MWB cancels scan, HJT won't run, cmd.exe won't load, etc.

[panwalker]

Help!

1 - MalwareBytes Anti-Malware closes automatically a few seconds into any scan, even in Chameleon (Firefox) mode.

2 - HiJackThis won't open.

3 - Cmd.exe won't keep a dos prompt open.

4 - Internet Explorer and Google Chrome won't open (but Firefox will).

5 - DDS.scr and DDS.com won't run.

6 - The local area connection won't disable - says it's trying to establish a connection.

7 - The computer doesn't boot into safe mode, or perhaps I'm not waiting long enough.

[panwalker]

Also, this is Windows XP SP 3.

and I can't extract anything from a zip file anymore, either...

[Maurice Naggar]

Hello and welcome to MalwareBytes forums.

Please do not do or run any other tools or anything on your own. Please follow my guidance. Ask if you have questions.

I am going to ask you to read very carefully. I am asking you to download to unique folder !!

Step 1. Download TDSSKiller.exe

http://support.kaspe.../tdsskiller.exe

and be sure to SAVE it in this folder --> C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

Step 2

Please download ExeFix.reg by farbar and be sure to SAVE it in this folder --> C:\Program Files\Malwarebytes' Anti-Malware\Chameleon.

• 
  
• Right-click on Exefix.reg and select Merge.
  

Step 3. Install the Chameleon driver by doing the following:

Press the Windows key + R and in the Run box, copy and paste the following command then press Enter. Copy All of the line from beginning to end {from the double-quote ...all the way to the last o ......ALL

"C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o

A black DOS prompt will appear with a prompt to press any key to continue, please do.

Step 4

Execute TDSSKiller.exe by doubleclicking on it

Press Start Scan

If Malicious objects are found, ensure Cure is selected (it should be by default)

Click Continue then click Reboot now

Once complete, a log will be produced at the root drive which is typically C:\

For example, C:\TDSSKiller.version_date_time_log.txt

Please Copy & Paste that log in reply.

Edited May 3, 2012 by Maurice Naggar

[panwalker]

Thanks, Maurice.

But something else has shown up. It looks like a Blaster worm.

System shutdown roughly 1 minute after booting. I can run a "shutdown -a" to abort it, but it still ensures that the internet connection never loads... So anything I download to this machine needs to be downloaded to my laptop and burned onto CD, I guess.

Grrrrrr........

[Maurice Naggar]

Quetions for you:

1) This is your computer? a home computer?

2) Do you have your Windows XP CD handy? At this point, it would be a super-duper lifesaver.

3) What name or names did you see on any recent "rogue window" popup ?

4) What happened just before this situation devolved?

Any sort of clue or history may be helpful to figure out what we are dealing with.

5) Have you done the things I listed before ? IF not, then do so right now

6) Earlier, you said

The computer doesn't boot into safe mode, or perhaps I'm not waiting long enough.

For Pete's sake..... ALWAYS have inifinite patience.

You need to take a deep breath and allow it at least 5 minutes to maybe 6 minutes as it attempts to fully load Safe Mode with Networking.

I want you, if the system is still not steady in Windows Normal ......

power off

power ON after about a minute

TAP F8 right away

Select Safe Mode with NETWORKING

do not use / decline any restore option

Safe mode with Networking should put the nasty out of the way, while still allowing internet access

Please provide answers and details

[panwalker]

This is my work machine. I got it running in safe mode (networking) which has no shutdown threat. No threats found... Didn't ask to reboot.

Here's the log:

19:20:25.0484 3560 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

19:20:25.0500 3560 ============================================================

19:20:25.0500 3560 Current date / time: 2012/05/03 19:20:25.0500

19:20:25.0500 3560 SystemInfo:

19:20:25.0500 3560

19:20:25.0500 3560 OS Version: 5.1.2600 ServicePack: 3.0

19:20:25.0500 3560 Product type: Workstation

19:20:25.0500 3560 ComputerName: MIXMASTER

19:20:25.0500 3560 Windows directory: C:\WINDOWS

19:20:25.0500 3560 System windows directory: C:\WINDOWS

19:20:25.0500 3560 Processor architecture: Intel x86

19:20:25.0500 3560 Number of processors: 1

19:20:25.0500 3560 Page size: 0x1000

19:20:25.0500 3560 Boot type: Normal boot

19:20:25.0500 3560 ============================================================

19:20:25.0953 3560 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:20:25.0968 3560 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x764A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050

19:20:25.0984 3560 Drive \Device\Harddisk2\DR6 - Size: 0x1DEFFFE00 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:20:25.0984 3560 ============================================================

19:20:25.0984 3560 \Device\Harddisk0\DR0:

19:20:25.0984 3560 MBR partitions:

19:20:25.0984 3560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1

19:20:25.0984 3560 \Device\Harddisk1\DR1:

19:20:25.0984 3560 MBR partitions:

19:20:25.0984 3560 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4D61

19:20:25.0984 3560 \Device\Harddisk2\DR6:

19:20:25.0984 3560 MBR partitions:

19:20:25.0984 3560 \Device\Harddisk2\DR6\Partition0: MBR, Type 0xB, StartLBA 0x2C, BlocksNum 0xEF3FA4

19:20:25.0984 3560 ============================================================

19:20:26.0015 3560 C: <-> \Device\Harddisk0\DR0\Partition0

19:20:26.0046 3560 D: <-> \Device\Harddisk1\DR1\Partition0

19:20:26.0046 3560 ============================================================

19:20:26.0046 3560 Initialize success

19:20:26.0046 3560 ============================================================

19:20:29.0265 3584 ============================================================

19:20:29.0265 3584 Scan started

19:20:29.0265 3584 Mode: Manual;

19:20:29.0265 3584 ============================================================

19:20:29.0765 3584 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys

19:20:29.0796 3584 61883 - ok

19:20:29.0859 3584 Abiosdsk - ok

19:20:29.0921 3584 abp480n5 - ok

19:20:30.0015 3584 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:20:30.0062 3584 ACPI - ok

19:20:30.0156 3584 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

19:20:30.0156 3584 ACPIEC - ok

19:20:30.0296 3584 Adobe LM Service (3dca27d49522aacf37a4a3e2aca8e0b2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

19:20:30.0312 3584 Adobe LM Service - ok

19:20:30.0375 3584 adpu160m - ok

19:20:30.0484 3584 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

19:20:30.0484 3584 aec - ok

19:20:30.0593 3584 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

19:20:30.0593 3584 AFD - ok

19:20:30.0671 3584 Aha154x - ok

19:20:30.0734 3584 aic78u2 - ok

19:20:30.0796 3584 aic78xx - ok

19:20:30.0921 3584 ALCXSENS (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS

19:20:30.0937 3584 ALCXSENS - ok

19:20:31.0062 3584 ALCXWDM (5ff6f7e58c798f1474c0bbffc23cb78d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

19:20:31.0078 3584 ALCXWDM - ok

19:20:31.0171 3584 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

19:20:31.0171 3584 Alerter - ok

19:20:31.0250 3584 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

19:20:31.0265 3584 ALG - ok

19:20:31.0328 3584 AliIde - ok

19:20:31.0406 3584 AmdK8 (e6a2299284013ec4de3419481a62069f) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

19:20:31.0421 3584 AmdK8 - ok

19:20:31.0484 3584 amsint - ok

19:20:31.0640 3584 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

19:20:31.0656 3584 AppMgmt - ok

19:20:31.0750 3584 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

19:20:31.0750 3584 Arp1394 - ok

19:20:31.0843 3584 asc - ok

19:20:31.0890 3584 asc3350p - ok

19:20:31.0953 3584 asc3550 - ok

19:20:32.0125 3584 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe

19:20:32.0156 3584 aspnet_state - ok

19:20:32.0218 3584 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:20:32.0234 3584 AsyncMac - ok

19:20:32.0312 3584 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

19:20:32.0312 3584 atapi - ok

19:20:32.0390 3584 Atdisk - ok

19:20:32.0500 3584 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:20:32.0500 3584 Atmarpc - ok

19:20:32.0593 3584 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

19:20:32.0593 3584 AudioSrv - ok

19:20:32.0718 3584 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

19:20:32.0734 3584 audstub - ok

19:20:32.0828 3584 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys

19:20:32.0828 3584 Avc - ok

19:20:33.0000 3584 awhost32 (967fc210a533a49993fd5ac147fa0f8f) C:\Program Files\Symantec\pcAnywhere\awhost32.exe

19:20:33.0000 3584 awhost32 - ok

19:20:33.0078 3584 awlegacy (f7e75c620a04963c9a53c3b47da80405) C:\WINDOWS\System32\Drivers\awlegacy.sys

19:20:33.0078 3584 awlegacy - ok

19:20:33.0140 3584 AW_HOST (e3f3b6875d2ead9c03d04fe66dcd84c8) C:\WINDOWS\system32\drivers\aw_host5.sys

19:20:33.0156 3584 AW_HOST - ok

19:20:33.0296 3584 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

19:20:33.0296 3584 Beep - ok

19:20:33.0421 3584 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

19:20:33.0500 3584 BITS - ok

19:20:33.0593 3584 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

19:20:33.0593 3584 Browser - ok

19:20:33.0703 3584 CamDrL (cba8bce5bf67a3c619d5ce540bed9cf7) C:\WINDOWS\system32\DRIVERS\Camdrl.sys

19:20:33.0734 3584 CamDrL - ok

19:20:33.0812 3584 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

19:20:33.0843 3584 cbidf2k - ok

19:20:33.0906 3584 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

19:20:33.0906 3584 CCDECODE - ok

19:20:33.0968 3584 cd20xrnt - ok

19:20:34.0078 3584 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

19:20:34.0093 3584 Cdaudio - ok

19:20:34.0171 3584 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

19:20:34.0171 3584 Cdfs - ok

19:20:34.0281 3584 Cdr4_xp (f5cd239627cec5166721ec683de691ea) C:\WINDOWS\system32\drivers\Cdr4_xp.sys

19:20:34.0281 3584 Cdr4_xp - ok

19:20:34.0343 3584 Cdralw2k (ea775e56cf4be93afc71f8611ff5ffce) C:\WINDOWS\system32\drivers\Cdralw2k.sys

19:20:34.0375 3584 Cdralw2k - ok

19:20:34.0468 3584 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:20:34.0468 3584 Cdrom - ok

19:20:34.0609 3584 cdudf_xp (40c1cb3e65709aec17ca3ce66a4873e0) C:\WINDOWS\system32\drivers\cdudf_xp.sys

19:20:34.0625 3584 cdudf_xp - ok

19:20:34.0687 3584 Changer - ok

19:20:34.0796 3584 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe

19:20:34.0796 3584 cisvc - ok

19:20:34.0921 3584 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

19:20:34.0921 3584 ClipSrv - ok

19:20:34.0984 3584 CmdIde - ok

19:20:35.0062 3584 COMSysApp - ok

19:20:35.0187 3584 Cpqarray - ok

19:20:35.0281 3584 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

19:20:35.0296 3584 CryptSvc - ok

19:20:35.0359 3584 dac2w2k - ok

19:20:35.0453 3584 dac960nt - ok

19:20:35.0546 3584 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

19:20:35.0578 3584 DcomLaunch - ok

19:20:35.0703 3584 DELTA (704c8d42e92dbdb0a0b2afdd277df3b8) C:\WINDOWS\system32\DRIVERS\delta.sys

19:20:35.0718 3584 DELTA - ok

19:20:35.0843 3584 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

19:20:35.0843 3584 Dhcp - ok

19:20:35.0921 3584 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

19:20:35.0921 3584 Disk - ok

19:20:35.0984 3584 dmadmin - ok

19:20:36.0140 3584 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

19:20:36.0187 3584 dmboot - ok

19:20:36.0265 3584 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

19:20:36.0265 3584 dmio - ok

19:20:36.0343 3584 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

19:20:36.0343 3584 dmload - ok

19:20:36.0453 3584 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

19:20:36.0453 3584 dmserver - ok

19:20:36.0500 3584 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

19:20:36.0531 3584 DMusic - ok

19:20:36.0625 3584 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

19:20:36.0625 3584 Dnscache - ok

19:20:36.0750 3584 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

19:20:36.0765 3584 Dot3svc - ok

19:20:36.0812 3584 dpti2o - ok

19:20:36.0890 3584 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

19:20:36.0906 3584 drmkaud - ok

19:20:37.0031 3584 DVDVRRdr_xp (485050f9bdca4c914fa1917dcbb7fe3c) C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys

19:20:37.0031 3584 DVDVRRdr_xp - ok

19:20:37.0109 3584 dvd_2K (00b1291369857416c873b70db96e8126) C:\WINDOWS\system32\drivers\dvd_2K.sys

19:20:37.0109 3584 dvd_2K - ok

19:20:37.0203 3584 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

19:20:37.0203 3584 EapHost - ok

19:20:37.0312 3584 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys

19:20:37.0312 3584 EL90XBC - ok

19:20:37.0406 3584 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

19:20:37.0421 3584 ERSvc - ok

19:20:37.0562 3584 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

19:20:37.0562 3584 Eventlog - ok

19:20:37.0781 3584 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll

19:20:37.0843 3584 EventSystem - ok

19:20:37.0921 3584 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

19:20:37.0921 3584 Fastfat - ok

19:20:38.0031 3584 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

19:20:38.0031 3584 FastUserSwitchingCompatibility - ok

19:20:38.0156 3584 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

19:20:38.0156 3584 Fdc - ok

19:20:38.0234 3584 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

19:20:38.0234 3584 Fips - ok

19:20:38.0421 3584 FlipShare Service (0b9167adfe8e42b6b4c5e929bfbc7080) C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

19:20:38.0437 3584 FlipShare Service - ok

19:20:38.0515 3584 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:20:38.0515 3584 Flpydisk - ok

19:20:38.0640 3584 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

19:20:38.0656 3584 FltMgr - ok

19:20:38.0734 3584 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:20:38.0750 3584 Fs_Rec - ok

19:20:38.0875 3584 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:20:38.0875 3584 Ftdisk - ok

19:20:39.0000 3584 G400 (36feb2ddce5f84128c2a8dbc60538dad) C:\WINDOWS\system32\DRIVERS\G400m.sys

19:20:39.0015 3584 G400 - ok

19:20:39.0156 3584 G400DH (2dd3d27e36ebf6804c40b843ff10872f) C:\WINDOWS\system32\DRIVERS\g400dhm.sys

19:20:39.0171 3584 G400DH - ok

19:20:39.0234 3584 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys

19:20:39.0250 3584 gameenum - ok

19:20:39.0343 3584 Gernuwa (ba294768509fa03fcfe766962dee3cad) C:\WINDOWS\system32\drivers\Gernuwa.sys

19:20:39.0343 3584 Gernuwa - ok

19:20:39.0468 3584 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:20:39.0468 3584 Gpc - ok

19:20:39.0562 3584 GVCplDrv (f22bf7f345df95c09942951246aaa28d) C:\WINDOWS\system32\drivers\GVCplDrv.sys

