Jump to content

Recommended Posts

Hi

I was having trouble with my online bank using Firefox, so I switched over to IE9 for a few minutes to finish some work.

My bank contacted me shortly after with info that my pc is infected with something that shows up as MAAU in the user agent for IE9. I confirmed this by visiting whatsmyuseragent(dot)com.

I'm not sure sure how to remove this or what it is.

Thanks.

DDS.txt

Attach.txt

Link to post
Share on other sites

  • 1 month later...

Save and close any work documents, close any apps that you started.

Download the Microsoft® Windows® Malicious Software Removal Tool from the Microsoft Download Center

http://www.microsoft...&displaylang=en

It is suggested that you rename mrt.exe to some other name, such as Omega.exe, then run it.

After a run of MSRT has finished, you will find the log at C:\WINDOWS\Debug\mrt.log or C:\WINNT\Debug\mrt.log

The file may be opened and viewed with Notepad or similar text editor.

If and only if your system is Windows 7 x64, Vista x64, Windows XP x64 and Windows 2008/2003 x64 computers.

Get Microsoft® Windows® Malicious Software Removal Tool (KB890830) x64

http://www.microsoft...&displaylang=en

Additional information Microsoft® Windows® Malicious Software Removal Tool is here http://support.micro...om/?kbid=890830

If no infections were found, you will see in your log

Results Summary:

----------------

No infection found.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a FULL Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy & Paste the contents of last scan log into reply.

If we do not hear back from you in 3 days, this thread will be closed.

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.20.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Ravemind :: BAMBOO [administrator]

2/20/2012 4:03:55 PM

mbam-log-2012-02-20 (16-03-55).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 532949

Time elapsed: 1 hour(s), 43 minute(s), 22 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

The MBAM scan is all OK.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad or Wordpad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://go.eset.com/us/online-scanner/faq

    • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
      (And the prompt re-enabling when finished.)
    • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    • Do not use the system while the scan is running. Once the full scan is underway, go take a long break popcorn.gifpepsi.gif

Re-enable the antivirus program.

Reply with copy of the Eset scan log

Link to post
Share on other sites

I followed all the instructions and ran ESET.

During the process ESET found and removed a component of Hotspotshield. Something i installed by mistake 8 months ago.

Unfortunately, after it finished I mistakenly chose uninstall as I exited ESET. I think it took the log with it. When I went to find it, it was not in the location indicated. Sorry.

I still have Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MAAU) showing up as my user agent.

What's next?

Thank you

Link to post
Share on other sites

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5

Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Start Internet Explorer

Using Internet Explorer browser only, go to BitDefender Quickscan website:

http://quickscan.bitdefender.com

and click "Start Scan".

Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.

Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.

If prompted, reply yes to allow it to run.

Press the Allow button and follow prompts.

Press the "Start Scan" once more.

You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/

and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.

It may seem to stall at moments, but have patience; it will move on.

You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.

The log report will show in your text editor. Save the log.

Do a Select ALL, Copy. Then paste contents into your next reply.

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites

bitdefender

QuickScan 64-bit v0.9.9.105

---------------------------

Scan date: Thu Feb 23 16:39:17 2012

Machine ID: FCAC575E

No infection found.

-------------------

Processes

---------

(unsigned) ACEngSvr Module 4048 C:\Windows\SysWOW64\ACEngSvr.exe

(unsigned) ATK ACMON 3352 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(unsigned) cdrom_mon.exe 1484 C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe

(unsigned) hsswd.exe 1048 C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

(unsigned) IconUtility 3272 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

(unsigned) PC Auto Shutdown 4628 C:\Program Files (x86)\PC Auto Shutdown

\AutoShutdown.exe

(unsigned) USB 3.0 Monitor 4448 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host

Controller Driver\Application\nusb3mon.exe

(unsigned) Wireless Console 3 3388 C:\Program Files (x86)\ASUS\Wireless Console

3\wcourier.exe

(verified) 3748 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE

\AsusWSService.exe

(verified) ADSMSrv 1564 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\AsLdrSrv.exe

(verified) AcroTray - Adobe Acrobat Distiller help 4612 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat

\acrotray.exe

(verified) AFBAgent 1524 C:\Windows\System32\FBAgent.exe

(verified) ALU 3356 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

(verified) ASUS Screen Saver Protector 3544 C:\Windows\AsScrPro.exe

(verified) ASUS SmartLogon 3548 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

(verified) ATK Generic Function Service 1648 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX

\GFNEXSrv.exe

(verified) ATK Hotkey 4260 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\ATKOSD.exe

(verified) ATK Hotkey 4208 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\HControl.exe

(verified) ATK Hotkey 4428 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\HControlUser.exe

(verified) ATK Hotkey 4748 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\KBFiltr.exe

(verified) ATK Hotkey 4812 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\WDC.exe

(verified) ATK Media 4420 C:\Program Files (x86)\ASUS\ATK Package\ATK Media

\DMedia.exe

(verified) ATKOSD2 4328 C:\Program Files (x86)\ASUS\ATK Package

\ATKOSD2\ATKOSD2.exe

(verified) AVG Internet Security 2132 C:\Program Files (x86)\AVG\AVG10\avgcfgex.exe

(verified) AVG Internet Security 4536 C:\Program Files (x86)\AVG\AVG10\avgtray.exe

(verified) AVG Internet Security 5716 C:\Program Files (x86)\AVG\AVG10\avgui.exe

(verified) AVG Internet Security 1520 C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

(verified) Bing Bar 1328 C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

(verified) Bing Bar 1280 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(verified) Bluetooth Software 3704 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(verified) Bluetooth Software 1976 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(verified) Boingo Wi-Fi 4320 C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-

Fi.exe

(verified) Bonjour 2016 C:\Program Files\Bonjour\mDNSResponder.exe

(verified) ControlDeck 1660 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

(verified) CyberLink MediaLibray Service 2180 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(verified) ELAN Smart-Pad 3756 C:\Program Files\Elantech\ETDCtrl.exe

(verified) ELAN Smart-Pad 4160 C:\Program Files\Elantech\ETDCtrlHelper.exe

(verified) Installation/Management Application 2272 C:\Windows\SysWOW64\rpcnet.exe

(verified) Intel® Active Management Technology L 2064 C:\Program Files (x86)\Intel\Intel® Management Engine

Components\LMS\LMS.exe

(verified) Intel® Common User Interface 3852 C:\Windows\System32\hkcmd.exe

(verified) Intel® Common User Interface 3860 C:\Windows\System32\igfxpers.exe

(verified) Intel® Common User Interface 3840 C:\Windows\System32\igfxtray.exe

(verified) Intel® Management & Security Applicat 5828 C:\Program Files (x86)\Intel\Intel® Management Engine

Components\UNS\UNS.exe

(verified) Intel® PROSet/Wireless 3832 C:\Program Files\Common Files\Intel\WirelessCommon

\iFrmewrk.exe

(verified) Intel® PROSet/Wireless 2248 C:\Program Files\Common Files\Intel\WirelessCommon

\RegSrvc.exe

(verified) Intel® PROSet/Wireless 2424 C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(verified) iTunes 4716 C:\Program Files (x86)\iTunes\iTunesHelper.exe

(verified) iTunes 5064 C:\Program Files\iPod\bin\iPodService.exe

(verified) Java Platform SE Auto Updater 2 0 4848 C:\Program Files (x86)\Common Files\Java\Java Update

\jusched.exe

(verified) Live! Cam Console Auto Launcher 4708 C:\Windows\V0330Mon.exe

(verified) Microsoft® .NET Framework 4964 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF

\PresentationFontCache.exe

(verified) Microsoft® Windows® Operating System 5900 C:\Program Files\Windows Media Player\wmpnetwk.exe

(verified) Microsoft® Windows® Operating System 3160 C:\Program Files\Windows Sidebar\sidebar.exe

(verified) Microsoft® Windows® Operating System 3516 C:\Windows\explorer.exe

(verified) Microsoft® Windows® Operating System 2148 C:\Windows\servicing\TrustedInstaller.exe

