files\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll FF - plugin: c:\documents and settings\sasha gilby\application data\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.1.0\npsitesafety.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-8 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-11-5 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-8 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-8 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-8 297752] R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-9-6 95568] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-1-14 217088] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\common files\avg secure search\vtoolbarupdater\11.1.0\ToolbarUpdater.exe [2012-6-12 935480] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-9-6 18120] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-1-14 36640] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 257224] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg8\toolbar\ToolbarBroker.exe [2010-10-26 167264] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-5 129976] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-1-14 96488] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-1-14 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-1-14 121576] =============== Created Last 30 ================ 2012-06-14 10:08:14 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll ==================== Find3M ==================== 2012-06-12 08:55:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2005-10-06 23:17:34 280576 -c--a-w- c:\windows\inf\wg311v3\WG311v3XP.sys 2005-10-06 23:17:34 280576 -c--a-w- c:\windows\inf\wg311v3\WG311v3.sys 2005-03-01 19:16:42 212992 -c--a-w- c:\windows\inf\wg311v3\CopyWHQLDriver.exe 2007-06-11 11:22:16 8 -csh--r- c:\windows\system32\B0D02B64D7.sys 2007-07-10 12:23:13 1890 -csha-w- c:\windows\system32\KGyGaAvL.sys 2009-05-17 00:56:04 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009051720090518\index.dat ============= FINISH: 18:34:06.45 ===============

Thank you very much for all your help with this, Elise. It is greatly appreciated. Cheers and have a great weekend!