19:20:39.0578 3584 GVCplDrv - ok

19:20:39.0765 3584 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:20:39.0765 3584 helpsvc - ok

19:20:39.0828 3584 HidServ - ok

19:20:39.0953 3584 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

19:20:39.0968 3584 hkmsvc - ok

19:20:40.0031 3584 hpn - ok

19:20:40.0093 3584 hpt3xx - ok

19:20:40.0250 3584 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

19:20:40.0265 3584 HTTP - ok

19:20:40.0359 3584 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

19:20:40.0375 3584 HTTPFilter - ok

19:20:40.0468 3584 i2omgmt - ok

19:20:40.0546 3584 i2omp - ok

19:20:40.0640 3584 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:20:40.0640 3584 i8042prt - ok

19:20:40.0734 3584 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

19:20:40.0750 3584 Imapi - ok

19:20:40.0843 3584 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\imapi.exe

19:20:40.0843 3584 ImapiService - ok

19:20:40.0984 3584 ini910u - ok

19:20:41.0078 3584 IntelIde - ok

19:20:41.0171 3584 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

19:20:41.0171 3584 ip6fw - ok

19:20:41.0296 3584 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:20:41.0296 3584 IpFilterDriver - ok

19:20:41.0328 3584 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:20:41.0359 3584 IpInIp - ok

19:20:41.0468 3584 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:20:41.0484 3584 IpNat - ok

19:20:41.0546 3584 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:20:41.0562 3584 IPSec - ok

19:20:41.0640 3584 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

19:20:41.0656 3584 IRENUM - ok

19:20:41.0796 3584 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:20:41.0796 3584 isapnp - ok

19:20:41.0984 3584 JavaQuickStarterService (a1509ba3a5fdc5366146e92b3d130eb5) C:\Program Files\Java\jre7\bin\jqs.exe

19:20:42.0000 3584 JavaQuickStarterService - ok

19:20:42.0046 3584 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:20:42.0062 3584 Kbdclass - ok

19:20:42.0140 3584 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

19:20:42.0156 3584 kmixer - ok

19:20:42.0296 3584 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

19:20:42.0312 3584 KSecDD - ok

19:20:42.0406 3584 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

19:20:42.0421 3584 lanmanserver - ok

19:20:42.0546 3584 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

19:20:42.0562 3584 lanmanworkstation - ok

19:20:42.0625 3584 lbrtfdc - ok

19:20:42.0734 3584 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

19:20:42.0750 3584 LmHosts - ok

19:20:42.0843 3584 LVUSBSta (90259f3a20fbaec1a08d74ef5415b9d8) C:\WINDOWS\system32\drivers\lvusbsta.sys

19:20:42.0859 3584 LVUSBSta - ok

19:20:43.0093 3584 Matrox Centering Service (6c9ab5adcb829c6cfa16d0aaea4983ce) c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe

19:20:43.0156 3584 Matrox Centering Service - ok

19:20:43.0343 3584 Matrox.Pdesk.ServicesHost (4cfc7e49de0f9dab2b253e223facaa4a) c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

19:20:43.0359 3584 Matrox.Pdesk.ServicesHost - ok

19:20:43.0500 3584 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys

19:20:43.0515 3584 mbamchameleon - ok

19:20:43.0593 3584 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys

19:20:43.0609 3584 MBAMProtector - ok

19:20:43.0765 3584 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

19:20:43.0796 3584 MBAMService - ok

19:20:43.0906 3584 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

19:20:43.0906 3584 MBAMSwissArmy - ok

19:20:44.0015 3584 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

19:20:44.0015 3584 Messenger - ok

19:20:44.0125 3584 MGABGEXE (966fe72529898a4493be6a1c69df28e1) C:\WINDOWS\system32\mgabg.exe

19:20:44.0140 3584 MGABGEXE - ok

19:20:44.0234 3584 mmc_2K (55f0ab2736235479a8ff1f1d5a0b27ae) C:\WINDOWS\system32\drivers\mmc_2K.sys

19:20:44.0234 3584 mmc_2K - ok

19:20:44.0312 3584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

19:20:44.0312 3584 mnmdd - ok

19:20:44.0453 3584 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe

19:20:44.0453 3584 mnmsrvc - ok

19:20:44.0562 3584 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

19:20:44.0562 3584 Modem - ok

19:20:44.0640 3584 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:20:44.0656 3584 Mouclass - ok

19:20:44.0734 3584 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

19:20:44.0734 3584 MountMgr - ok

19:20:44.0843 3584 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

19:20:44.0875 3584 MpFilter - ok

19:20:44.0937 3584 mraid35x - ok

19:20:45.0015 3584 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:20:45.0015 3584 MRxDAV - ok

19:20:45.0187 3584 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:20:45.0203 3584 MRxSmb - ok

19:20:45.0296 3584 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe

19:20:45.0296 3584 MSDTC - ok

19:20:45.0406 3584 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys

19:20:45.0406 3584 MSDV - ok

19:20:45.0484 3584 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

19:20:45.0484 3584 Msfs - ok

19:20:45.0562 3584 MSIServer - ok

19:20:45.0671 3584 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:20:45.0671 3584 MSKSSRV - ok

19:20:45.0812 3584 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe

19:20:45.0812 3584 MsMpSvc - ok

19:20:45.0906 3584 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:20:45.0906 3584 MSPCLOCK - ok

19:20:45.0984 3584 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

19:20:45.0984 3584 MSPQM - ok

19:20:46.0078 3584 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:20:46.0078 3584 mssmbios - ok

19:20:46.0171 3584 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

19:20:46.0187 3584 MSTEE - ok

19:20:46.0265 3584 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys

19:20:46.0265 3584 ms_mpu401 - ok

19:20:46.0375 3584 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

19:20:46.0375 3584 Mup - ok

19:20:46.0437 3584 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

19:20:46.0437 3584 NABTSFEC - ok

19:20:46.0562 3584 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

19:20:46.0578 3584 napagent - ok

19:20:46.0703 3584 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

19:20:46.0734 3584 NDIS - ok

19:20:46.0812 3584 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

19:20:46.0812 3584 NdisIP - ok

19:20:46.0906 3584 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:20:46.0906 3584 NdisTapi - ok

19:20:47.0015 3584 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:20:47.0015 3584 Ndisuio - ok

19:20:47.0078 3584 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:20:47.0093 3584 NdisWan - ok

19:20:47.0187 3584 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

19:20:47.0203 3584 NDProxy - ok

19:20:47.0281 3584 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

19:20:47.0296 3584 NetBIOS - ok

19:20:47.0359 3584 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

19:20:47.0375 3584 NetBT - ok

19:20:47.0500 3584 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

19:20:47.0500 3584 NetDDE - ok

19:20:47.0562 3584 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

19:20:47.0578 3584 NetDDEdsdm - ok

19:20:47.0656 3584 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe

19:20:47.0656 3584 Netlogon - ok

19:20:47.0765 3584 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

19:20:47.0781 3584 Netman - ok

19:20:47.0875 3584 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

19:20:47.0875 3584 NIC1394 - ok

19:20:48.0015 3584 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

19:20:48.0031 3584 Nla - ok

19:20:48.0140 3584 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

19:20:48.0140 3584 Npfs - ok

19:20:48.0265 3584 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

19:20:48.0296 3584 Ntfs - ok

19:20:48.0359 3584 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe

19:20:48.0375 3584 NtLmSsp - ok

19:20:48.0515 3584 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

19:20:48.0546 3584 NtmsSvc - ok

19:20:48.0640 3584 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

19:20:48.0640 3584 Null - ok

19:20:48.0921 3584 nv (c43d9d777d53d668d1fe683947c9ffe1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:20:49.0078 3584 nv - ok

19:20:49.0281 3584 nvatabus (46deed4c6c5fa765f9a2c723be60348d) C:\WINDOWS\system32\DRIVERS\nvatabus.sys

19:20:49.0296 3584 nvatabus - ok

19:20:49.0375 3584 NVENETFD (23297b3c2ff3510e2e760714fc6f094e) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

19:20:49.0390 3584 NVENETFD - ok

19:20:49.0484 3584 nvnetbus (bcc3722a2db99ad6f367344997c26654) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

19:20:49.0484 3584 nvnetbus - ok

19:20:49.0578 3584 NVSvc (d1b1d9f8cfcaf03872b6f769a79ca3e8) C:\WINDOWS\system32\nvsvc32.exe

19:20:49.0578 3584 NVSvc - ok

19:20:49.0656 3584 nv_agp (c0fcd544a1c4eea6d11a0ae6a07dac9d) C:\WINDOWS\system32\DRIVERS\nv_agp.sys

19:20:49.0656 3584 nv_agp - ok

19:20:49.0734 3584 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:20:49.0734 3584 NwlnkFlt - ok

19:20:49.0812 3584 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:20:49.0843 3584 NwlnkFwd - ok

19:20:49.0953 3584 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

19:20:49.0953 3584 NwlnkIpx - ok

19:20:50.0015 3584 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

19:20:50.0015 3584 NwlnkNb - ok

19:20:50.0125 3584 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

19:20:50.0125 3584 NwlnkSpx - ok

19:20:50.0187 3584 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

19:20:50.0187 3584 ohci1394 - ok

19:20:50.0375 3584 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:20:50.0390 3584 ose - ok

19:20:50.0468 3584 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

19:20:50.0484 3584 Parport - ok

19:20:50.0578 3584 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

19:20:50.0593 3584 PartMgr - ok

19:20:50.0687 3584 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

19:20:50.0687 3584 ParVdm - ok

19:20:50.0718 3584 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

19:20:50.0750 3584 PCI - ok

19:20:50.0812 3584 PCIDump - ok

19:20:50.0921 3584 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

19:20:50.0921 3584 PCIIde - ok

19:20:51.0000 3584 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

19:20:51.0000 3584 Pcmcia - ok

19:20:51.0078 3584 PDCOMP - ok

19:20:51.0171 3584 PDFRAME - ok

19:20:51.0234 3584 PDRELI - ok

19:20:51.0296 3584 PDRFRAME - ok

19:20:51.0406 3584 perc2 - ok

19:20:51.0468 3584 perc2hib - ok

19:20:51.0656 3584 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys

19:20:51.0671 3584 pfc - ok

19:20:51.0781 3584 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

19:20:51.0781 3584 PlugPlay - ok

19:20:51.0875 3584 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe

19:20:51.0875 3584 PolicyAgent - ok

19:20:51.0968 3584 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:20:51.0968 3584 PptpMiniport - ok

19:20:52.0046 3584 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

19:20:52.0046 3584 Processor - ok

19:20:52.0109 3584 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

19:20:52.0109 3584 ProtectedStorage - ok

19:20:52.0218 3584 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

19:20:52.0234 3584 PSched - ok

19:20:52.0312 3584 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:20:52.0312 3584 Ptilink - ok

19:20:52.0421 3584 pwd_2k (b2e95bb13acad56138671a1aae7f9ed9) C:\WINDOWS\system32\drivers\pwd_2k.sys

19:20:52.0453 3584 pwd_2k - ok

19:20:52.0546 3584 PxHelp20 (78754021e551113c97dabba2d4425a5c) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

19:20:52.0546 3584 PxHelp20 - ok

19:20:52.0609 3584 ql1080 - ok

19:20:52.0671 3584 Ql10wnt - ok

19:20:52.0750 3584 ql12160 - ok

19:20:52.0812 3584 ql1240 - ok

19:20:52.0875 3584 ql1280 - ok

19:20:52.0968 3584 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:20:52.0984 3584 RasAcd - ok

19:20:53.0078 3584 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

19:20:53.0093 3584 RasAuto - ok

19:20:53.0171 3584 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:20:53.0171 3584 Rasl2tp - ok

19:20:53.0281 3584 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

19:20:53.0296 3584 RasMan - ok

19:20:53.0375 3584 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:20:53.0375 3584 RasPppoe - ok

19:20:53.0437 3584 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

19:20:53.0437 3584 Raspti - ok

19:20:53.0515 3584 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:20:53.0515 3584 Rdbss - ok

19:20:53.0593 3584 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:20:53.0593 3584 RDPCDD - ok

19:20:53.0718 3584 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:20:53.0718 3584 rdpdr - ok

19:20:53.0890 3584 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

19:20:53.0890 3584 RDPWD - ok

19:20:54.0031 3584 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

19:20:54.0046 3584 RDSessMgr - ok

19:20:54.0156 3584 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

19:20:54.0156 3584 redbook - ok

19:20:54.0265 3584 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

19:20:54.0281 3584 RemoteAccess - ok

19:20:54.0375 3584 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

19:20:54.0375 3584 RemoteRegistry - ok

19:20:54.0484 3584 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe

19:20:54.0500 3584 RpcLocator - ok

19:20:54.0671 3584 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

19:20:54.0671 3584 RpcSs - ok

19:20:54.0796 3584 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe

19:20:54.0812 3584 RSVP - ok

19:20:54.0906 3584 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

19:20:54.0906 3584 SamSs - ok

19:20:55.0015 3584 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys

19:20:55.0015 3584 sbp2port - ok

19:20:55.0109 3584 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

19:20:55.0125 3584 SCardSvr - ok

19:20:55.0234 3584 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

19:20:55.0250 3584 Schedule - ok

19:20:55.0359 3584 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:20:55.0375 3584 Secdrv - ok

19:20:55.0421 3584 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

19:20:55.0437 3584 seclogon - ok

19:20:55.0515 3584 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

19:20:55.0531 3584 SENS - ok

19:20:55.0640 3584 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

19:20:55.0640 3584 serenum - ok

19:20:55.0750 3584 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

19:20:55.0750 3584 Serial - ok

19:20:55.0812 3584 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

19:20:55.0812 3584 Sfloppy - ok

19:20:55.0937 3584 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

19:20:55.0968 3584 SharedAccess - ok

19:20:56.0062 3584 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

19:20:56.0062 3584 ShellHWDetection - ok

19:20:56.0093 3584 Simbad - ok

19:20:56.0156 3584 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

19:20:56.0171 3584 SLIP - ok

19:20:56.0250 3584 Sparrow - ok

19:20:56.0343 3584 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

19:20:56.0343 3584 splitter - ok

19:20:56.0453 3584 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

19:20:56.0453 3584 Spooler - ok

19:20:56.0484 3584 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

19:20:56.0515 3584 sr - ok

19:20:56.0640 3584 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll

19:20:56.0656 3584 srservice - ok

19:20:56.0828 3584 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

19:20:56.0843 3584 Srv - ok

19:20:56.0984 3584 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

19:20:56.0984 3584 SSDPSRV - ok

19:20:57.0109 3584 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

19:20:57.0140 3584 stisvc - ok

19:20:57.0234 3584 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

19:20:57.0250 3584 streamip - ok

19:20:57.0296 3584 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

19:20:57.0312 3584 swenum - ok

19:20:57.0406 3584 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

19:20:57.0406 3584 swmidi - ok

19:20:57.0500 3584 SwPrv - ok

19:20:57.0593 3584 symc810 - ok

19:20:57.0656 3584 symc8xx - ok

19:20:57.0859 3584 SymEvent (afdcf8008d0ffe23f42071c1540f35e7) C:\Program Files\Symantec\SYMEVENT.SYS