(verified) Microsoft® Windows® Operating System 1608 C:\Windows\System32\conhost.exe

(verified) Microsoft® Windows® Operating System 716 C:\Windows\System32\csrss.exe

(verified) Microsoft® Windows® Operating System 624 C:\Windows\System32\csrss.exe

(verified) Microsoft® Windows® Operating System 3228 C:\Windows\System32\dwm.exe

(verified) Microsoft® Windows® Operating System 776 C:\Windows\System32\lsass.exe

(verified) Microsoft® Windows® Operating System 784 C:\Windows\System32\lsm.exe

(verified) Microsoft® Windows® Operating System 752 C:\Windows\System32\services.exe

(verified) Microsoft® Windows® Operating System 316 C:\Windows\System32\smss.exe

(verified) Microsoft® Windows® Operating System 1748 C:\Windows\System32\spoolsv.exe

(verified) Microsoft® Windows® Operating System 5784 C:\Windows\System32\sppsvc.exe

(verified) Microsoft® Windows® Operating System 632 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 4492 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 876 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1008 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1156 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 780 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 124 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 2364 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 3124 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1784 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 3196 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1416 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 4060 C:\Windows\System32\taskeng.exe

(verified) Microsoft® Windows® Operating System 5512 C:\Windows\System32\taskeng.exe

(verified) Microsoft® Windows® Operating System 4004 C:\Windows\System32\taskhost.exe

(verified) Microsoft® Windows® Operating System 2700 C:\Windows\System32\wbem\unsecapp.exe

(verified) Microsoft® Windows® Operating System 4976 C:\Windows\System32\wbem\unsecapp.exe

(verified) Microsoft® Windows® Operating System 3400 C:\Windows\System32\wbem\WmiPrvSE.exe

(verified) Microsoft® Windows® Operating System 2780 C:\Windows\System32\wbem\WmiPrvSE.exe

(verified) Microsoft® Windows® Operating System 696 C:\Windows\System32\wininit.exe

(verified) Microsoft® Windows® Operating System 948 C:\Windows\System32\winlogon.exe

(verified) Microsoft® Windows® Operating System 1600 C:\Windows\System32\wlanext.exe

(verified) MobileDeviceService 1220 C:\Program Files (x86)\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe

(verified) NVIDIA Driver Helper Service, Version 2 1396 C:\Windows\System32\nvvsvc.exe

(verified) NVIDIA Driver Helper Service, Version 2 984 C:\Windows\System32\nvvsvc.exe

(verified) NVIDIA Settings Update Manager 2172 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA

Updatus\daemonu.exe

(verified) PC Auto Shutdown Service 2200 C:\Program Files (x86)\PC Auto Shutdown

\ShutdownService.exe

(verified) PhotoSync 2772 C:\Program Files (x86)\PhotoSync\PhotoSync.exe

(verified) Power4Gear Hybrid 3308 C:\Program Files\P4G\BatteryLife.exe

(verified) Realtek HD Audio Manager 240 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(verified) RIMBBLaunchAgent 4656 C:\Program Files (x86)\Common Files\Research In Motion

\USB Drivers\RIMBBLaunchAgent.exe

(verified) SRS APO Control Panel 4440 C:\Program Files\SRS Labs\SRS Premium Sound Control

Panel\SRSPremiumPanel_64.exe

(verified) Windows® Internet Explorer 5752 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Internet Explorer 5060 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Search 3568 C:\Windows\System32\SearchFilterHost.exe

(verified) Windows® Search 4308 C:\Windows\System32\SearchIndexer.exe

(verified) Windows® Search 5692 C:\Windows\System32\SearchProtocolHost.exe

Network activity

----------------

Process iexplore.exe (5060) connected on port 80 (HTTP) --> 188.165.220.204

Process iexplore.exe (5060) connected on port 80 (HTTP) --> 74.125.224.196

Process iexplore.exe (5060) connected on port 80 (HTTP) --> 74.125.224.196

Process iexplore.exe (5060) connected on port 80 (HTTP) --> 187.141.2.96

Process iexplore.exe (5060) connected on port 80 (HTTP) --> 198.87.182.139

Process iexplore.exe (5060) connected on port 80 (HTTP) --> 198.87.182.160

Process svchost.exe (124) listens on ports: 135 (RPC)

Process svchost.exe (632) listens on ports: 49153 (RPC)

Process wininit.exe (696) listens on ports: 49152 (RPC)

Process services.exe (752) listens on ports: 49158 (RPC)

Process lsass.exe (776) listens on ports: 49155 (RPC)

Process svchost.exe (1008) listens on ports: 49154 (RPC)

Process PhotoSync.exe (2772) listens on ports: 35722

Process wmpnetwk.exe (5900) listens on ports: 554 (RTSP)

Autoruns and critical files

---------------------------

(unsigned) Boingo.lnk C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk

(unsigned) IconUtility C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

(unsigned) PC Auto Shutdown C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe

(unsigned) QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe

(unsigned) USB 3.0 Monitor C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller

Driver\Application\nusb3mon.exe

(verified) C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE

\AsusWSService.exe

(verified) AcroTray - Adobe Acrobat Distiller help C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe

(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

(verified) Adobe CS4 Service Manager C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager

\CS4ServiceManager.exe

(verified) Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(verified) Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application

Support\APSDaemon.exe

(verified) ATK Hotkey C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\HControlUser.exe

(verified) ATK Media C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(verified) ATKOSD2 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(verified) AVG Internet Security C:\Program Files (x86)\AVG\AVG10\avgtray.exe

(verified) DVDFab Passkey C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe

(verified) ELAN Smart-Pad C:\Program Files\Elantech\ETDCtrl.exe

(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(verified) Google Update C:\Users\Ravemind\AppData\Local\Google\Update\GoogleUpdate.exe

(verified) GrooveMonitor Utility C:\Program Files (x86)\Microsoft Office

\Office12\GrooveMonitor.exe

(verified) GrooveShellExtensions Module c:\program files (x86)\microsoft office

\office12\grooveshellextensions.dll

(verified) Intel® Common User Interface C:\Windows\System32\hkcmd.exe

(verified) Intel® Common User Interface C:\Windows\system32\igfxdev.dll

(verified) Intel® Common User Interface C:\Windows\System32\igfxpers.exe

(verified) Intel® Common User Interface C:\Windows\System32\igfxtray.exe

(verified) Intel® PROSet/Wireless C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(verified) iTunes C:\Program Files (x86)\iTunes\iTunesHelper.exe

(verified) Java Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update

\jusched.exe

(verified) Live! Cam Console Auto Launcher C:\Windows\V0330Mon.exe

(verified) Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe

(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

(verified) MobileMe C:\Program Files (x86)\Common Files\Apple\Mobile Device

Support\AppleSyncNotifier.exe

(verified) MUI StartMenu Application C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer

\MUIStartMenu.exe

(verified) MUI StartMenu Application C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer

\MUIStartMenu.exe

(verified) NVIDIA D3D shim drivers C:\Windows\System32\nvinitx.dll

(verified) NVIDIA D3D shim drivers C:\Windows\SysWOW64\nvinit.dll

(verified) PhotoSync C:\Program Files (x86)\PhotoSync\PhotoSync.exe

(verified) RIMBBLaunchAgent C:\Program Files (x86)\Common Files\Research In Motion\USB

Drivers\RIMBBLaunchAgent.exe

Browser plugins

---------------

(unsigned) asusTek_sys_ctrl Module C:\Windows\Downloaded Program Files\asusTek_sys_ctrl.dll

(unsigned) hssie_64.dll c:\program files (x86)\hotspot shield\hssie\hssie_64.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins

\npqtplugin2.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins

\npqtplugin3.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins

\npqtplugin4.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins

\npqtplugin5.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins

\npqtplugin6.dll

(unsigned) QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins

\npqtplugin7.dll

(verified) Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll

(verified) AVG Internet Security c:\program files (x86)\avg\avg10\avgssiea.dll

(verified) AVG Internet Security C:\Users\Ravemind\AppData\Local\Google\Chrome\User Data

\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgnpss.dll

(verified) AVG Internet Security C:\Users\Ravemind\AppData\Local\Google\Chrome\User Data

\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgxpl.dll

(verified) BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax64.dll

(verified) Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll

(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll

(verified) Family Safety Browser Helper Object Lib c:\program files\windows live\family safety\fssbho.dll

(verified) Google Talk Plugin C:\Users\Ravemind\AppData\Roaming\Mozilla\plugins

\npgoogletalk.dll

(verified) Google Talk Plugin Video Accelerator C:\Users\Ravemind\AppData\Roaming\Mozilla\plugins

\npgtpo3dautoplugin.dll

(verified) Google Update C:\Users\Ravemind\AppData\Local\Google\Update

\1.3.21.99\npGoogleUpdate3.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\mswsock.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\NapiNSP.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\pnrpnsp.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\wshbth.dll

(verified) NPSWF64_11_1_102.dll C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

(verified) Windows® Internet Explorer C:\Windows\System32\ieframe.dll

Missing files

-------------

File not found: C:\ExpressGateUtil\SessionLogon.exe

--> HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\"SessionLogon"

File not found: c:\programdata\SetWallpaper.cmd

--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Setwallpaper"

Scan

----

MD5: e19b41a5537c96d577dd796439dddc29 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

MD5: b89cb7f3f1a1e2807e708f5435deb13d C:\Program Files (x86)\ASUS\ASUS WebStorage\log4net.dll

MD5: 951c23b8387f613a4bb61e7fbf8cb783 C:\Program Files (x86)\ASUS\ASUS WebStorage\LogicNP.EZNamespaceExtensions.dll

MD5: 12778394a06b57bc657a77542cda6de3 C:\Program Files (x86)\ASUS\ASUS WebStorage\LogicNP.EZShellExtensions.dll

MD5: 6fcafcb0820c9bc0ee363f26a9a9d8f3 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

MD5: 2d3eb97e1b7d010c490af22b673ab1f1 C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE

\Interop.SimpleAES64Lib.dll

MD5: dc1c451abc7cece60dc9aa677143133f C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\Interop.SIMPLEAESLib.dll

MD5: b89cb7f3f1a1e2807e708f5435deb13d C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\log4net.dll

MD5: d796831c0cf484f867989d34b7583ce3 C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll

MD5: 12fbce17af4f68b9402c13241f49453f C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll

MD5: e73f859a32c9acedc4dfc62a2033e606 C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll

MD5: bc102aa9e0adac27a5dde13b14e08aa0 C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll

MD5: a6c20cbd1b10fef25daa4f1cf9fbc4ff C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

MD5: d6e497d23f4d7593145349f6e6bd56ca C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll

MD5: 5368dac1d13b2331a4f6e7530ebcdbe8 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

MD5: 9ab802c4321ba2bd6d5f41ccce6cdb9e C:\Program Files (x86)\ASUS\Splendid\OVS.dll

MD5: 388ce212a119271eea68f42712f3f64f C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL

MD5: 06b4c8d5d9708a7494ac7c02cd54650e C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll

MD5: e7c665d4afaab45a9086d02ffc87a4b4 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll

MD5: bdd790326fabc31fb635130810245062 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

MD5: c61d476c867d215fb9ce136ce6bf0c14 C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

MD5: 8712d4405dc0637964d965b31308b492 C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

MD5: 1cd292e65d973d7ee568811aac8d9e44 C:\Program Files (x86)\Hotspot Shield\bin\libcurl.dll

MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll

MD5: 21c2b1b55d24fbff03ecfb9788c0bb77 C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll

MD5: df49cc0f2a00fa5cd2c79abd9c269796 C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll

MD5: 023a872276cafb1219126b900f5ae944 c:\program files (x86)\hotspot shield\hssie\hssie_64.dll

MD5: 1cbad5eee017fafea2bf75e82330783d C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS

\DTMessageLib.dll

MD5: d480c9220bfe667de65a46cde80ea7e9 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS

\StatusStrings.dll

MD5: 122f89e0905fc656d56f65cd7a2e9b4d C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS

\xerces-c_2_7.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll

MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll

MD5: 83ecb3325f8a7bf3e810d9e2156c2a8a C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver

\Application\nusb3mon.dll

MD5: 358c81ada09e0b6906db82ea75b836d5 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver

\Application\nusb3mon.exe

MD5: b6430538c087526d5995ee08fe05ed19 C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe

MD5: 04d2ee2f2712b8368216300455f0557b C:\Program Files (x86)\PhotoSync\log4net.dll

MD5: e7e3d7592c373084e58282e7e3ab938b C:\Program Files (x86)\PhotoSync\PhotoSyncContextMenu.dll

MD5: 5cb43a4bdbffe49d17e4f82005fb623f C:\Program Files (x86)\PhotoSync\ZeroconfService.dll

MD5: 73430e79d6df4de9055e2a7742b881d3 C:\Program Files (x86)\QuickTime\QTTask.exe

MD5: 3ee388a293d60f779d30ee4e20a4b953 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll

MD5: 335c334e2d51d6296585d1da66ccff6a C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins

\PanTray.dll

MD5: a696f29a4ca5979829af3b985274ab98 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins

\WiWiTray.dll

MD5: d844b11545f53aa0c10f78763381d9ec C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

MD5: 5ad86ab144e7a80be54a756972bde6f7 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll

MD5: 065dded5e4d56f614490be20e35fd1fe C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll

MD5: c331678616ba706c98d958dae508e891 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll

MD5: 67a2c46fb3655eba080fde259ef552f4 C:\Program Files\Intel\WiFi\bin\DbEngine.dll

MD5: 8eb35a69809e438b17196402324bc31e C:\Program Files\Intel\WiFi\bin\IntStngs.dll

MD5: cb0691b3d52797ef6bd6f3da405aac48 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll

MD5: b29c810f72da290bf767c72bc0609d35 C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.dll

MD5: 7c17b6de9f711cf355794fdc2a58b988 C:\Program Files\Intel\WiFi\bin\MurocApi.dll

MD5: b46b7fe1eacb33c390bf841b6e21fd93 C:\Program Files\Intel\WiFi\bin\PanApi.dll

MD5: bddf16cae7b0c42f8eee07d657d02444 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll

MD5: 866e3cebef1cfc88d812f7f01277d448 C:\Program Files\Intel\WiFi\bin\pfQOSMgr.dll

MD5: 18c25c08896ee3feb395f5ea62f6ec56 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll

MD5: 0409bb7fa69935700ebaadff6356124c C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL

MD5: 7d4df3e078a0ec810604b3dec23abc98 C:\Program Files\P4G\DevMng.dll

MD5: f1f21b4fc152b878b1864ff14ea575c6 C:\Program Files\Windows Sidebar\Shared Gadgets\P4G.Gadget\P4GGadgetCom.dll

MD5: bbb2bbf4934a7704908515dbfec6cf2c C:\Windows\assembly\GAC_64\System.Data.SQLite

\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.DLL

MD5: 638f45c6397c911828d2a478729b23aa C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib

\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll

MD5: 68b5370cc7b84ba569089715225e22e6 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore

\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll

MD5: 18164b0144b43860965f161c79cff4c4 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#

\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll

MD5: dfd0283dd8506e8506d4621717fbecf9 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#

\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll

MD5: 95e8d9c0e865ead5a440c91d933b7d60 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration

\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll

MD5: 56cebc1d7b1d98959b87149ea3d22071 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing

\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll

MD5: 98783e8c36399c5c2fad62a8f4539547 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management

\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll

MD5: 5764f20720f350d46fd6cef6cb3a4941 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms

\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll

MD5: dcc1ac29aa8d2ce725cc86a626cec360 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml

\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll

MD5: 3d725c257ea3952158fffbb5874896da C:\Windows\assembly\NativeImages_v2.0.50727_32\System

\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll

MD5: d3ba339de4c1c7082e815ad49a41cd38 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase

\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll

MD5: 3c4def3df3eeffc2623dd3bb07c3e321 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#