19:20:57.0859 3584 SymEvent - ok

19:20:57.0921 3584 sym_hi - ok

19:20:58.0031 3584 sym_u3 - ok

19:20:58.0109 3584 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

19:20:58.0109 3584 sysaudio - ok

19:20:58.0234 3584 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

19:20:58.0234 3584 SysmonLog - ok

19:20:58.0375 3584 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

19:20:58.0390 3584 TapiSrv - ok

19:20:58.0515 3584 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:20:58.0546 3584 Tcpip - ok

19:20:58.0687 3584 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

19:20:58.0687 3584 TDPIPE - ok

19:20:58.0734 3584 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

19:20:58.0750 3584 TDTCP - ok

19:20:58.0812 3584 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

19:20:58.0828 3584 TermDD - ok

19:20:58.0937 3584 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

19:20:58.0953 3584 TermService - ok

19:20:59.0062 3584 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

19:20:59.0078 3584 Themes - ok

19:20:59.0171 3584 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe

19:20:59.0171 3584 TlntSvr - ok

19:20:59.0250 3584 TosIde - ok

19:20:59.0312 3584 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

19:20:59.0343 3584 TrkWks - ok

19:20:59.0468 3584 UDFReadr (ac93dd5792310b57b03816d7f8d957fc) C:\WINDOWS\system32\drivers\UDFReadr.sys

19:20:59.0484 3584 UDFReadr - ok

19:20:59.0609 3584 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

19:20:59.0625 3584 Udfs - ok

19:20:59.0687 3584 ultra - ok

19:20:59.0796 3584 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

19:20:59.0812 3584 Update - ok

19:20:59.0968 3584 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

19:20:59.0984 3584 upnphost - ok

19:21:00.0062 3584 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

19:21:00.0062 3584 UPS - ok

19:21:00.0218 3584 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

19:21:00.0218 3584 usbaudio - ok

19:21:00.0328 3584 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:21:00.0328 3584 usbccgp - ok

19:21:00.0437 3584 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:21:00.0453 3584 usbehci - ok

19:21:00.0562 3584 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:21:00.0562 3584 usbhub - ok

19:21:00.0687 3584 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

19:21:00.0687 3584 usbohci - ok

19:21:00.0781 3584 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:21:00.0781 3584 USBSTOR - ok

19:21:00.0843 3584 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

19:21:00.0843 3584 VgaSave - ok

19:21:00.0906 3584 ViaIde - ok

19:21:01.0109 3584 Visual Studio Analyzer RPC bridge (b5ba71eadeed0773d2e0978f962e1bf3) C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe

19:21:01.0109 3584 Visual Studio Analyzer RPC bridge - ok

19:21:01.0250 3584 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

19:21:01.0250 3584 VolSnap - ok

19:21:01.0359 3584 vsdatant (1b648150030fad2f07ba2ee7bb94cd25) C:\WINDOWS\system32\vsdatant.sys

19:21:01.0375 3584 vsdatant - ok

19:21:01.0546 3584 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

19:21:01.0562 3584 VSS - ok

19:21:01.0703 3584 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\System32\w32time.dll

19:21:01.0703 3584 W32Time - ok

19:21:01.0812 3584 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:21:01.0812 3584 Wanarp - ok

19:21:01.0875 3584 WDICA - ok

19:21:01.0968 3584 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

19:21:01.0984 3584 wdmaud - ok

19:21:02.0062 3584 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

19:21:02.0062 3584 WebClient - ok

19:21:02.0234 3584 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

19:21:02.0234 3584 winmgmt - ok

19:21:02.0390 3584 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

19:21:02.0406 3584 WmdmPmSN - ok

19:21:02.0578 3584 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

19:21:02.0609 3584 Wmi - ok

19:21:02.0765 3584 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe

19:21:02.0765 3584 WmiApSrv - ok

19:21:02.0984 3584 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

19:21:03.0062 3584 WMPNetworkSvc - ok

19:21:03.0171 3584 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

19:21:03.0171 3584 wscsvc - ok

19:21:03.0312 3584 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

19:21:03.0312 3584 WSTCODEC - ok

19:21:03.0390 3584 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

19:21:03.0390 3584 wuauserv - ok

19:21:03.0468 3584 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:21:03.0468 3584 WudfPf - ok

19:21:03.0562 3584 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:21:03.0578 3584 WudfRd - ok

19:21:03.0640 3584 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

19:21:03.0656 3584 WudfSvc - ok

19:21:03.0781 3584 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

19:21:03.0843 3584 WZCSVC - ok

19:21:03.0953 3584 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

19:21:03.0953 3584 xmlprov - ok

19:21:04.0140 3584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

19:21:04.0281 3584 \Device\Harddisk0\DR0 - ok

19:21:04.0375 3584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

19:21:04.0390 3584 \Device\Harddisk1\DR1 - ok

19:21:04.0453 3584 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR6

19:21:04.0453 3584 \Device\Harddisk2\DR6 - ok

19:21:04.0515 3584 Boot (0x1200) (78be26bf10d884a8607148bc22c074a2) \Device\Harddisk0\DR0\Partition0

19:21:04.0515 3584 \Device\Harddisk0\DR0\Partition0 - ok

19:21:04.0546 3584 Boot (0x1200) (636b7f677b36da8d5bdef4c24cee7c99) \Device\Harddisk1\DR1\Partition0

19:21:04.0546 3584 \Device\Harddisk1\DR1\Partition0 - ok

19:21:04.0625 3584 Boot (0x1200) (4f8557238a83518c52b6339306975fd2) \Device\Harddisk2\DR6\Partition0

19:21:04.0625 3584 \Device\Harddisk2\DR6\Partition0 - ok

19:21:04.0671 3584 ============================================================

19:21:04.0671 3584 Scan finished

19:21:04.0687 3584 ============================================================

19:21:04.0796 3576 Detected object count: 0

19:21:04.0796 3576 Actual detected object count: 0

19:21:20.0062 3556 Deinitialize success

[Maurice Naggar]

These steps are for panwalker only. If you are a casual viewer, do NOT try this on your system!

If you are not panwalker and have a similar problem, do NOT post here; start your own topic

The fixes in this Topic are for this system only! Do not apply the fix-instructions from this topic to your System or any other one!

You will want to print out or copy these instructions to Notepad for Safe offline reference!

DO NOT run any other tools on your own. Just only please follow my guide. Do NOT do any websurfing for the duration. Consider this pc as under quarantine.

Download to your Desktop FixPolicies.exe, by Bill Castner, MS-MVP, a self-extracting ZIP archive from

>>> here <<<

• Double-click FixPolicies.exe.
  
• Click the "Install" button on the bottom toolbar of the box that will open.
  
• The program will create a new Folder called FixPolicies.
  
• Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
  
• A black box will briefly appear and then close.
  
• This fix may prove temporary. Active malware may revert these changes at your next startup. You can safely run the utility again.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

• Double click on RSIT.exe to run RSIT.
  
• Click Continue at the disclaimer screen.
  
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

• Run Security Check
• Follow the onscreen instructions inside of the command window.
• A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5

1. Close any/all open internet browsers. Save any open documents you have open & close programs you started.
   
2. Click on START>All Programs>Malwarebytes' Anti-Malware>Tools>Malwarebytes Anti-Malware Chameleon
   On Windows 7, press Windows-key, then start typing in text box

Malwarebytes[code] then select/click [b]Malwarebytes Anti-Malware Chameleon[/b]

Once the Help file opens, click on a [b]Chameleon[/b] button (starting with #1)
If running on Vista, Windows 7, press the Yes button when prompted at the UAC prompt to allow to run.
You should see a black Command-prompt-window that remains open and says [b]MBAM-chameleon ver. 1.61[/b] at the top
Press any key to continue as it says in the window {space-bar will do}
If the Chameleon button you tried does not work, try the next Chameleon button shown {until one of them works}. (There are 12 in all).
Have infinite patience during this process
Malwarebytes Chameleon will proceed to update Malwarebytes Anti-Malware, so ensure that you are connected to the internet if possible
Once the update completes and it says your database is updated, click on [b]OK[/b] button so that process can continue
Malwarebytes Chameleon will then terminate any threats running in memory, which may take a while, so please be patient.
After that, Malwarebytes Anti-Malware will open automatically and perform a Quick scan
A quick scan will take a few minutes, possibly 5 or so minutes. Have infinite patience.
Once the scan is complete, click on [b]Show Results[/b] and remove any threats that are found by clicking [b]Remove Selected[/b]
If prompted to restart your computer to complete the removal process, click [b]Yes[/b]
If no threats are found, press OK button & press EXIT to end MBAM. Press the space-bar (or another key) to exit the command-prompt-window.
After your computer restarts, open [b]Malwarebytes Anti-Malware[/b] and perform one last Quick scan to verify that there are no remaining threats

[color=blue]Step 6[/color]

Logoff and Restart into [color=darkblue]Normal mode Windows.[/color]

Now, I need you to run the steps in Step 5 one more time.

[color=blue]Step 7[/color]

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from latest MBAM scan .

Use separate replies as needed if logs do not fit into one reply box.

This saga will likely take several more sessions of back & forth, and may well go into tomorrow. Keep in mind I am not online all the time.

[panwalker]

5 files instead of 3. The reason for this is because RSIT looks at files modified in the last month, and I was operating my computer in two modes: one at the current date and one at a date from last year in order to utilize a trial program that had expired. So I have two copies of the RSIT files.

Here's the MBAM:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.04.01

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

:: MIXMASTER [administrator]

Protection: Disabled

5/4/2012 12:11:17 AM

mbam-log-2012-05-04 (00-11-17).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 193668

Time elapsed: 13 minute(s), 19 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[panwalker]

THE CHECKUP FILE, and the LOG AND INFO FILES from today:

Results of screen317's Security Check version 0.99.32

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date! (On Access scanning disabled!)

```````````````````````````````

Anti-malware/Other Utilities Check:

Java 6 Update 27

Java 7

Java SE Development Kit 7

Adobe Flash Player 10.3.183.7 Flash Player out of Date!

Mozilla Firefox (11.0.)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

``````````End of Log````````````

----------------------------------------------------------

Logfile of random's system information tool 1.09 (written by random/random)

Run by Video at 2012-05-03 23:38:52

Microsoft Windows XP Professional Service Pack 3

System drive C: has 50 GB (65%) free of 76 GB

Total RAM: 1535 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:38:54 PM, on 5/3/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Video\Desktop\RSIT.exe

C:\Program Files\trend micro\Video.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe

O4 - HKLM\..\Run: [DeltTray] DeltTray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Matrox PowerDesk SE] "c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: PlexTools Professional.lnk = C:\Program Files\Plextor\PlexTool.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110057451386

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe

O23 - Service: Matrox.Pdesk.ServicesHost - Matrox Graphics Inc - c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 5767 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10.1 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\

engine@conduit.com

{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-07-12 56712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]

"NVRTCLK"=C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe [2003-12-30 24576]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-07-12 81920]

"VGAUtil"=C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe [2004-09-17 552960]

"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]

"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]

"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]

"RoxioDragToDisc"=C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [2004-06-24 1691648]

"M-Audio Delta Taskbar Icon"=C:\WINDOWS\System32\DeltTray.exe [2004-08-26 56320]

"DeltTray"=C:\WINDOWS\system32\DeltTray.exe [2004-08-26 56320]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

"Matrox PowerDesk SE"=c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe [2009-02-06 4223232]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-10-08 196608]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"Google Update"=C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 136176]

"Akamai NetSession Interface"=C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

PlexTools Professional.lnk - C:\Program Files\Plextor\PlexTool.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify]

C:\WINDOWS\system32\PCANotify.dll [2001-11-02 24636]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\GigaByte\VGA Utility Manager\G-vga.exe"="C:\Program Files\GigaByte\VGA Utility Manager\G-vga.exe:*:Enabled:Menu"

"C:\Program Files\Polycom\PVX\vvsys.exe"="C:\Program Files\Polycom\PVX\vvsys.exe:*:Enabled:vvsys Application"

"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"

"C:\Program Files\Symantec\pcAnywhere\awhost32.exe"="C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host Service"

"C:\Program Files\Symantec\pcAnywhere\awrem32.exe"="C:\Program Files\Symantec\pcAnywhere\awrem32.exe:*:Enabled:pcAnywhere Remote Service"

"C:\Program Files\Aqua Data Studio 9.0 - 32bit\datastudio.exe"="C:\Program Files\Aqua Data Studio 9.0 - 32bit\datastudio.exe:*:Enabled:datastudio"

"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"

"C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe"="C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"wave2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux1"=wdmaud.drv

"msacm.PLCMg722"=PLCMg722.acm

"msacm.PLCMg728"=PLCMg728.acm

"msacm.PLCMg729A"=PLCMg729A.acm

"msacm.PLCMsiren"=PLCMsiren.acm

"wave3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave4"=wdmaud.drv

"mixer4"=wdmaud.drv

"vidc.tscc"=tsccvid.dll

"Midi"=wdmaud.drv

"wave5"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer6"=wdmaud.drv

"vidc.3IV2"=3ivxVfWCodec.dll

======List of files/folders created in the last 1 month======

2012-05-03 23:31:57 ----D---- C:\WINDOWS\ERDNT

2012-05-03 23:31:29 ----D---- C:\Program Files\ERUNT

2012-05-03 23:26:58 ----D---- C:\WINDOWS\CSC

2012-05-03 23:26:48 ----A---- C:\WINDOWS\ntbtlog.txt

2012-05-03 19:20:25 ----A---- C:\TDSSKiller.2.7.34.0_03.05.2012_19.20.25_log.txt

2012-05-03 19:18:03 ----D---- C:\Documents and Settings\Video\Application Data\U3

2012-05-03 13:30:56 ----D---- C:\rsit

2012-05-03 13:24:18 ----D---- C:\Program Files\Trend Micro

2012-05-03 12:33:23 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys

2012-05-03 12:02:58 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2012-05-03 12:02:56 ----D---- C:\Documents and Settings\Video\Application Data\Malwarebytes

2012-05-03 12:02:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2012-05-03 12:02:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-05-03 12:02:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2012-05-03 11:28:53 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2012-05-01 11:29:19 ----SHD---- C:\Config.Msi