\e05059a258a8b75d8981f29ecd9baf72\Microsoft.VisualBasic.ni.dll

MD5: fb51bc741c95773d0d12267e63a36ca2 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib

\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll

MD5: 47330a12e64313c47fad7cd41ddee729 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore

\0fa603af6ee814498c20f46e00e5f891\PresentationCore.ni.dll

MD5: 394791decba3db5ad51f93e70153dcb2 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration

\da9e586395168489e96323c7cbd635a3\System.Configuration.ni.dll

MD5: bb7c4a790e27198f522664e20c289ae6 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data

\bc98c6a47226c05d244f7ffb07b6d6bf\System.Data.ni.dll

MD5: 4c72786d21ba5d24637ff4cb17f6fd55 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing

\6c52a4ed4a4d301b51cae24e0d0b28ac\System.Drawing.ni.dll

MD5: a2897e7185836d139ffb27903c841547 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#

\dbd535c6b73a9d9ffab8b91124ea7dda\System.EnterpriseServices.ni.dll

MD5: 2d7c2a8d2970f992c0f5fdb3c7f70883 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management

\6860203a3f244d4c6b89ff38a9c9cadb\System.Management.ni.dll

MD5: 656760ac66f3910f76f990d16a93916d C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#

\872d9ab7e9259b407668c38b6112499e\System.ServiceProcess.ni.dll

MD5: b4d206f868544660a91cc2d69a4e4fc6 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions

\caa6d0e3ec056ab964616da777c2fcb1\System.Transactions.ni.dll

MD5: d029ebbbc5decbd39a024c06640eb771 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms

\87a79dd88275c7e7536a0476f2ed79aa\System.Windows.Forms.ni.dll

MD5: be1fe24c9a7165e6f2912b075d4c4c6c C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml

\e04d9231de2f5d2ababdb425df670e63\System.Xml.ni.dll

MD5: ebbf1a8e345ba337956bee9b21dc622f C:\Windows\assembly\NativeImages_v2.0.50727_64\System

\d5bc322d03a6628891b1e1232c4815af\System.ni.dll

MD5: bf6ee4abe21fa2f5be2713b494dbe837 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase

\a6d9b6658c7778345cc60fe0d9bb6e64\WindowsBase.ni.dll

MD5: bd7bd4e342ab3ab84c1441aa76213605 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib

\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll

MD5: 7fd5da8145c09858ac201d4a29df242d C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration

\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll

MD5: 19348207eadadf20555601d4513793d5 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core

\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll

MD5: 3fdcd4b976af5ff4b345cb5cdbf19490 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing

\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll

MD5: 40cb47f60854703f7a13594fe01b6486 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#

\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll

MD5: 2d035877d6658c12b70ed978baf7b3ec C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms

\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll

MD5: 73d67a7f55a6438f10e35f16d47aba29 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml

\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll

MD5: 82e1ff067a74bf3ec61d1962ad9335bc C:\Windows\assembly\NativeImages_v4.0.30319_32\System

\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll

MD5: 2b262eac98e350d1568a70add72e8a85 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib

\b10e2a4a87b27f241113ead9433e25da\mscorlib.ni.dll

MD5: 73a3dfd4aba5e26040a0e8c75824ea7f C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing

\9cb0648c04e4358cf0a4973e97db37b7\System.Drawing.ni.dll

MD5: 9a38fd1c0583dc6e0bd3da9489342731 C:\Windows\assembly\NativeImages_v4.0.30319_64\System

\b0fb08b12d22c8f5a5cf76de090816e2\System.ni.dll

MD5: 9149e19db451df6c7735942dc71451c8 C:\Windows\Downloaded Program Files\asusTek_sys_ctrl.dll

MD5: 41a5048e49372f091b2ae5a5b705b72d C:\Windows\SysWOW64\ACEngSvr.exe

MD5: 680643960a81fb929959010f68d8a2bf C:\Windows\SysWOW64\rpcnet.dll

MD5: 564820c1522ff9686b9080762e482c5b C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe

MD5: 6061114558d3d1cbe66f2ef2af148966 C:\Windows\winsxs

\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll

MD5: b1fdcfff7609e121c10751a669ab1611 C:\Windows\winsxs

\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll

MD5: 442235ac4f20b195f932990cae47408e C:\Windows\winsxs

\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll

The following file(s) must be uploaded for server-side scanning:

C:\Program Files (x86)\PhotoSync\ZeroconfService.dll

Upload started - 1 file(s)

ZeroconfService.dll (36864)

Upload speed - 7 KB/s

Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 23 sec

Total traffic - 0.16 MB sent, 4.52 KB recvd

Scanned 2287 files and modules - 131 seconds

==============================================================================

Link to post
Share on other sites

checkit

Results of screen317's Security Check version 0.99.31

Windows 7 x64 (UAC is enabled)

Internet Explorer 9

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET Online Scanner v3

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Java 6 Update 20

Java 6 Update 30

Java version out of date!

Adobe Reader 9 Adobe Reader out of date!

Mozilla Firefox (10.0.2)

````````````````````````````````

Process Check:

objlist.exe by Laurent

AVG avgwdsvc.exe

AVG avgtray.exe

``````````End of Log````````````

Link to post
Share on other sites

info.txt logfile of random's system information tool 1.09 2012-02-23 15:28:02

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

-->C:\Windows\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll -pluginres CtCamPin.crl -langid 0x0409

abgx360 v1.0.5-->"C:\Program Files (x86)\abgx360\uninstall.exe"

Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Anchor Service x64 CS4-->MsiExec.exe /I{887797BF-37A5-4199-B0C9-0D38D6196E9A}

Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe CMaps x64 CS4-->MsiExec.exe /I{90BA8112-80B3-4617-A3C1-BD2771B60F74}

Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}

Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}

Adobe Creative Suite 4 Design Premium-->C:\Program Files (x86)\Common Files\Adobe\Installers\55230b0b70661df0f212e88f0b655f7\Setup.exe --uninstall=1

Adobe Creative Suite 4 Design Premium-->MsiExec.exe /I{A2881E09-38DB-4F79-9135-00FDA01768A7}

Adobe CSI CS4 x64-->MsiExec.exe /I{8DAA31EB-6830-4006-A99F-4DF8AB24714F}

Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}

Adobe Director 11.5-->C:\Program Files (x86)\Common Files\Adobe\Installers\46f17ca4f5daa9524ac09ba8d50e980\Setup.exe --uninstall=1

Adobe Director 11.5-->MsiExec.exe /I{D16C7CA3-4877-4905-99B4-A071FA4B3CDB}

Adobe Drive CS4 x64-->MsiExec.exe /I{A3454894-144A-4D80-B605-C128FE0D7329}

Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}

Adobe Flash Player 11 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin

Adobe Fonts All x64-->MsiExec.exe /I{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}

Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}

Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}

Adobe InDesign CS4 Icon Handler x64-->MsiExec.exe /I{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}

Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}

Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}

Adobe Linguistics CS4 x64-->MsiExec.exe /I{8875A1C0-6308-4790-8CF6-D34E89880052}

Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe PDF Library Files x64 CS4-->MsiExec.exe /I{DFFABE78-8173-4E97-9C5C-22FB26192FC5}

Adobe Photoshop CS4 (64 Bit)-->MsiExec.exe /I{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}

Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}

Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}

Adobe Photoshop Lightroom 3.3 64-bit-->MsiExec.exe /I{CFFF260C-F510-45BB-8F8E-1D4AC1232786}

Adobe Reader 9.5.0 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}

Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}

Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

Adobe Setup-->MsiExec.exe /I{A128921B-D03F-4BFB-8141-C365AA48D660}

Adobe Setup-->MsiExec.exe /I{D1604A7C-12BE-44C5-9361-8127B44869F1}

Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}

Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Type Support x64 CS4-->MsiExec.exe /I{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe WinSoft Linguistics Plugin x64-->MsiExec.exe /I{295CFB7C-A57E-4313-93E7-68E7CE1D0332}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Air Video Server 2.4.3-->C:\Program Files (x86)\AirVideoServer\uninst.exe

Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}\setup.exe -runfromtemp

Apple Application Support-->MsiExec.exe /I{343666E2-A059-48AC-AD67-230BF74E2DB2}

Apple Mobile Device Support-->MsiExec.exe /I{75104836-CAC7-444E-A39E-3F54151942F5}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}

ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}

ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"

ASUS FancyStart-->MsiExec.exe /I{60D6618B-153F-4353-8185-908E676E5888}

ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9

ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9

ASUS Power4Gear Hybrid-->MsiExec.exe /I{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}

ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}

ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}

ASUS U Series Bamboo ScreenSaver-->C:\Windows\ASUS U Series Bamboo ScreenSaver Uninstaller.exe

ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}

ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly

ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}

AVG 2011-->"C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall

AVG 2011-->MsiExec.exe /I{61A3F855-4587-4187-9D77-2EF8CD825A47}

AVG 2011-->MsiExec.exe /I{8FE5B227-1506-4CCE-9002-CC26D6B3F7AA}

BANDA ANCHA DE TELCEL-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -l0x9 -removeonly

Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"

Bing Bar-->MsiExec.exe /X{B4089055-D468-45A4-A6BA-5A138DD715FC}

BlackBerry Desktop Software 6.1-->MsiExec.exe /I{75157F34-02C6-4831-BD66-3BC49E7A8394}

BlackBerry Desktop Software 6.1-->MsiExec.exe /i{75157F34-02C6-4831-BD66-3BC49E7A8394}

BlackBerry Device Software Updater-->MsiExec.exe /X{B0A92733-C870-415C-A494-DF72C2C58402}

BlackBerry Device Software v4.5.0 for the BlackBerry 8100 smartphone-->MsiExec.exe /X{17BC8909-234D-4C4B-9FD7-C909D3B8560A}

Boingo Wi-Fi-->MsiExec.exe /X{B653A2EC-D816-4498-A4FD-651047AB9DC9}

Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}

Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}

ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}

Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00)-->C:\Windows\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll -pluginres CtCamPin.crl -langid 0x0409

Curse Client-->C:\Program Files (x86)\Curse\uninstall.exe

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

DVDFab Passkey 8.0.2.6 (17/03/2011)-->"C:\Program Files (x86)\DVDFab Passkey\unins000.exe"

Email Address Collector-->MsiExec.exe /I{8EE6F24B-4409-48DB-AFA3-71B00C142CE9}

ERUNT 1.1j-->"C:\Program Files (x86)\ERUNT\unins000.exe"

ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

ETDWare PS/2-x64 7.0.5.11_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe

ExpressGate Cloud-->"C:\Program Files (x86)\InstallShield Installation Information\{499DED08-6FA8-4749-8E94-8526CC9D1CA8}\setup.exe" -runfromtemp -l0x0409 -removeonly

ExpressGate Cloud-->MsiExec.exe /X{499DED08-6FA8-4749-8E94-8526CC9D1CA8}

Fast Boot-->MsiExec.exe /X{13F4A7F3-EABC-4261-AF6B-1317777F0755}

Fhotoroom Dreamy x64 1.5-->C:\PROGRA~3\TARMAI~1\{68699~1\Setup.exe /remove /q0

FileZilla Client 3.5.0-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe

Filter Forge Freepack 2 - Photo Effects 2.009-->"C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Plug-ins\Filter Forge Freepack 2 - Photo Effects\unins000.exe"

FreeStyler-->"c:\FreeStyler\unins000.exe"

GOM Player-->"C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe"

Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

Google SketchUp 8-->MsiExec.exe /X{B700113B-24A8-4D4C-8484-0CC944F764C8}

Google Talk Plugin-->MsiExec.exe /I{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Handbrake 0.9.4-->C:\Program Files (x86)\Handbrake\uninst.exe

HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

Hotspot Shield 1.57-->C:\Program Files (x86)\Hotspot Shield\Uninstall.exe

HTC Driver Installer-->MsiExec.exe /X{6D6664A9-3342-4948-9B7E-034EFE366F0F}

ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"

Intel PROSet Wireless-->Intel PROSet Wireless

Intel® Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm

Intel® Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel® Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall

Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall

Intel® PROSet/Wireless WiFi Software-->MsiExec /I{1A8BA6CE-822D-4888-89E2-ACBF4308F271}

Intel® Wireless Display-->MsiExec.exe /X{C298FF86-AB23-4B58-AC53-A23383C07B3A}

Internet Telcel Banda Ancha-->C:\Program Files (x86)\Internet Telcel Banda Ancha2\uninst.exe

iTunes-->MsiExec.exe /I{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}

Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020F0}

Java 6 Update 30-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}

Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}

kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}

Magic Bullet PhotoLooks for Lightroom-->"C:\Program Files (x86)\InstallShield Installation Information\{CB6985F9-6DD1-4CD0-A8F4-6310588CF412}\setup.exe" -runfromtemp -l0x0409 -removeonly

Magic Bullet PhotoLooks for Lightroom-->MsiExec.exe /I{CB6985F9-6DD1-4CD0-A8F4-6310588CF412}

Magic Bullet PhotoLooks for Photoshop 64 bit-->"C:\Program Files (x86)\InstallShield Installation Information\{7B397980-84A8-40F2-8E88-DFA50E516E8E}\setup.exe" -runfromtemp -l0x0409 -removeonly

Magic Bullet PhotoLooks for Photoshop 64 bit-->MsiExec.exe /I{7B397980-84A8-40F2-8E88-DFA50E516E8E}

MagicTracer 2.0-->C:\Program Files (x86)\Elgorithms\MagicTracer 2.0\Uninstall\MTuninstall.exe

Malwarebytes Anti-Malware version 1.60.1.1000-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

MediaMonkey 3.2-->"C:\Program Files (x86)\MediaMonkey\unins000.exe"

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175-->MsiExec.exe /X{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}

Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}

Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft_VC100_CRT_SP1_x64-->MsiExec.exe /I{680EDA59-9266-44B4-949E-0C24F65DFF82}

Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}

MozBackup 1.4.10-->C:\Program Files (x86)\MozBackup\Uninstall.exe

Mozilla Firefox 10.0.2 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

Mp3tag v2.47b-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE

MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}

MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}

MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}

MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}

NEC Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\setup.exe" -runfromtemp -l0x0409 -removeonly

NEC Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B}

Nokia Connectivity Cable Driver-->MsiExec.exe /I{AF88496B-4BBA-4922-97E9-2582D3A28358}

Nokia Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer.exe

Nokia Suite-->MsiExec.exe /X{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}

NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel

NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI

NVIDIA Updatus-->"C:\Program Files (x86)\InstallShield Installation Information\{7357286A-CBE7-4F4A-BABC-EC4B3DD63862}\setup.exe" -runfromtemp -l0x0009

OpenOffice.org 3.2-->MsiExec.exe /I{5A13987D-55F4-4271-A40E-76AC9B1B38FD}

PC Auto Shutdown 4.3-->"C:\Program Files (x86)\PC Auto Shutdown\unins000.exe"

PC Connectivity Solution-->MsiExec.exe /I{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

Photoshop Camera Raw_x64-->MsiExec.exe /I{2D74E972-5A85-44DC-9193-8A302BA8C181}

Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}

PhotoSync-->MsiExec.exe /I{84ECAA79-BFE1-41A9-AB79-DAC7CF2CBA5F}

Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"

QuickPar 0.9-->C:\Program Files (x86)\QuickPar\uninst.exe

QuickTime-->MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly

SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe

SecondLifeViewer2 (remove only)-->"C:\Program Files (x86)\SecondLifeViewer2\uninst.exe"

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}

ShowMagic SL Free Edition-->MsiExec.exe /I{2EE16B36-F3B1-446E-B295-FA8F83A84BC5}

Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}

Smoke demo by NVIDIA (remove only)-->"C:\Program Files (x86)\NVIDIA Corporation\NVidia Demos\Smoke\uninstall.exe"

SRS Premium Sound Control Panel-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}

Subtitle Edit v3.1-->"C:\Program Files (x86)\Subtitle Edit\unins000.exe"