2012-04-12 17:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$

11747-11-13 15:58:10 ----ASHD---- C:\WINDOWS\xxclone.arc

======List of files/folders modified in the last 1 month======

2012-05-03 23:31:57 ----D---- C:\WINDOWS

2012-05-03 23:31:29 ----RD---- C:\Program Files

2012-05-03 22:37:39 ----SD---- C:\WINDOWS\Tasks

2012-05-03 22:37:39 ----D---- C:\WINDOWS\Temp

2012-05-03 21:31:18 ----D---- C:\WINDOWS\Prefetch

2012-05-03 19:20:25 ----D---- C:\WINDOWS\system32\drivers

2012-05-03 19:19:01 ----D---- C:\WINDOWS\system32

2012-05-03 19:17:35 ----D---- C:\WINDOWS\system32\CatRoot2

2012-05-03 18:47:54 ----D---- C:\WINDOWS\Minidump

2012-05-03 18:17:19 ----HD---- C:\WINDOWS\inf

2012-05-03 13:17:57 ----A---- C:\WINDOWS\SchedLgU.Txt

2012-05-03 13:03:59 ----D---- C:\Program Files\Mozilla Firefox

2012-05-02 16:25:32 ----A---- C:\WINDOWS\hpbafd.ini

2012-05-01 11:30:37 ----D---- C:\Program Files\Microsoft Security Client

2012-05-01 11:30:33 ----SHD---- C:\WINDOWS\Installer

2012-04-30 11:06:38 ----A---- C:\WINDOWS\vbaddin.ini

2012-04-12 17:59:10 ----RSHDC---- C:\WINDOWS\system32\dllcache

2012-04-12 17:59:07 ----D---- C:\Program Files\Internet Explorer

2012-04-12 17:58:22 ----HD---- C:\WINDOWS\$hf_mig$

2012-04-12 17:55:15 ----A---- C:\WINDOWS\system32\MRT.exe

2012-04-12 17:55:06 ----A---- C:\WINDOWS\imsins.BAK

2012-04-06 18:56:17 ----D---- C:\Program Files\Common Files

2012-04-06 18:54:48 ----D---- C:\Program Files\AppInventor

2012-04-04 19:16:14 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Gernuwa;Gernuwa; C:\WINDOWS\system32\drivers\Gernuwa.sys [2001-10-09 14944]

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [2003-10-29 21120]

R0 nvatabus;nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [2004-06-02 79360]

R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2004-09-17 20368]

R0 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\system32\DRIVERS\sbp2port.sys [2008-04-13 43904]

R1 AW_HOST;AW_HOST; C:\WINDOWS\system32\drivers\aw_host5.sys [2001-10-22 31192]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-06-24 44160]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-06-24 24832]

R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2004-06-24 289408]

R1 DVDVRRdr_xp;DVDVRRdr_xp; C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys [2004-06-24 141184]

R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-06-24 117632]

R1 UDFReadr;UDFReadr; C:\WINDOWS\system32\drivers\UDFReadr.sys [2004-06-24 200704]

R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]

R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]

S1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-05-08 35840]

S1 awlegacy;awlegacy; C:\WINDOWS\System32\Drivers\awlegacy.sys [2000-09-11 10816]

S2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]

S2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-18 63232]

S2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-18 55936]

S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-23 400384]

S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 DELTA;Service for Delta Driver (WDM); C:\WINDOWS\system32\DRIVERS\delta.sys [2005-03-16 292992]

S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-06-24 23808]

S3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-08-17 322432]

S3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2009-02-06 350592]

S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]

S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []

S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-06-24 23808]

S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-07-12 2459968]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2004-05-17 33280]

S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2004-05-17 12928]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []

S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2005-04-19 279880]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]

S2 FlipShare Service;FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [2009-11-19 455944]

S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2011-07-12 161664]

S2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost; c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [2009-02-06 344832]

S2 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2007-04-04 87560]

S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-12 114755]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-03-07 68096]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]

S3 awhost32;pcAnywhere Host Service; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [2001-11-02 110651]

S3 Matrox Centering Service;Matrox Centering Service; c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [2009-02-06 1263872]

S3 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

-----------------------------------------

info.txt logfile of random's system information tool 1.09 2012-05-03 23:38:55

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

123 DVD Clone-->"C:\Program Files\123 DVD Clone\unins000.exe"

2d3 SteadyMove for Adobe Premiere Pro-->MsiExec.exe /I{94118D5F-2D5D-4BF5-9F84-11FB8A97B566}

3ivx MPEG-4 5.0.3 (remove only)-->"C:\Program Files\3ivx\3ivx MPEG-4 5.0.3\uninstaller.exe"

Adobe Encore DVD 1.5-->RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BD31B80-7E9E-4FAF-B911-0AC31FB94BF6}\setup.exe" -l0x0009

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe -maintain activex

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_Plugin.exe -maintain plugin

Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"

Adobe Premiere Pro 1.5-->RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{A14F7508-B784-40B8-B11A-E0E2EEB7229F}\setup.exe" -l0x0009

Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}

Android SDK Tools-->C:\Program Files\Android\android-sdk\uninstall.exe

Aqua Data Studio 9.0 - 32bit-->C:\Program Files\Aqua Data Studio 9.0 - 32bit\uninstall .exe

Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9

AVS Screen Capture version 2.0.1-->"C:\Program Files\AVS4YOU\AVSScreenCapture\unins000.exe"

AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"

AVS Video Editor 6-->"C:\Program Files\AVS4YOU\AVSVideoEditor\unins000.exe"

AVS Video Recorder 2.4-->"C:\Program Files\AVS4YOU\AVSVideoRecorder\unins000.exe"

AVS4YOU Software Navigator 1.4-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"

Camtasia Studio 2-->C:\Program Files\TechSmith\Camtasia Studio 2\CSuninst.EXE

Delta-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A4810699-E859-43A6-8F40-1743873E72AB}\setup.exe" -l0x9 -removeonly

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

FileZilla Client 3.5.3-->C:\Program Files\FileZilla FTP Client\uninstall.exe

FlipShare-->MsiExec.exe /X{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}

GIGABYTE VGA Utility Manager-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GigaByte\VGA Utility Manager\Uninst.isu"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"

Inkscape 0.48.2-->C:\Program Files\Inkscape\Uninstall.exe

J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}

Java 6 Update 27-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}

Java 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217000FF}

Java SE Development Kit 7-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0170000}

LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE

LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U

Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9

Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

Magic Bullet Movie Looks-->C:\WINDOWS\unvise32.exe C:\Program Files\Adobe\Premiere Pro 1.5\Plug-ins\en_US\Magic Bullet Movie Looks\uninstal.log

Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Matrox Graphics Software (remove only)-->C:\WINDOWS\system32\PDesk\PDUninst.exe

Matrox PowerDesk-SE-->MsiExec.exe /X{9AA7D28F-7C66-45BD-95C0-BEC00CEFD34A}

Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}

Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}

Microsoft Security Client-->MsiExec.exe /X{0F842B77-56EA-4AAF-8295-81A022350B5E}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual Studio 6.0 Enterprise Edition-->"C:\Program Files\Microsoft Visual Studio\Common\Setup\1033\Setup.exe"

Microsoft Web Publishing Wizard 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall

Microsoft Works 6-9 Converter-->MsiExec.exe /X{172423F9-522A-483A-AD65-03600CE4CA4F}

Mozilla Firefox 11.0 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

NVIDIA Drivers-->C:\WINDOWS\system32\NVUninst.exe UninstallGUI

PlexTools Professional V2.17-->MsiExec.exe /X{10651499-F215-41EA-A32D-B09AAAAB138F}

PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}

Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE

Roxio Easy Media Creator 7 Basic DVD Edition-->MsiExec.exe /I{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Spotify-->"C:\Program Files\Spotify\uninstall.exe"

Symantec pcAnywhere-->MsiExec.exe /I{C05E8183-866A-11D3-97DF-0000F8D8F2E9}

ULTRA 2 Program Files-->MsiExec.exe /I{6CC9B4FB-161D-4330-97C3-9D48CA5FD106}

ULTRA 2-->MsiExec.exe /I{BA9B9A23-4B46-4487-8439-55CE401A23D2}

ULTRA Program Files-->MsiExec.exe /I{A413CBEB-11C1-45B5-91B2-EB7AB8AF5E0C}

ULTRA-->MsiExec.exe /I{995237D9-6E24-45D9-9B06-C13AA62F518B}

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Visual Voice Pro 5-->C:\Program Files\VisualVoicePro5\Uninstal.exe C:\PROGRA~1\VISUAL~1\INSTALL.LOG Uninstalling Visual Voice Pro 5

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

XXClone ver 1.91.0-->C:\WINDOWS\SYSTEM32\xxclone.exe /uninst

======Security center information======

AV: Microsoft Security Essentials (disabled)

======System event log======

Computer Name: MIXMASTER

Event Code: 20

Message: Printer Driver HP LaserJet 1200 Series PCL 6 for Windows NT x86 Version-3 was added or updated. Files:- HPBF312G.DLL, HPBF312E.DLL, HPBF312I.PMD, HPBF312I.HLP, HPBF312F.DLL, HPBF312H.DLL, HPBF312I.DLL, HPBF312J.DLL, HPBF312K.DLL, HPBAFD32.DLL, HPBFTM32.DLL.

Record Number: 15085

Source Name: Print

Time Written: 20120123170311.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 36

Message: The time service has not been able to synchronize the system time

for 49152 seconds because none of the time providers has been able to

provide a usable time stamp. The system clock is unsynchronized.

Record Number: 15084

Source Name: W32Time

Time Written: 20120123110713.000000-300

Event Type: warning

User:

Computer Name: MIXMASTER

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 15057

Source Name: Tcpip

Time Written: 20120120163212.000000-300

Event Type: warning

User:

Computer Name: MIXMASTER

Event Code: 20

Message: Printer Driver HP LaserJet 1200 Series PCL 6 for Windows NT x86 Version-3 was added or updated. Files:- HPBF312G.DLL, HPBF312E.DLL, HPBF312I.PMD, HPBF312I.HLP, HPBF312F.DLL, HPBF312H.DLL, HPBF312I.DLL, HPBF312J.DLL, HPBF312K.DLL, HPBAFD32.DLL, HPBFTM32.DLL.

Record Number: 15054

Source Name: Print

Time Written: 20120120121415.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 36

Message: The time service has not been able to synchronize the system time

for 49152 seconds because none of the time providers has been able to

provide a usable time stamp. The system clock is unsynchronized.

Record Number: 15053

Source Name: W32Time

Time Written: 20120120113701.000000-300

Event Type: warning

User:

=====Application event log=====

Computer Name: MIXMASTER

Event Code: 1000

Message: Faulting application plextool.exe, version 2.17.0.0, faulting module plextool.exe, version 2.17.0.0, fault address 0x00153c7a.

Record Number: 2933

Source Name: Application Error

Time Written: 20091116112749.000000-300

Event Type: error

User:

Computer Name: MIXMASTER

Event Code: 1517

Message: Windows saved user MIXMASTER\Video registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2908

Source Name: Userenv

Time Written: 20091116103338.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 1

Message:

Record Number: 2903

Source Name: nview_info

Time Written: 20091116080014.000000-300

Event Type: error

User:

Computer Name: MIXMASTER

Event Code: 1517

Message: Windows saved user MIXMASTER\Video registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2870

Source Name: Userenv

Time Written: 20090228183809.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 1517

Message: Windows saved user MIXMASTER\Video registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2829

Source Name: Userenv

Time Written: 20081124184947.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Symantec\pcAnywhere\

"windir"=%SystemRoot%

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD

"PROCESSOR_REVISION"=0c00

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"FP_NO_HOST_CHECK"=NO

"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_01\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.5.0_01\lib\ext\QTJava.zip

"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

[panwalker]

Now the LOG file from last years' date that I would often operate in:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Video at 2011-07-11 23:39:43

Microsoft Windows XP Professional Service Pack 3

System drive C: has 50 GB (65%) free of 76 GB

Total RAM: 1535 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:39:44 PM, on 7/11/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Video\Desktop\RSIT.exe

C:\Program Files\trend micro\Video.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [M-Audio Delta Taskbar Icon] C:\WINDOWS\System32\DeltTray.exe

O4 - HKLM\..\Run: [DeltTray] DeltTray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Matrox PowerDesk SE] "c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: PlexTools Professional.lnk = C:\Program Files\Plextor\PlexTool.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110057451386

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe

O23 - Service: Matrox.Pdesk.ServicesHost - Matrox Graphics Inc - c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 5768 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10.1 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\

engine@conduit.com

{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-07-12 56712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]

"NVRTCLK"=C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe [2003-12-30 24576]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384]

"nwiz"=nwiz.exe /install []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-07-12 81920]

"VGAUtil"=C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe [2004-09-17 552960]

"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]

"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]

"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]

"RoxioDragToDisc"=C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [2004-06-24 1691648]

"M-Audio Delta Taskbar Icon"=C:\WINDOWS\System32\DeltTray.exe [2004-08-26 56320]

"DeltTray"=C:\WINDOWS\system32\DeltTray.exe [2004-08-26 56320]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

"Matrox PowerDesk SE"=c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe [2009-02-06 4223232]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-10-08 196608]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"Google Update"=C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 136176]

"Akamai NetSession Interface"=C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

PlexTools Professional.lnk - C:\Program Files\Plextor\PlexTool.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify]

C:\WINDOWS\system32\PCANotify.dll [2001-11-02 24636]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\GigaByte\VGA Utility Manager\G-vga.exe"="C:\Program Files\GigaByte\VGA Utility Manager\G-vga.exe:*:Enabled:Menu"

"C:\Program Files\Polycom\PVX\vvsys.exe"="C:\Program Files\Polycom\PVX\vvsys.exe:*:Enabled:vvsys Application"

"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"

"C:\Program Files\Symantec\pcAnywhere\awhost32.exe"="C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host Service"

"C:\Program Files\Symantec\pcAnywhere\awrem32.exe"="C:\Program Files\Symantec\pcAnywhere\awrem32.exe:*:Enabled:pcAnywhere Remote Service"

"C:\Program Files\Aqua Data Studio 9.0 - 32bit\datastudio.exe"="C:\Program Files\Aqua Data Studio 9.0 - 32bit\datastudio.exe:*:Enabled:datastudio"

"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"

"C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe"="C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"wave2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux1"=wdmaud.drv

"msacm.PLCMg722"=PLCMg722.acm

"msacm.PLCMg728"=PLCMg728.acm

"msacm.PLCMg729A"=PLCMg729A.acm

"msacm.PLCMsiren"=PLCMsiren.acm

"wave3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"wave4"=wdmaud.drv

"mixer4"=wdmaud.drv

"vidc.tscc"=tsccvid.dll

"Midi"=wdmaud.drv

"wave5"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer6"=wdmaud.drv

"vidc.3IV2"=3ivxVfWCodec.dll

======List of files/folders created in the last 1 month======

2012-05-03 23:31:57 ----D---- C:\WINDOWS\ERDNT

2012-05-03 23:31:29 ----D---- C:\Program Files\ERUNT

2012-05-03 23:26:58 ----D---- C:\WINDOWS\CSC

2012-05-03 23:26:48 ----A---- C:\WINDOWS\ntbtlog.txt

2012-05-03 19:20:25 ----A---- C:\TDSSKiller.2.7.34.0_03.05.2012_19.20.25_log.txt

2012-05-03 19:18:03 ----D---- C:\Documents and Settings\Video\Application Data\U3

2012-05-03 13:30:56 ----D---- C:\rsit

2012-05-03 13:24:18 ----D---- C:\Program Files\Trend Micro

2012-05-03 12:33:23 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys

2012-05-03 12:02:58 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2012-05-03 12:02:56 ----D---- C:\Documents and Settings\Video\Application Data\Malwarebytes