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe

ultraDMX Configuration-->MsiExec.exe /I{2E34B5E5-6534-4052-A445-000038A08831}

Uninstall DreamSuite Bonus-->C:\Windows\unvise32.exe C:\PROGRAM FILES (X86)\ADOBE\ADOBE PHOTOSHOP CS4\PLUG-INS\DreamSuite Bonus\DreamSuite Bonus Uninstall.log

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}

Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {97FF6C46-CE3A-47F6-BA6B-3D743ACA4054}

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}

Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}

Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}

Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}

USB2.0 UVC 2M WebCam-->C:\Windows\snuninst.exe /name='USB2.0 UVC 2M WebCam'

UseNeXT-->"C:\Program Files (x86)\UseNeXT\unins000.exe"

Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}

WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}

Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm.inf_amd64_neutral_9967492e3f5b8af1\bcbtums-win7x64-brcm.inf

Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums64.inf_amd64_neutral_d7fa6cc9d085915b\bcbtums64.inf

Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbthid64.inf_amd64_neutral_30e334a6360cd4b9\bcbthid64.inf

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf

Windows Live Call-->MsiExec.exe /I{E6158D07-2637-4ECF-B576-37C489669174}

Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}

Windows Live Family Safety-->MsiExec.exe /X{5AC309D7-93D6-418F-8DCA-DD710724A5B4}

Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}

Windows Live Messenger-->MsiExec.exe /X{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}

Windows Live Photo Gallery-->MsiExec.exe /X{EE39FFBD-544E-49E4-A999-6819828EAE91}

Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}

Windows Live Sync-->MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}

Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}

WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}

World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 activate.adobe.com

======System event log======

Computer Name: Bamboo

Event Code: 10

Message: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.

Record Number: 18345

Source Name: ACPI

Time Written: 20110204071636.534001-000

Event Type: Error

User:

Computer Name: Bamboo

Event Code: 10

Message: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.

Record Number: 18344

Source Name: ACPI

Time Written: 20110204071636.534001-000

Event Type: Error

User:

Computer Name: Bamboo

Event Code: 10

Message: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.

Record Number: 18316

Source Name: ACPI

Time Written: 20110204042045.559003-000

Event Type: Error

User:

Computer Name: Bamboo

Event Code: 10

Message: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.

Record Number: 18315

Source Name: ACPI

Time Written: 20110204042045.559003-000

Event Type: Error

User:

Computer Name: Bamboo

Event Code: 8003

Message: The master browser has received a server announcement from the computer COMPAQ that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0032DA26-9A9C-4644-8E30-CDE40970747A}. The master browser is stopping or an election is being forced.

Record Number: 18288

Source Name: bowser

Time Written: 20110203231029.273740-000

Event Type: Error

User:

=====Application event log=====

Computer Name: Bamboo

Event Code: 11

Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 332) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.

Record Number: 958

Source Name: Microsoft-Windows-RPC-Events

Time Written: 20101014041657.537766-000

Event Type: Warning

User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Bamboo

Event Code: 513

Message: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:

The system cannot find the file specified.

.

Record Number: 890

Source Name: Microsoft-Windows-CAPI2

Time Written: 20101014040926.317729-000

Event Type: Error

User:

Computer Name: Bamboo

Event Code: 20

Message:

Record Number: 833

Source Name: Google Update

Time Written: 20101014040532.000000-000

Event Type: Error

User: NT AUTHORITY\SYSTEM

Computer Name: Bamboo

Event Code: 1008

Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 824

Source Name: Microsoft-Windows-Search

Time Written: 20101014040452.000000-000

Event Type: Warning

User:

Computer Name: Bamboo

Event Code: 1

Message: LMS Service cannot connect to Intel® MEI driver

Record Number: 812

Source Name: LMS

Time Written: 20101013190353.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Bamboo

Event Code: 4907

Message: Auditing settings on object were changed.

Subject:

Security ID: S-1-5-18

Account Name: BAMBOO$

Account Domain: YANDARA

Logon ID: 0x3e7

Object:

Object Server: Security

Object Type: File

Object Name: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

Handle ID: 0x1c

Process Information:

Process ID: 0x14c0

Process Name: C:\Windows\System32\poqexec.exe

Auditing Settings:

Original Security Descriptor:

New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 20731

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110322154049.139064-000

Event Type: Audit Success

User:

Computer Name: Bamboo

Event Code: 4907

Message: Auditing settings on object were changed.

Subject:

Security ID: S-1-5-18

Account Name: BAMBOO$

Account Domain: YANDARA

Logon ID: 0x3e7

Object:

Object Server: Security

Object Type: File

Object Name: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

Handle ID: 0x1c

Process Information:

Process ID: 0x14c0

Process Name: C:\Windows\System32\poqexec.exe

Auditing Settings:

Original Security Descriptor:

New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 20730

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110322154049.107864-000

Event Type: Audit Success

User:

Computer Name: Bamboo

Event Code: 4907

Message: Auditing settings on object were changed.

Subject:

Security ID: S-1-5-18

Account Name: BAMBOO$

Account Domain: YANDARA

Logon ID: 0x3e7

Object:

Object Server: Security

Object Type: File

Object Name: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

Handle ID: 0x1c

Process Information:

Process ID: 0x14c0

Process Name: C:\Windows\System32\poqexec.exe

Auditing Settings:

Original Security Descriptor:

New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 20729

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110322154049.092264-000

Event Type: Audit Success

User:

Computer Name: Bamboo

Event Code: 4907

Message: Auditing settings on object were changed.

Subject:

Security ID: S-1-5-18

Account Name: BAMBOO$

Account Domain: YANDARA

Logon ID: 0x3e7

Object:

Object Server: Security

Object Type: File

Object Name: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe

Handle ID: 0x1c

Process Information:

Process ID: 0x14c0

Process Name: C:\Windows\System32\poqexec.exe

Auditing Settings:

Original Security Descriptor:

New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 20728

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110322154049.076664-000

Event Type: Audit Success

User:

Computer Name: Bamboo

Event Code: 4907

Message: Auditing settings on object were changed.

Subject:

Security ID: S-1-5-18

Account Name: BAMBOO$

Account Domain: YANDARA

Logon ID: 0x3e7

Object:

Object Server: Security

Object Type: File

Object Name: C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

Handle ID: 0x1c

Process Information:

Process ID: 0x14c0

Process Name: C:\Windows\System32\poqexec.exe

Auditing Settings:

Original Security Descriptor:

New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 20727

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110322154049.061064-000

Event Type: Audit Success

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=4

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel

"PROCESSOR_REVISION"=2505

"configsetroot"=%SystemRoot%\ConfigSetRoot

"asl.log"=Destination=file

"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Link to post
Share on other sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Ravemind at 2012-02-23 15:27:20

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 27 GB (17%) free of 153 GB

Total RAM: 3893 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 3:27:59 PM, on 2/23/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\PhotoSync\PhotoSync.exe

C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Windows\V0330Mon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files\trend micro\Ravemind.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

O3 - Toolbar: GOM Player + Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe

O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [PC Auto Shutdown] "C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [V0330Mon.exe] C:\Windows\V0330Mon.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [DVDFab Passkey] "C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Ravemind\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [PhotoSync] C:\Program Files (x86)\PhotoSync\PhotoSync.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3847608901-4134820971-3961995542-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3847608901-4134820971-3961995542-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: FancyStart daemon.lnk = ?