2012-05-03 12:02:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2012-05-03 12:02:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-05-03 12:02:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2012-05-03 11:28:53 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2012-05-01 11:29:19 ----SHD---- C:\Config.Msi

2012-04-12 17:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$

2012-03-30 19:46:17 ----A---- C:\PrintStop.cmd

2012-03-14 17:29:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$

2012-03-14 16:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$

2012-03-13 19:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$

2012-02-20 14:41:36 ----D---- C:\Documents and Settings\Video\Application Data\inkscape

2012-02-20 14:36:50 ----D---- C:\Program Files\Inkscape

2012-02-15 13:48:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$

2012-02-15 13:09:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$

2012-02-14 18:00:24 ----N---- C:\WINDOWS\system32\iacenc.dll

2012-01-31 19:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$

2011-12-22 15:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$

2011-12-22 15:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$

2011-12-22 15:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$

2011-12-22 15:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$

2011-12-22 15:41:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$

2011-12-22 15:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$

2011-12-22 15:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$

2011-11-11 20:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$

2011-11-10 18:57:31 ----HD---- C:\Program Files\Zero G Registry

2011-11-10 18:57:31 ----D---- C:\Eclipse

2011-10-10 12:59:31 ----D---- C:\android-sdk_r13-windows

2011-09-26 17:43:45 ----D---- C:\WINDOWS\fonts\Lucidas

2011-09-26 11:41:20 ----N---- C:\WINDOWS\system32\uiautomationcore.dll

2011-09-13 19:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$

2011-09-13 19:06:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$

2011-09-09 18:45:25 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU

2011-09-09 18:45:17 ----D---- C:\Documents and Settings\Video\Application Data\AVS4YOU

2011-09-09 18:42:14 ----A---- C:\WINDOWS\system32\libmfxsw32.dll

2011-09-09 18:42:13 ----A---- C:\WINDOWS\system32\libmfxhw32.dll

2011-09-09 18:42:01 ----D---- C:\Program Files\Common Files\AVSMedia

2011-09-09 18:41:35 ----D---- C:\Program Files\AVS4YOU

2011-09-09 18:41:35 ----A---- C:\WINDOWS\system32\msxml3a.dll

2011-09-09 18:21:13 ----D---- C:\Documents and Settings\Video\Application Data\Yamb

2011-09-01 19:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$

2011-09-01 19:07:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$

2011-09-01 19:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$

2011-09-01 19:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

2011-09-01 19:06:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2011-09-01 16:54:09 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee

2011-07-12 19:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$

2011-07-12 18:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$

2011-07-12 18:57:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$

2011-07-12 18:57:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$

2011-07-12 18:23:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$

2011-07-12 18:17:21 ----D---- C:\Program Files\XXCLONE

2011-07-12 17:58:53 ----D---- C:\Program Files\Android

2011-07-12 17:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$

2011-07-12 17:56:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$

2011-07-12 17:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$

2011-07-12 17:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$

2011-07-12 17:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$

2011-07-12 17:50:40 ----A---- C:\WINDOWS\system32\javaws.exe

2011-07-12 17:50:40 ----A---- C:\WINDOWS\system32\javaw.exe

2011-07-12 17:50:40 ----A---- C:\WINDOWS\system32\java.exe

2011-07-12 17:13:46 ----N---- C:\WINDOWS\system32\spmsg.dll

2011-07-12 17:13:45 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$

2011-07-12 17:13:26 ----D---- C:\Program Files\Windows Media Connect 2

2011-07-12 17:13:13 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$

2011-07-12 17:12:12 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$

2011-07-12 17:11:32 ----D---- C:\WINDOWS\system32\LogFiles

2011-07-12 17:11:32 ----D---- C:\WINDOWS\system32\drivers\UMDF

2011-07-12 17:11:27 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

2011-07-12 16:02:44 ----D---- C:\Program Files\AppInventor

2011-07-12 15:58:28 ----D---- C:\Program Files\3ivx

2011-07-12 15:58:10 ----D---- C:\Program Files\Flip Video

2011-07-12 15:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\Flip Video

2011-07-12 15:53:54 ----D---- C:\Documents and Settings\All Users\Application Data\Sun

2011-07-12 15:53:34 ----A---- C:\WINDOWS\system32\deployJava1.dll

2011-07-12 11:39:55 ----D---- C:\Program Files\MSECache

2011-07-12 11:32:14 ----D---- C:\Program Files\Microsoft Works

2011-07-11 17:37:10 ----A---- C:\HeyVox120501a.exe

2011-07-11 17:33:51 ----A---- C:\HeyMon120501a.exe

2011-07-11 16:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$

2011-07-11 16:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$

2011-07-11 16:54:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$

2011-07-11 16:52:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$

2011-07-11 16:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$

2011-07-11 13:40:32 ----A---- C:\WINDOWS\system32\d3d8caps.dat

2011-07-10 19:33:37 ----D---- C:\Documents and Settings\Video\Application Data\Spotify

2011-07-10 19:33:19 ----D---- C:\Program Files\Spotify

2011-07-10 19:02:49 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2011-07-10 12:37:10 ----A---- C:\WINDOWS\system32\muweb.dll

2011-07-10 12:37:10 ----A---- C:\WINDOWS\system32\mucltui.dll

2011-07-09 19:02:20 ----N---- C:\WINDOWS\system32\MpSigStub.exe

2011-07-09 18:59:32 ----D---- C:\Program Files\Microsoft Security Client

2011-07-09 18:51:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$

2011-07-09 18:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$

2011-07-09 18:32:06 ----A---- C:\myFile2.txt

2011-07-09 18:17:51 ----A---- C:\myFile.txt

2011-07-09 16:11:36 ----D---- C:\Documents and Settings\Video\Application Data\MSN6

2011-07-09 16:11:36 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6

2011-07-09 06:16:26 ----A---- C:\WINDOWS\hpbafd.ini

2011-07-07 18:12:35 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp

2011-07-05 18:14:16 ----D---- C:\Documents and Settings\All Users\Application Data\Matrox

2011-07-05 18:14:12 ----D---- C:\Program Files\Matrox Graphics Inc

2011-07-05 18:14:12 ----D---- C:\Documents and Settings\All Users\Application Data\Matrox Graphics Inc

2011-07-05 18:13:52 ----D---- C:\WINDOWS\system32\PDesk

2011-07-05 18:13:52 ----A---- C:\WINDOWS\system32\MtxCIP2.dll

2011-07-05 18:13:52 ----A---- C:\WINDOWS\system32\mgabg.exe

2011-07-05 18:13:52 ----A---- C:\WINDOWS\system32\g400icd.dll

2011-07-05 18:13:52 ----A---- C:\WINDOWS\system32\drivers\g400dhm.sys

2011-07-05 18:13:52 ----A---- C:\WINDOWS\MtxCIP2Log.txt

2011-07-05 18:13:51 ----A---- C:\WINDOWS\system32\g400dhd.dll

2011-07-05 17:53:02 ----D---- C:\WINDOWS\Minidump

2011-06-30 19:01:43 ----D---- C:\WINDOWS\ShellNew

2011-06-30 18:56:12 ----D---- C:\Program Files\Microsoft Office

2011-06-30 15:08:39 ----A---- C:\WINDOWS\system32\d3d9caps.dat

2011-06-30 13:50:22 ----A---- C:\WINDOWS\ModemLog_U.S. Robotics 56K FAX EXT.txt

2011-06-30 13:43:24 ----D---- C:\Hey

2011-06-30 13:15:08 ----A---- C:\WINDOWS\system32\VVLspa32.DLL

2011-06-30 13:15:05 ----A---- C:\WINDOWS\vvtest32.ini

2011-06-30 13:15:05 ----A---- C:\WINDOWS\vvoice32.ini

2011-06-30 13:15:05 ----A---- C:\WINDOWS\system32\VVLUSA32.DLL

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvtool32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvtest32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvserv32.exe

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvpro32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvoice32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\VVLIB32.DLL

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvgblc32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvdt132.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvdlg32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\VVCommon.DLL

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\VVComCtl.DLL

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vvacu32.dll

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vservice.exe

2011-06-30 13:15:04 ----A---- C:\WINDOWS\system32\vctl32.dll

2011-06-30 13:14:27 ----A---- C:\WINDOWS\system32\chkdll.exe

2011-06-30 13:14:26 ----A---- C:\WINDOWS\system32\dao350.dll

2011-06-30 13:14:21 ----D---- C:\Program Files\VisualVoicePro5

2011-06-30 13:05:45 ----A---- C:\WINDOWS\mdm.ini

2011-06-30 13:05:40 ----A---- C:\WINDOWS\ODBC.INI

2011-06-30 13:05:03 ----A---- C:\WINDOWS\wplog.txt

2011-06-30 13:05:02 ----D---- C:\Program Files\Web Publish

2011-06-30 13:03:08 ----D---- C:\Program Files\Common Files\designer

2011-06-30 13:03:02 ----D---- C:\Program Files\Microsoft Visual Studio

2011-06-30 12:52:44 ----A---- C:\WINDOWS\system32\jit.dll

2011-06-30 12:52:44 ----A---- C:\WINDOWS\system32\javaee.dll

2011-06-30 12:52:44 ----A---- C:\WINDOWS\system32\dx3j.dll

2011-06-30 12:52:44 ----A---- C:\WINDOWS\setdebug.exe

2011-06-30 12:52:44 ----A---- C:\WINDOWS\jautoexp.dat

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\wjview.exe

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\vmhelper.dll

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\msjdbc10.dll

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\msjava.dll

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\msawt.dll

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\jview.exe

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\jdbgmgr.exe

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\javart.dll

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\javaprxy.dll

2011-06-30 12:52:41 ----A---- C:\WINDOWS\system32\javacypt.dll

2011-06-30 12:52:40 ----A---- C:\WINDOWS\system32\clspack.exe

2011-06-30 12:11:41 ----D---- C:\Program Files\NP2

2011-06-30 06:20:47 ----A---- C:\WINDOWS\system32\SYMEVNT1.DLL

2011-06-30 06:20:47 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL

2011-06-30 06:20:47 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2011-06-30 06:20:31 ----D---- C:\Program Files\Symantec

2011-06-30 06:20:31 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec

2011-06-30 06:19:56 ----A---- C:\WINDOWS\EnvChecklog.txt

2011-06-30 03:03:56 ----HD---- C:\WINDOWS\PIF

2011-06-30 02:16:22 ----D---- C:\Documents and Settings\Video\Application Data\Symantec

2011-06-30 02:16:21 ----D---- C:\Program Files\Common Files\Symantec Shared

2011-06-30 02:16:21 ----A---- C:\WINDOWS\system32\401COMUPD.EXE

2011-06-30 02:11:14 ----A---- C:\WINDOWS\system32\G400d.dll

2011-06-30 02:11:14 ----A---- C:\WINDOWS\system32\drivers\G400m.sys

2011-06-30 01:32:45 ----D---- C:\JodoHost

2011-06-30 01:26:17 ----D---- C:\Documents and Settings\Video\Application Data\FileZilla

2011-06-30 01:10:26 ----D---- C:\Program Files\Aqua Data Studio 9.0 - 32bit

2011-06-30 01:09:33 ----D---- C:\Program Files\FileZilla FTP Client

2011-06-30 01:05:11 ----A---- C:\WINDOWS\nsreg.dat

2011-06-30 01:05:05 ----D---- C:\Documents and Settings\Video\Application Data\Mozilla

2011-06-30 01:05:00 ----D---- C:\Program Files\Mozilla Firefox

2011-06-30 00:59:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$

2011-06-30 00:58:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$

2011-06-30 00:58:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$

2011-06-30 00:58:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$

2011-06-30 00:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$

2011-06-30 00:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$

2011-06-30 00:58:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$

2011-06-30 00:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$

2011-06-30 00:58:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$

2011-06-30 00:57:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$

2011-06-30 00:57:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$

2011-06-30 00:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$

2011-06-30 00:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$

2011-06-30 00:57:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$

2011-06-30 00:57:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$

2011-06-30 00:57:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$

2011-06-30 00:57:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$

2011-06-30 00:57:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$

2011-06-30 00:57:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$

2011-06-30 00:57:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$

2011-06-30 00:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$

2011-06-30 00:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$

2011-06-30 00:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$

2011-06-30 00:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$

2011-06-30 00:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$

2011-06-30 00:56:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$

2011-06-30 00:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$

2011-06-30 00:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$

2011-06-30 00:56:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$

2011-06-30 00:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$

2011-06-30 00:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$

2011-06-30 00:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$

2011-06-30 00:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$

2011-06-30 00:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$

2011-06-30 00:55:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$

2011-06-30 00:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$

2011-06-30 00:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$

2011-06-30 00:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$

2011-06-30 00:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$

2011-06-30 00:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$

2011-06-30 00:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$

2011-06-30 00:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$

2011-06-30 00:54:40 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$

2011-06-30 00:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$

2011-06-30 00:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$

2011-06-30 00:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2011-06-30 00:48:12 ----D---- C:\WINDOWS\Prefetch

2011-06-30 00:46:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$

2011-06-30 00:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$

2011-06-30 00:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$

2011-06-30 00:45:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$

2011-06-30 00:45:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$

2011-06-30 00:45:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$

2011-06-30 00:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$

2011-06-30 00:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$

2011-06-30 00:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

2011-06-30 00:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$

2011-06-30 00:45:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$

2011-06-30 00:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$

2011-06-30 00:44:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$

2011-06-30 00:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$

2011-06-30 00:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

2011-06-30 00:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$

2011-06-30 00:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$

2011-06-30 00:44:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$

2011-06-30 00:44:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$

2011-06-30 00:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$

2011-06-30 00:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$

2011-06-30 00:44:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$

2011-06-30 00:44:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$

2011-06-30 00:44:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

2011-06-30 00:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

2011-06-30 00:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$

2011-06-30 00:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$

2011-06-30 00:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

2011-06-30 00:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$

2011-06-30 00:43:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$

2011-06-30 00:43:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$

2011-06-30 00:43:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$

2011-06-30 00:43:23 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$

2011-06-30 00:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

2011-06-30 00:43:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2011-06-30 00:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$

2011-06-30 00:43:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$

2011-06-30 00:42:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$

2011-06-30 00:42:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$

2011-06-30 00:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$

2011-06-30 00:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2011-06-30 00:42:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

2011-06-30 00:42:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2011-06-30 00:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2011-06-30 00:42:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$

2011-06-30 00:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$

2011-06-30 00:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$

2011-06-30 00:42:05 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2011-06-30 00:42:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2011-06-30 00:41:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2011-06-30 00:41:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$

2011-06-30 00:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2011-06-30 00:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2011-06-30 00:41:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2011-06-30 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2011-06-30 00:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2011-06-30 00:41:23 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