O4 - Global Startup: SRS Premium Sound.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Autorun CDROM Monitor - Unknown owner - C:\Windows\system32\SupportAppXL\cdrom_mon.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PCAutoShutdown_Service - GoldSolution Software, Inc. - C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 16803 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe -session -first

"C:\Windows\system32\FBAgent.exe"

C:\Windows\system32\WLANExt.exe 30076928

\??\C:\Windows\system32\conhost.exe "1963708337-1371810894-1630762365-1133254288-12759326898833187273462030751575906070

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe

"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"

"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"

"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" -product HSS

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"

"C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

C:\Windows\SysWOW64\rpcnet.exe

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG10\avgemca.exe"

\??\C:\Windows\system32\conhost.exe "-1780899334402427935-2264274351070298674278617525-1676092621-9737471671051844940

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"taskhost.exe"

taskeng.exe {3E99752E-978F-4316-99A3-F0A7F6FD7060}

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"

"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"

"C:\Program Files\P4G\BatteryLife.exe"

"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"

"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"

"C:\Program Files\Elantech\ETDCtrl.exe"

"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files (x86)\PhotoSync\PhotoSync.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"

"C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"

"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"

ATKOSD.exe

"C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe"

"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h

"C:\Program Files\Elantech\ETDCtrlHelper.exe"

"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

KBFiltr.exe

WDC.exe

"C:\Windows\V0330Mon.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Windows\AsScrPro.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=dde8e41c-fa4b-4e18-a530-2320a837d665 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\8aa7323f-69a2-4652-9fe8-27501a268839-b28-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1760.16369d50.1353000899 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 1760 "\\.\pipe\gecko-crash-server-pipe.1760" plugin

"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe"

\??\C:\Windows\system32\conhost.exe "-722908994143435611219117290901823091014947132798-800627308302739701951156599

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"

\??\C:\Windows\system32\conhost.exe "1286655872-1562246998781241912022871581548064612277595688-1670318930-1036581669

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Users\Ravemind\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847608901-4134820971-3961995542-1001Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847608901-4134820971-3961995542-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ravemind\AppData\Roaming\Mozilla\Firefox\Profiles\wbi7rwmu.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/"

prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10.1 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]

"Description"=Yahoo Messenger State Plugin

"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]

"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers

"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10.1 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\

afurladvisor@anchorfree.com

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

npdeployJava1.dll

NPOFF12.DLL

nppdf32.DEU

nppdf32.dll

nppdf32.FRA

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Users\Ravemind\AppData\Roaming\Mozilla\Firefox\Profiles\wbi7rwmu.default\extensions\

{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-09-09 3561824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]

Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]

Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [2010-09-22 284208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

GOM Player + Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]

Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll [2010-09-22 230448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{D4027C7F-154A-4066-A1AD-4243D8127440} - GOM Player + Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-15 1754448]

"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]

"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-22 323584]

"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-03-05 1928976]

"Setwallpaper"=c:\programdata\SetWallpaper.cmd []

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]

"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DVDFab Passkey"=C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe [2011-03-17 1007608]

"Google Update"=C:\Users\Ravemind\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 136176]

"PhotoSync"=C:\Program Files (x86)\PhotoSync\PhotoSync.exe [2012-01-18 1731184]

""= []

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

C:\Windows\AsScrPro.exe [2010-09-22 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-09-22 2429]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496]

"SessionLogon"=C:\ExpressGateUtil\SessionLogon.exe []

"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2012-01-17 2339168]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

""= []

"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

"PC Auto Shutdown"=C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe [2010-04-19 1387520]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192]

"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-09-27 59240]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]

"V0330Mon.exe"=C:\Windows\V0330Mon.exe [2007-04-30 32768]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-12-08 421736]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

FancyStart daemon.lnk - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe

SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rpcnet]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux3"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-02-23 15:27:20 ----D---- C:\rsit

2012-02-23 15:27:20 ----D---- C:\Program Files\trend micro

2012-02-23 15:24:39 ----D---- C:\Windows\ERDNT

2012-02-23 15:23:42 ----D---- C:\Program Files (x86)\ERUNT

2012-02-21 20:22:19 ----D---- C:\Program Files (x86)\ESET

2012-02-15 22:21:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2012-02-15 22:21:19 ----A---- C:\Windows\system32\mshtmled.dll

2012-02-15 22:21:18 ----A---- C:\Windows\system32\iertutil.dll

2012-02-15 22:21:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2012-02-15 22:21:17 ----A---- C:\Windows\system32\jscript9.dll

2012-02-15 22:21:16 ----A---- C:\Windows\SYSWOW64\url.dll

2012-02-15 22:21:16 ----A---- C:\Windows\SYSWOW64\ieui.dll

2012-02-15 22:21:16 ----A---- C:\Windows\system32\url.dll

2012-02-15 22:21:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2012-02-15 22:21:15 ----A---- C:\Windows\SYSWOW64\jscript.dll

2012-02-15 22:21:15 ----A---- C:\Windows\system32\jscript.dll

2012-02-15 22:21:15 ----A---- C:\Windows\system32\ieui.dll

2012-02-15 22:21:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2012-02-15 22:21:14 ----A---- C:\Windows\system32\urlmon.dll

2012-02-15 22:21:12 ----A---- C:\Windows\SYSWOW64\wininet.dll

2012-02-15 22:21:12 ----A---- C:\Windows\system32\wininet.dll

2012-02-15 22:21:12 ----A---- C:\Windows\system32\jsproxy.dll

2012-02-15 22:21:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2012-02-15 22:21:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2012-02-15 22:21:06 ----A---- C:\Windows\system32\mshtml.dll

2012-02-15 22:21:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2012-02-15 22:21:02 ----A---- C:\Windows\system32\ieframe.dll

2012-02-15 22:06:36 ----A---- C:\Windows\system32\drivers\afd.sys

2012-02-15 22:06:35 ----A---- C:\Windows\system32\msvcrt.dll

2012-02-15 22:06:34 ----A---- C:\Windows\SYSWOW64\msvcrt.dll

2012-02-15 22:06:28 ----A---- C:\Windows\system32\win32k.sys

2012-01-31 14:22:31 ----A---- C:\Windows\system32\schannel.dll

2012-01-31 14:22:30 ----A---- C:\Windows\SYSWOW64\webio.dll

2012-01-31 14:22:30 ----A---- C:\Windows\SYSWOW64\schannel.dll

2012-01-31 14:22:30 ----A---- C:\Windows\system32\webio.dll

2012-01-31 14:22:30 ----A---- C:\Windows\system32\lsass.exe

2012-01-31 14:22:30 ----A---- C:\Windows\system32\lsasrv.dll

2012-01-31 14:22:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2012-01-31 14:22:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2012-01-31 14:22:30 ----A---- C:\Windows\system32\drivers\cng.sys

2012-01-31 14:22:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2012-01-31 14:22:29 ----A---- C:\Windows\SYSWOW64\secur32.dll

2012-01-31 14:22:29 ----A---- C:\Windows\system32\sspisrv.dll

2012-01-31 14:22:29 ----A---- C:\Windows\system32\sspicli.dll

2012-01-31 14:22:29 ----A---- C:\Windows\system32\secur32.dll

2012-01-25 22:43:45 ----A---- C:\Windows\SYSWOW64\quartz.dll

2012-01-25 22:43:45 ----A---- C:\Windows\system32\quartz.dll

2012-01-25 22:43:44 ----A---- C:\Windows\SYSWOW64\qdvd.dll

2012-01-25 22:43:43 ----A---- C:\Windows\system32\qdvd.dll

2012-01-25 22:43:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2012-01-25 22:43:41 ----A---- C:\Windows\system32\ntdll.dll

2012-01-25 22:43:40 ----A---- C:\Windows\SYSWOW64\packager.dll

2012-01-25 22:43:40 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2012-02-23 15:27:54 ----D---- C:\Windows\Prefetch

2012-02-23 15:27:20 ----RD---- C:\Program Files

2012-02-23 15:24:39 ----D---- C:\Windows

2012-02-23 15:23:42 ----RD---- C:\Program Files (x86)