2011-06-30 00:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

2011-06-30 00:37:35 ----D---- C:\WINDOWS\system32\scripting

2011-06-30 00:37:34 ----D---- C:\WINDOWS\system32\en

2011-06-30 00:37:34 ----D---- C:\WINDOWS\l2schemas

2011-06-30 00:34:14 ----D---- C:\WINDOWS\network diagnostic

2011-06-30 00:26:40 ----N---- C:\WINDOWS\system32\wmphoto.dll

2011-06-30 00:26:39 ----N---- C:\WINDOWS\system32\wlanapi.dll

2011-06-30 00:26:38 ----N---- C:\WINDOWS\system32\windowscodecsext.dll

2011-06-30 00:26:38 ----N---- C:\WINDOWS\system32\windowscodecs.dll

2011-06-30 00:26:34 ----N---- C:\WINDOWS\system32\tspkg.dll

2011-06-30 00:26:34 ----N---- C:\WINDOWS\system32\tsgqec.dll

2011-06-30 00:26:28 ----N---- C:\WINDOWS\system32\setupn.exe

2011-06-30 00:26:28 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys

2011-06-30 00:26:26 ----N---- C:\WINDOWS\system32\rhttpaa.dll

2011-06-30 00:26:26 ----N---- C:\WINDOWS\system32\rasqec.dll

2011-06-30 00:26:25 ----N---- C:\WINDOWS\system32\qutil.dll

2011-06-30 00:26:25 ----N---- C:\WINDOWS\system32\qcliprov.dll

2011-06-30 00:26:24 ----N---- C:\WINDOWS\system32\qagentrt.dll

2011-06-30 00:26:24 ----N---- C:\WINDOWS\system32\qagent.dll

2011-06-30 00:26:24 ----N---- C:\WINDOWS\system32\photometadatahandler.dll

2011-06-30 00:26:23 ----N---- C:\WINDOWS\system32\onex.dll

2011-06-30 00:26:19 ----N---- C:\WINDOWS\system32\napstat.exe

2011-06-30 00:26:18 ----N---- C:\WINDOWS\system32\napmontr.dll

2011-06-30 00:26:18 ----N---- C:\WINDOWS\system32\napipsec.dll

2011-06-30 00:26:18 ----N---- C:\WINDOWS\system32\msxml6r.dll

2011-06-30 00:26:18 ----N---- C:\WINDOWS\system32\msxml6.dll

2011-06-30 00:26:17 ----N---- C:\WINDOWS\system32\msshavmsg.dll

2011-06-30 00:26:17 ----N---- C:\WINDOWS\system32\mssha.dll

2011-06-30 00:26:08 ----N---- C:\WINDOWS\system32\mmcperf.exe

2011-06-30 00:26:08 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll

2011-06-30 00:26:08 ----N---- C:\WINDOWS\system32\mmcex.dll

2011-06-30 00:26:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll

2011-06-30 00:26:01 ----N---- C:\WINDOWS\system32\l2gpstore.dll

2011-06-30 00:26:01 ----N---- C:\WINDOWS\system32\kmsvc.dll

2011-06-30 00:26:01 ----N---- C:\WINDOWS\system32\kbdpash.dll

2011-06-30 00:26:01 ----N---- C:\WINDOWS\system32\kbdnepr.dll

2011-06-30 00:26:01 ----N---- C:\WINDOWS\system32\kbdiultn.dll

2011-06-30 00:26:01 ----N---- C:\WINDOWS\system32\kbdbhc.dll

2011-06-30 00:25:55 ----N---- C:\WINDOWS\system32\smtpapi.dll

2011-06-30 00:25:55 ----N---- C:\WINDOWS\system32\rwnh.dll

2011-06-30 00:25:52 ----N---- C:\WINDOWS\system32\ieencode.dll

2011-06-30 00:25:51 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys

2011-06-30 00:25:49 ----A---- C:\WINDOWS\005831_.tmp

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eapsvc.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eapqec.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eappprxy.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eapphost.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eappgnui.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eappcfg.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eapp3hst.dll

2011-06-30 00:25:48 ----N---- C:\WINDOWS\system32\eapolqec.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3ui.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3svc.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3msm.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3dlg.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3cfg.dll

2011-06-30 00:25:47 ----N---- C:\WINDOWS\system32\dot3api.dll

2011-06-30 00:25:46 ----N---- C:\WINDOWS\system32\dimsroam.dll

2011-06-30 00:25:46 ----N---- C:\WINDOWS\system32\dimsntfy.dll

2011-06-30 00:25:46 ----N---- C:\WINDOWS\system32\dhcpqec.dll

2011-06-30 00:25:45 ----N---- C:\WINDOWS\system32\credssp.dll

2011-06-30 00:25:42 ----N---- C:\WINDOWS\system32\bitsprx4.dll

2011-06-30 00:25:42 ----N---- C:\WINDOWS\system32\azroles.dll

2011-06-30 00:25:39 ----N---- C:\WINDOWS\system32\aaclient.dll

2011-06-30 00:06:59 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$

2011-06-30 00:06:38 ----D---- C:\WINDOWS\ie8updates

2011-06-30 00:06:18 ----D---- C:\WINDOWS\WBEM

2011-06-30 00:05:58 ----HDC---- C:\WINDOWS\ie8

2011-06-30 00:05:58 ----D---- C:\WINDOWS\system32\en-US

2011-06-30 00:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$

2011-06-30 00:00:00 ----D---- C:\WINDOWS\system32\appmgmt

2011-06-29 23:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$

2011-06-29 23:57:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

2011-06-29 23:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$

2011-06-29 23:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$

2011-06-29 23:56:59 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$

2011-06-29 23:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$

2011-06-29 23:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$

2011-06-29 23:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$

2011-06-29 23:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$

2011-06-29 23:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$

2011-06-29 23:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$

2011-06-29 23:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$

2011-06-29 23:56:10 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$

2011-06-29 23:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$

2011-06-29 23:55:20 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$

2011-06-29 23:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$

2011-06-29 23:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$

2011-06-29 23:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$

2011-06-29 23:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$

2011-06-29 23:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$

2011-06-29 23:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$

2011-06-29 23:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$

2011-06-29 23:54:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$

2011-06-29 23:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$

2011-06-29 23:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$

2011-06-29 23:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$

2011-06-29 23:54:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$

2011-06-29 23:54:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$

2011-06-29 23:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$

2011-06-29 23:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$

2011-06-29 23:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$

2011-06-29 23:53:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$

2011-06-29 23:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$

2011-06-29 23:53:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$

2011-06-29 23:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$

2011-06-29 23:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$

2011-06-29 23:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$

2011-06-29 23:53:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$

2011-06-29 23:53:14 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2011-06-29 23:52:59 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$

2011-06-29 23:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$

2011-06-29 23:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$

2011-06-29 23:52:46 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

2011-06-29 23:52:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$

2011-06-29 23:52:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$

2011-06-29 23:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$

2011-06-29 23:52:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$

2011-06-29 23:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$

2011-06-29 23:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$

2011-06-29 23:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$

2011-06-29 23:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$

2011-06-29 23:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$

2011-06-29 23:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$

2011-06-29 23:51:25 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$

2011-06-29 23:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$

2011-06-29 23:51:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$

2011-06-29 23:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$

2011-06-29 23:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$

2011-06-29 23:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$

2011-06-29 23:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$

2011-06-29 23:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$

2011-06-29 23:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$

2011-06-29 23:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$

2011-06-29 23:49:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$

2011-06-29 23:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

2011-06-29 23:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$

2011-06-29 23:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$

2011-06-29 23:48:00 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$

2011-06-29 23:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$

2011-06-29 23:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$

2011-06-29 23:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$

11747-11-13 15:58:10 ----ASHD---- C:\WINDOWS\xxclone.arc

======List of files/folders modified in the last 1 month======

2012-05-03 23:31:57 ----D---- C:\WINDOWS

2012-05-03 23:31:29 ----RD---- C:\Program Files

2012-05-03 22:37:39 ----SD---- C:\WINDOWS\Tasks

2012-05-03 22:37:39 ----D---- C:\WINDOWS\Temp

2012-05-03 19:20:25 ----D---- C:\WINDOWS\system32\drivers

2012-05-03 19:19:01 ----D---- C:\WINDOWS\system32

2012-05-03 19:17:35 ----D---- C:\WINDOWS\system32\CatRoot2

2012-05-03 18:17:19 ----HD---- C:\WINDOWS\inf

2012-05-03 13:17:57 ----A---- C:\WINDOWS\SchedLgU.Txt

2012-05-01 11:30:33 ----SHD---- C:\WINDOWS\Installer

2012-04-30 11:06:38 ----A---- C:\WINDOWS\vbaddin.ini

2012-04-12 17:59:10 ----RSHDC---- C:\WINDOWS\system32\dllcache

2012-04-12 17:59:07 ----D---- C:\Program Files\Internet Explorer

2012-04-12 17:58:22 ----HD---- C:\WINDOWS\$hf_mig$

2012-04-12 17:55:15 ----A---- C:\WINDOWS\system32\MRT.exe

2012-04-12 17:55:06 ----A---- C:\WINDOWS\imsins.BAK

2012-04-06 18:56:17 ----D---- C:\Program Files\Common Files

2012-04-04 19:16:14 ----A---- C:\WINDOWS\win.ini

2012-03-12 13:05:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2012-03-02 06:01:32 ----A---- C:\WINDOWS\system32\ieframe.dll

2012-03-01 07:01:32 ----N---- C:\WINDOWS\system32\occache.dll

2012-03-01 07:01:32 ----N---- C:\WINDOWS\system32\mstime.dll

2012-03-01 07:01:32 ----N---- C:\WINDOWS\system32\jsproxy.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\wininet.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\urlmon.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\url.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\mshtmled.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\mshtml.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\msfeeds.dll

2012-03-01 07:01:32 ----A---- C:\WINDOWS\system32\licmgr10.dll

2012-03-01 07:01:31 ----N---- C:\WINDOWS\system32\iedkcs32.dll

2012-03-01 07:01:31 ----A---- C:\WINDOWS\system32\iertutil.dll

2012-03-01 07:01:31 ----A---- C:\WINDOWS\system32\iepeers.dll

2012-02-29 10:10:16 ----A---- C:\WINDOWS\system32\wintrust.dll

2012-02-29 10:10:16 ----A---- C:\WINDOWS\system32\imagehlp.dll

2012-02-29 08:17:40 ----N---- C:\WINDOWS\system32\ie4uinit.exe

2011-11-25 17:57:19 ----A---- C:\WINDOWS\system32\winsrv.dll

2011-11-18 08:35:08 ----A---- C:\WINDOWS\system32\packager.exe

2011-11-16 10:21:44 ----A---- C:\WINDOWS\system32\winhttp.dll

2011-11-16 10:21:44 ----A---- C:\WINDOWS\system32\schannel.dll

2011-11-11 20:03:37 ----D---- C:\WINDOWS\WinSxS

2011-11-08 09:46:16 ----N---- C:\WINDOWS\system32\tzchange.exe

2011-11-03 11:28:36 ----A---- C:\WINDOWS\system32\quartz.dll

2011-11-03 11:28:36 ----A---- C:\WINDOWS\system32\qdvd.dll

2011-11-01 12:07:10 ----A---- C:\WINDOWS\system32\ole32.dll

2011-10-28 01:31:48 ----A---- C:\WINDOWS\system32\csrsrv.dll

2011-10-25 09:33:08 ----A---- C:\WINDOWS\system32\ntoskrnl.exe

2011-10-25 08:52:03 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

2011-10-18 07:13:22 ----N---- C:\WINDOWS\system32\encdec.dll

2011-10-14 10:47:29 ----A---- C:\WINDOWS\system32\winmm.dll

2011-10-14 10:47:29 ----A---- C:\WINDOWS\system32\mciseq.dll

2011-10-10 10:22:41 ----A---- C:\WINDOWS\system32\inetcomm.dll

2011-09-28 03:06:50 ----A---- C:\WINDOWS\system32\crypt32.dll

2011-09-26 11:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll

2011-09-26 11:41:14 ----A---- C:\WINDOWS\system32\oleaccrc.dll

2011-09-15 16:25:47 ----D---- C:\Documents and Settings\Video\Application Data\Apple Computer

2011-09-14 14:51:22 ----DC---- C:\WINDOWS\system32\DRVSTORE

2011-09-01 19:08:19 ----D---- C:\WINDOWS\system32\CatRoot

2011-07-13 14:00:01 ----A---- C:\boot.ini

2011-07-12 20:48:56 ----A---- C:\WINDOWS\xxclone.ini

2011-07-12 17:51:04 ----D---- C:\Program Files\Common Files\Java

2011-07-12 17:50:24 ----D---- C:\Program Files\Java

2011-07-12 17:13:25 ----D---- C:\Program Files\Windows Media Player

2011-07-12 17:13:20 ----D---- C:\WINDOWS\Help

2011-07-12 16:03:59 ----RSD---- C:\WINDOWS\Fonts

2011-07-12 11:40:11 ----D---- C:\Program Files\Common Files\Microsoft Shared

2011-07-11 17:33:56 ----D---- C:\WINDOWS\Registration

2011-07-10 14:09:07 ----SD---- C:\Documents and Settings\Video\Application Data\Microsoft

2011-07-09 18:59:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2011-07-09 18:59:35 ----D---- C:\WINDOWS\PCHEALTH

2011-07-09 18:55:52 ----D---- C:\WINDOWS\Internet Logs

2011-07-09 18:54:36 ----D---- C:\WINDOWS\system32\ZoneLabs

2011-07-09 18:53:51 ----D---- C:\Program Files\Grisoft

2011-07-09 18:53:41 ----D---- C:\WINDOWS\system

2011-06-30 18:56:02 ----D---- C:\WINDOWS\msapps

2011-06-30 18:56:02 ----D---- C:\Temp

2011-06-30 18:56:02 ----D---- C:\Program Files\microsoft frontpage

2011-06-30 13:15:05 ----A---- C:\WINDOWS\vb.ini

2011-06-30 13:09:11 ----D---- C:\Program Files\ComPlus Applications

2011-06-30 13:05:41 ----A---- C:\WINDOWS\ODBCINST.INI

2011-06-30 12:52:44 ----D---- C:\WINDOWS\java

2011-06-30 06:20:23 ----D---- C:\Documents and Settings\Video\Application Data\Adobe

2011-06-30 00:57:12 ----A---- C:\WINDOWS\iis6.BAK

2011-06-30 00:56:24 ----D---- C:\Program Files\Outlook Express

2011-06-30 00:54:47 ----D---- C:\Program Files\Movie Maker

2011-06-30 00:48:53 ----A---- C:\WINDOWS\OEWABLog.txt

2011-06-30 00:48:18 ----A---- C:\WINDOWS\setuplog.txt

2011-06-30 00:47:46 ----D---- C:\WINDOWS\system32\Setup

2011-06-30 00:47:46 ----D---- C:\WINDOWS\AppPatch

2011-06-30 00:47:45 ----D---- C:\WINDOWS\system32\wbem

2011-06-30 00:47:14 ----D---- C:\WINDOWS\security

2011-06-30 00:41:29 ----D---- C:\Program Files\Messenger

2011-06-30 00:37:44 ----D---- C:\WINDOWS\system32\inetsrv

2011-06-30 00:37:43 ----D---- C:\WINDOWS\ime

2011-06-30 00:37:36 ----D---- C:\WINDOWS\system32\usmt

2011-06-30 00:37:34 ----D---- C:\WINDOWS\system32\bits

2011-06-30 00:37:34 ----D---- C:\WINDOWS\peernet

2011-06-30 00:35:36 ----D---- C:\WINDOWS\system32\Restore

2011-06-30 00:35:36 ----D---- C:\WINDOWS\system32\npp

2011-06-30 00:35:35 ----D---- C:\WINDOWS\msagent

2011-06-30 00:35:34 ----D---- C:\WINDOWS\srchasst

2011-06-30 00:35:33 ----D---- C:\Program Files\NetMeeting

2011-06-30 00:35:32 ----D---- C:\WINDOWS\system32\Com

2011-06-30 00:35:30 ----D---- C:\Program Files\Windows NT

2011-06-30 00:35:28 ----D---- C:\Program Files\Common Files\System

2011-06-30 00:35:16 ----D---- C:\WINDOWS\system32\oobe

2011-06-30 00:33:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2011-06-30 00:31:38 ----D---- C:\WINDOWS\EHome

2011-06-30 00:12:33 ----D---- C:\WINDOWS\Debug

2011-06-30 00:06:20 ----D---- C:\WINDOWS\system32\config

2011-06-30 00:06:15 ----D---- C:\WINDOWS\Media

2011-06-29 23:50:40 ----D---- C:\WINDOWS\ServicePackFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Gernuwa;Gernuwa; C:\WINDOWS\system32\drivers\Gernuwa.sys [2001-10-09 14944]

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [2003-10-29 21120]

R0 nvatabus;nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [2004-06-02 79360]

R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2004-09-17 20368]

R0 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\system32\DRIVERS\sbp2port.sys [2008-04-13 43904]

R1 AW_HOST;AW_HOST; C:\WINDOWS\system32\drivers\aw_host5.sys [2001-10-22 31192]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-06-24 44160]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-06-24 24832]

R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2004-06-24 289408]

R1 DVDVRRdr_xp;DVDVRRdr_xp; C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys [2004-06-24 141184]

R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-06-24 117632]

R1 UDFReadr;UDFReadr; C:\WINDOWS\system32\drivers\UDFReadr.sys [2004-06-24 200704]

R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]

R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]

S1 AmdK8;AMD Athlon64 Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2004-05-08 35840]

S1 awlegacy;awlegacy; C:\WINDOWS\System32\Drivers\awlegacy.sys [2000-09-11 10816]

S2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]

S2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-18 63232]

S2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-18 55936]

S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-23 400384]

S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 DELTA;Service for Delta Driver (WDM); C:\WINDOWS\system32\DRIVERS\delta.sys [2005-03-16 292992]

S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-06-24 23808]

S3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-08-17 322432]

S3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2009-02-06 350592]

S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]

S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []

S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-06-24 23808]

S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-07-12 2459968]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2004-05-17 33280]

S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2004-05-17 12928]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []

S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2005-04-19 279880]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]

S2 FlipShare Service;FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [2009-11-19 455944]

S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2011-07-12 161664]

S2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost; c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [2009-02-06 344832]

S2 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2007-04-04 87560]

S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-12 114755]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-03-07 68096]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]

S3 awhost32;pcAnywhere Host Service; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [2001-11-02 110651]

S3 Matrox Centering Service;Matrox Centering Service; c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [2009-02-06 1263872]

S3 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 Visual Studio Analyzer RPC bridge;Visual Studio Analyzer RPC bridge; C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [1998-06-06 34036]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

[panwalker]

And now the INFO file from last year's date:

----------------------

info.txt logfile of random's system information tool 1.09 2011-07-11 23:39:49

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

123 DVD Clone-->"C:\Program Files\123 DVD Clone\unins000.exe"

2d3 SteadyMove for Adobe Premiere Pro-->MsiExec.exe /I{94118D5F-2D5D-4BF5-9F84-11FB8A97B566}

3ivx MPEG-4 5.0.3 (remove only)-->"C:\Program Files\3ivx\3ivx MPEG-4 5.0.3\uninstaller.exe"

Adobe Encore DVD 1.5-->RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BD31B80-7E9E-4FAF-B911-0AC31FB94BF6}\setup.exe" -l0x0009

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe -maintain activex

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_Plugin.exe -maintain plugin

Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"

Adobe Premiere Pro 1.5-->RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{A14F7508-B784-40B8-B11A-E0E2EEB7229F}\setup.exe" -l0x0009

Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}

Android SDK Tools-->C:\Program Files\Android\android-sdk\uninstall.exe

Aqua Data Studio 9.0 - 32bit-->C:\Program Files\Aqua Data Studio 9.0 - 32bit\uninstall .exe

Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9

AVS Screen Capture version 2.0.1-->"C:\Program Files\AVS4YOU\AVSScreenCapture\unins000.exe"

AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe"

AVS Video Editor 6-->"C:\Program Files\AVS4YOU\AVSVideoEditor\unins000.exe"

AVS Video Recorder 2.4-->"C:\Program Files\AVS4YOU\AVSVideoRecorder\unins000.exe"

AVS4YOU Software Navigator 1.4-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"

Camtasia Studio 2-->C:\Program Files\TechSmith\Camtasia Studio 2\CSuninst.EXE

Delta-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A4810699-E859-43A6-8F40-1743873E72AB}\setup.exe" -l0x9 -removeonly

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

FileZilla Client 3.5.3-->C:\Program Files\FileZilla FTP Client\uninstall.exe

FlipShare-->MsiExec.exe /X{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}

GIGABYTE VGA Utility Manager-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GigaByte\VGA Utility Manager\Uninst.isu"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"

Inkscape 0.48.2-->C:\Program Files\Inkscape\Uninstall.exe

J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}

Java 6 Update 27-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}

Java 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217000FF}

Java SE Development Kit 7-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0170000}

LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE

LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U

Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9

Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

Magic Bullet Movie Looks-->C:\WINDOWS\unvise32.exe C:\Program Files\Adobe\Premiere Pro 1.5\Plug-ins\en_US\Magic Bullet Movie Looks\uninstal.log

Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Matrox Graphics Software (remove only)-->C:\WINDOWS\system32\PDesk\PDUninst.exe

Matrox PowerDesk-SE-->MsiExec.exe /X{9AA7D28F-7C66-45BD-95C0-BEC00CEFD34A}

Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}

Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}

Microsoft Security Client-->MsiExec.exe /X{0F842B77-56EA-4AAF-8295-81A022350B5E}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual Studio 6.0 Enterprise Edition-->"C:\Program Files\Microsoft Visual Studio\Common\Setup\1033\Setup.exe"

Microsoft Web Publishing Wizard 1.53-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall

Microsoft Works 6-9 Converter-->MsiExec.exe /X{172423F9-522A-483A-AD65-03600CE4CA4F}

Mozilla Firefox 11.0 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

NVIDIA Drivers-->C:\WINDOWS\system32\NVUninst.exe UninstallGUI

PlexTools Professional V2.17-->MsiExec.exe /X{10651499-F215-41EA-A32D-B09AAAAB138F}

PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}

Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE

Roxio Easy Media Creator 7 Basic DVD Edition-->MsiExec.exe /I{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Spotify-->"C:\Program Files\Spotify\uninstall.exe"

Symantec pcAnywhere-->MsiExec.exe /I{C05E8183-866A-11D3-97DF-0000F8D8F2E9}

ULTRA 2 Program Files-->MsiExec.exe /I{6CC9B4FB-161D-4330-97C3-9D48CA5FD106}

ULTRA 2-->MsiExec.exe /I{BA9B9A23-4B46-4487-8439-55CE401A23D2}

ULTRA Program Files-->MsiExec.exe /I{A413CBEB-11C1-45B5-91B2-EB7AB8AF5E0C}

ULTRA-->MsiExec.exe /I{995237D9-6E24-45D9-9B06-C13AA62F518B}

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Visual Voice Pro 5-->C:\Program Files\VisualVoicePro5\Uninstal.exe C:\PROGRA~1\VISUAL~1\INSTALL.LOG Uninstalling Visual Voice Pro 5

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

XXClone ver 1.91.0-->C:\WINDOWS\SYSTEM32\xxclone.exe /uninst

======Security center information======

AV: Microsoft Security Essentials (disabled)

======System event log======

Computer Name: MIXMASTER

Event Code: 20

Message: Printer Driver HP LaserJet 1200 Series PCL 6 for Windows NT x86 Version-3 was added or updated. Files:- HPBF312G.DLL, HPBF312E.DLL, HPBF312I.PMD, HPBF312I.HLP, HPBF312F.DLL, HPBF312H.DLL, HPBF312I.DLL, HPBF312J.DLL, HPBF312K.DLL, HPBAFD32.DLL, HPBFTM32.DLL.

Record Number: 15085

Source Name: Print

Time Written: 20120123170311.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 36

Message: The time service has not been able to synchronize the system time

for 49152 seconds because none of the time providers has been able to

provide a usable time stamp. The system clock is unsynchronized.

Record Number: 15084

Source Name: W32Time

Time Written: 20120123110713.000000-300

Event Type: warning

User:

Computer Name: MIXMASTER

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 15057

Source Name: Tcpip

Time Written: 20120120163212.000000-300

Event Type: warning

User:

Computer Name: MIXMASTER

Event Code: 20

Message: Printer Driver HP LaserJet 1200 Series PCL 6 for Windows NT x86 Version-3 was added or updated. Files:- HPBF312G.DLL, HPBF312E.DLL, HPBF312I.PMD, HPBF312I.HLP, HPBF312F.DLL, HPBF312H.DLL, HPBF312I.DLL, HPBF312J.DLL, HPBF312K.DLL, HPBAFD32.DLL, HPBFTM32.DLL.

Record Number: 15054

Source Name: Print

Time Written: 20120120121415.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 36

Message: The time service has not been able to synchronize the system time

for 49152 seconds because none of the time providers has been able to

provide a usable time stamp. The system clock is unsynchronized.

Record Number: 15053

Source Name: W32Time

Time Written: 20120120113701.000000-300

Event Type: warning

User:

=====Application event log=====

Computer Name: MIXMASTER

Event Code: 1000

Message: Faulting application plextool.exe, version 2.17.0.0, faulting module plextool.exe, version 2.17.0.0, fault address 0x00153c7a.

Record Number: 2933

Source Name: Application Error

Time Written: 20091116112749.000000-300

Event Type: error

User:

Computer Name: MIXMASTER

Event Code: 1517

Message: Windows saved user MIXMASTER\Video registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2908

Source Name: Userenv

Time Written: 20091116103338.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 1

Message:

Record Number: 2903

Source Name: nview_info

Time Written: 20091116080014.000000-300

Event Type: error

User:

Computer Name: MIXMASTER

Event Code: 1517

Message: Windows saved user MIXMASTER\Video registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2870

Source Name: Userenv

Time Written: 20090228183809.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: MIXMASTER

Event Code: 1517

Message: Windows saved user MIXMASTER\Video registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 2829

Source Name: Userenv

Time Written: 20081124184947.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Symantec\pcAnywhere\

"windir"=%SystemRoot%

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD

"PROCESSOR_REVISION"=0c00

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"FP_NO_HOST_CHECK"=NO

"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_01\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.5.0_01\lib\ext\QTJava.zip

"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

[panwalker]

*** FYI, everything appears to be working fine on the computer now. I'll wait to see if you want me to do anything else, though.

[Maurice Naggar]

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a QUICK Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Step 2

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Using Internet Explorer browser only, go to ESET Online Scanner website:

{Windows 7 & Vista users should start IE by Start >> Internet Explorer >> Right-Click and select Run As Administrator.}

• Press the ESET Online scanner" button
• Check the I accept the terms box. Accept the Terms of Use and press Start button;
  
• Approve the install of the required ActiveX Control, then follow on-screen instructions;
  
• Un-check the Remove found threats option.
  
• Checkmark Scan Archives option.
  
• Click on Advanced Settings and checkmark the following
  Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology
  click Scan.
  
• After the scan completes, the Details tab in the Results window will display what was found and removed.
  • A logfile is created and located at C:\Program Files\Eset\EsetOnlineScanner\log.txt.

  Look at contents of this file using Notepad or Wordpad.

  The Frequently Asked Questions for ESET Online Scanner can be viewed here

  http://www.eset.com/onlinescan/cac4.php?page=faq

  • From ESET Tech Support: If you have ESET NOD32 installed, you should disable it prior to running this scanner.
    Otherwise the scan will take twice as long to do:
    everytime the ESET online scanner opens a file on your computer to scan it, NOD32 on your machine will rescan the file as a result.
    
  • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
    (And the prompt re-enabling when finished.)
    
  • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.

After the scan is done, re-enable your antivirus program.

Reply with copy of the MBAM scan log & Eset scan log.

[Maurice Naggar]

BTW, you said

from last years' date that I would often operate in:

Why would you ever have a system date of last year ????

That is sure to trip up Windows Updates and is extremely ill-advised

[panwalker]

Below is the final report from MBAM. No threats found (2 threats were found the first time I successfully ran it in chameleon mode yesterday, and none since then).

I cannot, however, get ESET to load in Internet Explorer. It locks up every time when trying to install the activex component.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.04.03

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Video :: MIXMASTER [administrator]

Protection: Disabled

5/4/2012 10:35:24 AM

mbam-log-2012-05-04 (10-35-24).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 193793

Time elapsed: 15 minute(s), 51 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Maurice Naggar]

Make sure you are allowing popups from Eset website

Make sure you are looking at top of IE to allow the control to be setup.

and be sure you Turned OFF your antivirus before going to the ESET website

It would be great if you can try one more time, & do the ESET scan.

NEXT:

a different scan at Microsoft

a) turn OFF your antivirus

b) Download, and SAVE, and then run the MS Safety Scanner applet

http://www.microsoft.com/security/scanner/en-us/default.aspx

When all done, turn ON your antivirus

Post results and logs

[panwalker]

ESET still won't load. Now the window closes instead of asking me to install the activex... Before, it just locked up when i clicked on install the activex.

Ran msert.exe and it found no threats at all. Didn't see where it generated a log...

[Maurice Naggar]

Step 1

Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Start Internet Explorer

Using Internet Explorer browser only, go to BitDefender Quickscan website:

http://quickscan.bitdefender.com

and click "Start Scan".

Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.

Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.

If prompted, reply yes to allow it to run.

Press the Allow button and follow prompts.

Press the "Start Scan" once more.

You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/

and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.

It may seem to stall at moments, but have patience; it will move on.

You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.

The log report will show in your text editor. Save the log.

Do a Select ALL, Copy. Then paste contents into your next reply.

Step 2

• Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
  >> from here <<
  
• Quit all programs that you may have started.
  
• For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
  For Windows XP, double-click to start.
  
• Wait until Prescan has finished ...
  
• Click on Scan.
  
• Click on Report and copy/paste the content of the notepad into your next reply.
  

Do NOT push any fix buttons. We only need a report.

Step 3

RE-Enable your antivirus program.