2012-02-23 10:16:35 ----D---- C:\Windows\system32\config

2012-02-23 10:01:43 ----D---- C:\Windows\Temp

2012-02-23 10:01:39 ----D---- C:\Windows\system32\drivers\AVG

2012-02-23 09:56:15 ----D---- C:\Users\Ravemind\AppData\Roaming\UseNeXT

2012-02-23 09:56:04 ----A---- C:\Windows\system32\rpcnetp.exe

2012-02-22 20:50:36 ----D---- C:\Windows\System32

2012-02-22 20:50:36 ----D---- C:\Windows\inf

2012-02-22 20:50:36 ----A---- C:\Windows\system32\PerfStringBackup.INI

2012-02-22 00:00:25 ----A---- C:\Windows\system32\acovcnt.exe

2012-02-21 20:22:20 ----D---- C:\Windows\Downloaded Program Files

2012-02-21 17:36:49 ----D---- C:\Windows\system32\wdi

2012-02-21 17:35:48 ----D---- C:\Windows\system32\Tasks

2012-02-21 17:35:24 ----HD---- C:\ASUS.DAT

2012-02-21 17:33:34 ----A---- C:\Windows\SYSWOW64\rpcnet.dll

2012-02-21 17:33:33 ----A---- C:\Windows\SYSWOW64\log.txt

2012-02-21 17:33:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2012-02-21 17:33:09 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2012-02-21 11:42:39 ----D---- C:\Program Files (x86)\Mozilla Firefox

2012-02-21 10:38:07 ----SHD---- C:\Windows\Installer

2012-02-20 11:05:14 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-02-20 11:05:11 ----D---- C:\Windows\system32\drivers

2012-02-20 10:49:58 ----SHD---- C:\System Volume Information

2012-02-15 23:56:03 ----D---- C:\Windows\Microsoft.NET

2012-02-15 23:56:02 ----RSD---- C:\Windows\assembly

2012-02-15 23:18:54 ----D---- C:\Windows\SysWOW64

2012-02-15 23:18:54 ----D---- C:\Program Files (x86)\Realtek

2012-02-15 23:18:42 ----D---- C:\Windows\system32\DriverStore

2012-02-15 23:18:42 ----D---- C:\Windows\system32\catroot

2012-02-15 22:48:53 ----D---- C:\Windows\winsxs

2012-02-15 22:46:16 ----D---- C:\Windows\SYSWOW64\migration

2012-02-15 22:46:16 ----D---- C:\Windows\system32\migration

2012-02-15 22:46:16 ----D---- C:\Program Files\Internet Explorer

2012-02-15 22:46:16 ----D---- C:\Program Files (x86)\Internet Explorer

2012-02-15 22:38:46 ----D---- C:\ProgramData\Microsoft Help

2012-02-15 22:21:42 ----D---- C:\Windows\system32\catroot2

2012-02-15 22:02:20 ----D---- C:\Users\Ravemind\AppData\Roaming\Skype

2012-02-05 15:40:57 ----RD---- C:\Program Files (x86)\Skype

2012-02-05 15:40:57 ----D---- C:\ProgramData\Skype

2012-02-04 23:57:53 ----D---- C:\Program Files (x86)\PhotoSync

2012-02-04 23:36:38 ----D---- C:\FreeStyler

2012-01-31 22:32:08 ----D---- C:\Program Files (x86)\UseNeXT

2012-01-28 23:15:54 ----D---- C:\Windows\ehome

2012-01-27 00:41:22 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-04 377936]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]

R3 dvdfab;dvdfab; C:\Windows\system32\drivers\dvdfab.sys [2011-03-16 107904]

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2010-09-22 56832]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]

R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-03-17 7680512]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]

R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2009-01-09 31744]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-13 11264]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 17920]

R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2010-06-18 39832]

S2 DLPortIO;DriverLINX Port I/O Driver; C:\Windows\system32\drivers\DLPortIO.sys []

S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-10-23 46592]

S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-19 1394688]

S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-13 41984]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784]

S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-27 552960]

S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384]

S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]

S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]

S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]

S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]

S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]

S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]

S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]

S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]

S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]

S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720]

S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-02-16 74240]

S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys []

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-05-25 125416]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-05-25 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-05-25 159208]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-04-27 136264]

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-04-27 19016]

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-04-27 172104]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]

S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]

S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

S3 V0330VID;WebCam Vista/Live! Cam Chat VF0330; C:\Windows\system32\DRIVERS\V0330Vid.sys [2009-07-03 193408]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-07 379520]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]

R2 Autorun CDROM Monitor;Autorun CDROM Monitor; C:\Windows\syswow64\SupportAppXL\cdrom_mon.exe [2007-11-02 81920]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]

R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-02 864032]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-03-05 1425168]

R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2010-10-15 326704]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-11-04 268824]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-22 159336]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-06-22 1616488]

R2 PCAutoShutdown_Service;PCAutoShutdown_Service; C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe [2010-04-19 441624]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-03-05 831760]

R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2011-06-20 58288]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]

R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 934760]

S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-22 135664]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-18 1038088]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-18 655624]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-22 135664]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-09-23 136120]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-03-05 340240]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-25 1255736]

-----------------EOF-----------------

Link to post
Share on other sites

I am not seeing malware on your system. Plus, note the BitDefender scan found NO infection.

Update some utilities (Adobe Reader & Java runtime) and do another scan.

Step 1

Check to insure your Adobe Reader is up-to-date for any patches/fixes.

Start Adobe Reader. Go to the Help menu item, select the Check for Updates option, and follow the prompts.

Step 2

javaicon.gifYour Java runtime is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of >> Windows 7/XP/Vista/2000/2003/2008 Offline << from here and save it to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, select Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name.
    De-install Java 6 Update 20 and
    Java 6 Update 30
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u31-windows-i586-s.exe to install the newest version.
    ( jre-6u31-windows-x64.exe if this is a 64-bit Windows o.s.)

  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) javaicon.gif
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      • Applications and Applets
        Trace and Log Files

      [*]Click OK on Delete Temporary Files Window

      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

      [*]Click OK to leave the Temporary Files Window

Small tweaks for Java runtime, since most all users do not need to load Java at each Windows startup:

Click Advanced Tab. Expand the Miscellaneous item.

UN-check the line Java quick starter

Press Apply then OK. Close the applet when done.

To test your Java Run-time, you may go to this page http://www.java.com/en/download/help/testvm.xml

When all is well, you should see Java Version: Java 6 Update 31 from Sun Microsystems Inc.

Step 3

Temporarily disable your AVG anti-virus

then download, Save, & then run the MS Safety Scanner

http://www.microsoft.com/security/scanner/en-us/default.aspx

Step 4

When done, re-enable your AVG.

Check to insure that your anti-virus program is enabled (it seems you have AVG 2011) and it is fully up-to-date.

Tell me, How is your system now?

Link to post
Share on other sites

For the time being, use your IE to revisit whatsmyuseragent(dot)com

From the screen result, copy the entire topmost user agent line.

Do the same with your Firefox and post that string here too.

It's possible your browser's user agent description is way too long. Or maybe you turned off Javascript (which is not good idea for banking). Are you using an anonymizer ? What is unique for your browser??

You very well may have to actually call up your bank's tech support on the telephone and do a one-on-one conference.

I am assuming your install of IE 9 went without a hitch.

Link to post
Share on other sites

P.S. You may try to do online banking using IE Compatibility View.

Websites that were designed for earlier versions of Windows Internet Explorer might not display correctly in Internet Explorer 9. However, you can often improve how a website will look by using a feature called Compatibility View.

How to use Compatibility View in Internet Explorer 9

http://windows.microsoft.com/en-US/windows7/How-to-use-Compatibility-View-in-Internet-Explorer-9

Let us know if this helps.

Link to post
Share on other sites

Sorry for the delay

IE9

Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MAAU)

firefox

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20100101 Firefox/10.0.2

I normally don't use IE9 so there shouldn't be much unique about it.

Java appers to be working fine. I tested it.

I don't use an anonymizer but I did attemp to use Hotspot Shield once last year. It never worked, but I had trouble uninstalling it. It is still showing up as an addon in IE9, but disabled.

I assume my install if IE9 is ok. I don't know how to be sure. I tried downloading the installer for it, but it says my version is newer and won't do a reinstall.

this is the only other info I have seen about this MAAU problem.

https://community.mc.../message/198935

Link to post
Share on other sites

I highly suggest you drill-thru and research the add-ons in your Internet Explorer.

I.E. menu>> Tools >> Manage add-ons

Make an inventory list. Search for any that have "money".....

If so, disable it. and repeat the user-agent test.

You'll have to do this pretty much on your own. Use decent common sense.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.