Copy & Paste contents of log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

[panwalker]

The bitdefender site kept locking up IE, and I could NOT get it to run in IE at all. Had no problem running it in Firefox though. It took 16 minutes...

Here's the report:

QuickScan 32-bit v0.9.9.114

---------------------------

Scan date: Mon May 07 12:10:56 2012

Machine ID: E89668CD

No infection found.

-------------------

Processes

---------

Adobe Reader 3580 C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe

Drag-to-Disc 536 C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe

Firefox 200 C:\Program Files\Mozilla Firefox\firefox.exe

Firefox 284 C:\Program Files\Mozilla Firefox\plugin-container.exe

FlipShare 252 C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

Google Update 2464 C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe

Java Platform SE 7 376 C:\Program Files\Java\jre7\bin\jqs.exe

Logitech QuickCam 1412 C:\Program Files\Logitech\Video\FxSvr2.exe

Logitech QuickCam 484 C:\Program Files\Logitech\Video\LogiTray.exe

Logitech QuickCam 460 C:\WINDOWS\system32\LVCOMSX.EXE

Matrox Graphics Inc. MGABG 1132 C:\WINDOWS\system32\mgabg.exe

Matrox Services Host 836 C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

Microsoft Application Error Reporting 3492 C:\WINDOWS\system32\dwwin.exe

Microsoft Malware Protection 984 C:\Program Files\Microsoft Security Client\MsMpEng.exe

Microsoft Security Client 1480 C:\Program Files\Microsoft Security Client\msseces.exe

Microsoft® Windows® Operating System 1000 C:\WINDOWS\system32\drwtsn32.exe

Microsoft® Windows® Operating System 184 C:\WINDOWS\system32\drwtsn32.exe

Microsoft® Windows® Operating System 116 C:\WINDOWS\system32\drwtsn32.exe

Microsoft® Windows® Operating System 2656 C:\WINDOWS\system32\drwtsn32.exe

Microsoft® Windows® Operating System 3852 C:\WINDOWS\system32\dumprep.exe

Microsoft® Windows® Operating System 1360 C:\WINDOWS\system32\spoolsv.exe

Microsoft® Windows® Operating System 2640 C:\WINDOWS\system32\wbem\unsecapp.exe

(verified) Google Update 1696 C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

(verified) Microsoft® Windows® Operating System 1864 C:\WINDOWS\explorer.exe

(verified) Microsoft® Windows® Operating System 2708 C:\WINDOWS\system32\alg.exe

(verified) Microsoft® Windows® Operating System 624 C:\WINDOWS\system32\csrss.exe

(verified) Microsoft® Windows® Operating System 1588 C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System 704 C:\WINDOWS\system32\lsass.exe

(verified) Microsoft® Windows® Operating System 692 C:\WINDOWS\system32\services.exe

(verified) Microsoft® Windows® Operating System 568 C:\WINDOWS\system32\smss.exe

(verified) Microsoft® Windows® Operating System 176 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1024 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1240 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1264 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1116 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 920 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 872 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2628 C:\WINDOWS\system32\wbem\wmiprvse.exe

(verified) Microsoft® Windows® Operating System 648 C:\WINDOWS\system32\winlogon.exe

(verified) Windows® Internet Explorer 3280 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Internet Explorer 3576 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Internet Explorer 3664 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Internet Explorer 3732 C:\Program Files\Internet Explorer\iexplore.exe

Network activity

----------------

Process svchost.exe (920) listens on ports: 135 (RPC)

Autoruns and critical files

---------------------------

PowerDesk-SE Application c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe

Adobe Systems, Inc. Adobe Gamma Loader C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Drag-to-Disc C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe

Flash® Player Installer/Uninstaller C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe

Logitech QuickCam C:\Program Files\Logitech\Video\ISStart.exe

Logitech QuickCam C:\Program Files\Logitech\Video\LogiTray.exe

Logitech QuickCam C:\Program Files\Logitech\Video\ManifestEngine.exe

Logitech QuickCam C:\WINDOWS\system32\LVCOMSX.EXE

M Audio Delta Control Panel Interface S C:\WINDOWS\system32\DeltTray.exe

Menu Application C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe

Microsoft Office 2000 C:\Program Files\Microsoft Office\Office\OSA9.EXE

Microsoft Security Client C:\Program Files\Microsoft Security Client\msseces.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\logon.scr

Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll

NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\NvCpl.dll

NVIDIA Media Center Library C:\WINDOWS\system32\NvMcTray.dll

NVIDIA nView Wizard, Version 61.76 C:\WINDOWS\system32\nwiz.exe

pcAnywhere C:\WINDOWS\system32\PCANotify.dll

PlexTools Professional C:\Program Files\Plextor\PlexTool.exe

QuickTime C:\Program Files\QuickTime\qttask.exe

Realtek Sound Manager C:\WINDOWS\SOUNDMAN.EXE

rtclk Application C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

(verified) Google Update C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\stobject.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll

(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

Browser plugins

---------------

AcroIEHelper Library C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Bitdefender QuickScan C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

Google Update C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll

Java Platform SE 7 C:\Program Files\Java\jre7\bin\jp2ssv.dll

Java Platform SE 7 C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

Messenger C:\Program Files\Messenger\msmsgs.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\nwprovau.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

MSN Chat C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx

NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.5.5 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

RadioWMPCore.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\engine@conduit.com\components\RadioWMPCore.dll

RadioWMPCoreGecko10.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko10.dll

RadioWMPCoreGecko11.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko11.dll

RadioWMPCoreGecko12.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko12.dll

RadioWMPCoreGecko5.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko5.dll

RadioWMPCoreGecko6.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko6.dll

RadioWMPCoreGecko7.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko7.dll

RadioWMPCoreGecko8.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko8.dll

RadioWMPCoreGecko9.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko9.dll

Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

(verified) RadioWMPCoreGecko19.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

(verified) RadioWMPCoreGecko19.dll C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll

Missing files

-------------

File not found: C:\Documents and Settings\Video\Local Settings\Application Data\Akamai\netsession_win.exe

--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Akamai NetSession Interface"

Scan

----

MD5: cf94efbded5fddcc236bdb66749ca495 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DA39ADA3-076F-4315-8E69-25006022B61D}\mpengine.dll

MD5: 34c084b321ea0308c58eed1cf6b5fb02 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\engine@conduit.com\components\RadioWMPCore.dll

MD5: 8d7de77590f586fa630a2322e35b45ed C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko10.dll

MD5: 8d04f4cc72d07cf7c0702f29d6c67072 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko11.dll

MD5: 86c4e74d70167bc01826b0ed3f442b4b C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko12.dll

MD5: c2ad81a8cb014376dcc05257bc31ca23 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko5.dll

MD5: 402f5c01b3629e70015d4eac29bd4b80 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko6.dll

MD5: d55024f2e996643e54d736c83b4a4e8e C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko7.dll

MD5: 6b9ecf45d72b1b47bea6fbfd62925634 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko8.dll

MD5: 816c504ac507224f0ec4f72f2024b028 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko9.dll

MD5: 1570f1e976e042c833f736e3cfe03d96 C:\Documents and Settings\Video\Application Data\Mozilla\Firefox\Profiles\kso5sfou.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

MD5: d566847532183a720a0177565014cb73 C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe

MD5: 59448f6b68454ba3dc14b2f974877a49 C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\1.3.21.111\goopdate.dll

MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Documents and Settings\Video\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll

MD5: 419549bb6920b5fb13526030d1559a9d C:\Program Files\Adobe\Acrobat 6.0\Reader\ACE.dll

MD5: 572f64072ee4abe6dd7f217e22fd6e31 C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe

MD5: fc7850324464e4d19a24a03d882b5cc4 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

MD5: 6915b032aa89adc10c39e57ada6a5fdb C:\Program Files\Adobe\Acrobat 6.0\Reader\AGM.dll

MD5: a373ebcbc34b82654d60fb3fdedc1290 C:\Program Files\Adobe\Acrobat 6.0\Reader\BIB.dll

MD5: 84edfc826852393d1dde8b757747e012 C:\Program Files\Adobe\Acrobat 6.0\Reader\CoolType.dll

MD5: 05fd07446c8494db8b74329693ff96a8 C:\Program Files\Adobe\Acrobat 6.0\Reader\esdupdate.dll

MD5: 5670298169356b36a1c50c57a63c256f C:\Program Files\Adobe\Acrobat 6.0\Reader\JP2KLib.dll

MD5: 7333c6f1f3b6b52083de7a5bf077cce4 C:\Program Files\Adobe\Acrobat 6.0\Reader\OPP.dll

MD5: 9dd584649c9518bbbdc18d480ba5ecf9 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Accessibility.api

MD5: 794c9c29cd3c651d59b2710dcbfb1657 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\AcroForm.api

MD5: 9ca30d1df70d0327cf52a0df0bb89e57 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Annotations\Annots.api

MD5: 05bc01fe20544544e849a7e89830733e C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\DigSig.api

MD5: 04459b8f6ef3d922c9bc8b3dc594e546 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\eBook.api

MD5: 3d29528b02d987fb05a7b3dfac87f35a C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\EScript.api

MD5: aa06f05b98048262fcdabff0e64d82ef C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\EWH32.api

MD5: 12d30707004d3266cf9e9345bc62a4c4 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\HLS.api

MD5: f176083930c04a154f3daf23b49365d5 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\IA32.api

MD5: 7331892492dd362cd8a7e2226d4c5720 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\ImageViewer\ImageViewer.API

MD5: 0d2cadc110e3b6efa0759bdae29f6cc8 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\MakeAccessible.api

MD5: 87c143efa810ed81b44aa93a0ce10f85 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Multimedia\Multimedia.api

MD5: 9f1fadbddcda9f4e89cb844ede8c8739 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\PDDom.api

MD5: 21c73d9052cdfc6bbfe269e0ba927a25 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\PictureTasks\PictureTasks.api

MD5: 0c86b43d3f7979061105ebc2f2039f0b C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\PPKLite.api

MD5: 02d4d3c94eaf60801dc05441db5ca68e C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\printme.api

MD5: ccd2e5b92ac6eeb1ed7ab1bf08b45b24 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\reflow.api

MD5: 44f1761f8099d1494c8a6d701c752136 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\SaveAsRTF.api

MD5: 19a6b2b9a40b6feb4541dc1e2cc82b49 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Search.api

MD5: 7c7a43604686f10d1c61cf3a4ac781fd C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Search5.api

MD5: 86df948028328d517683fab537ab60d9 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\SendMail.api

MD5: 77f0e33e2818efac187e99091fb3bba6 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Soap.api

MD5: 7744b20844acc3b26f4579330f649728 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Updater.api

MD5: 43002a7e8434cabdf1da4c9e1946a05e C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\weblink.api

MD5: bf62b732e71ba48cea5859aa08a77070 C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\XFA.api

MD5: b814986d174a909ed43cbebd97781284 C:\Program Files\Adobe\Acrobat 6.0\Reader\SPPlugins\ADMPlugin.apl

MD5: ffe5fe28ae14c1d763ec51eb214996c7 C:\Program Files\Adobe\Acrobat 6.0\Reader\SPPlugins\ExpressViews.apl

MD5: 3dca27d49522aacf37a4a3e2aca8e0b2 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

MD5: c2ff17734176cd15221c10044ef0ba1a C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

MD5: 3745e5510eb76db9182d22392b5dc89a C:\Program Files\Common Files\Roxio Shared\DLLShared\apm.dll

MD5: 66aa43f07dee7fe8f22d955e06a1fb0b C:\Program Files\FileZilla FTP Client\fzshellext.dll

MD5: f582c79814c604b589d085c0a02ca594 C:\Program Files\Flip Video\FlipShare\Core.dll

MD5: 0b9167adfe8e42b6b4c5e929bfbc7080 C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

MD5: 522bea25fbd2df7ba1101646cd8741c9 C:\Program Files\Flip Video\FlipShare\qca2.dll

MD5: c406e19f08b087eb01e26365b0f50558 C:\Program Files\Flip Video\FlipShare\QtCore4.dll

MD5: 41d22526f240bc9cb38656b6c328bd4d C:\Program Files\Flip Video\FlipShare\QtGui4.dll

MD5: c13844e25cffd2f9067694a0ddb69824 C:\Program Files\Flip Video\FlipShare\QtSql4.dll

MD5: 37162b93153135c25a9dea0952c0f41a C:\Program Files\Flip Video\FlipShare\QtXml4.dll

MD5: 1609c6172d207c64792d6ecd887743b5 C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe

MD5: fe0d8a62921ed1c5b217a93fccc7b4fb C:\Program Files\Internet Explorer\ieproxy.dll

MD5: a2ea5c73896ac06d2811a2ac157350bf C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: e36f134d37fb11d2d8a11041aadf9ef3 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: d5ae5c89fa8705a667c10b5458c18a67 C:\Program Files\Internet Explorer\xpshims.dll

MD5: 1dda8c123f1ed811d32aeddbc69bd740 C:\Program Files\Java\jre7\bin\jp2ssv.dll

MD5: a1509ba3a5fdc5366146e92b3d130eb5 C:\Program Files\Java\jre7\bin\jqs.exe

MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\MSVCR100.dll

MD5: c617e32f8ba7eaf1245290ce70fa3568 C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

MD5: 1b11c113dc4383c6c07a45bffbdc7d63 C:\Program Files\Logitech\Video\FxSvr2.exe

MD5: 38ed18ed5e80514edbd6e231b05af7b6 C:\Program Files\Logitech\Video\FXSvrps.dll

MD5: 3c0ee706ceb7e9a154bf8e7749ca5a91 C:\Program Files\Logitech\Video\ISStart.exe

MD5: 747b156d7adafa031b3bf816d87e1a6d C:\Program Files\Logitech\Video\LFBMP12N.DLL

MD5: f61ec05fb1b10f088a8bc33c09987c67 C:\Program Files\Logitech\Video\LFCMP12N.DLL

MD5: 9981617dc7bd61afc8a01e0c2429559d C:\Program Files\Logitech\Video\LFFAX12N.DLL

MD5: 9181bf08ae5c2b0a2094944b753a6004 C:\Program Files\Logitech\Video\LFTIF12N.DLL

MD5: b795d400932bdf1f580117836efed619 C:\Program Files\Logitech\Video\LLogTray.dll

MD5: 2d3bcca5c7ca55fedd60e3336d3a92af C:\Program Files\Logitech\Video\LogiTray.exe

MD5: 55d4ade8d0b10f9b491f021228f7127e C:\Program Files\Logitech\Video\LQCUI2.dll

MD5: 70319e2275e78d7d91fa9a8ef34f48fa C:\Program Files\Logitech\Video\LTDIS12N.DLL

MD5: c6dc5023661ee122a296e9d0931ab163 C:\Program Files\Logitech\Video\LTEFX12N.DLL

MD5: 2d50fd2fc9b7bd4360229b5a5db1e572 C:\Program Files\Logitech\Video\LTFIL12n.DLL

MD5: 54240aff9562bb1bc88bd1bbed29c865 C:\Program Files\Logitech\Video\LTIMG12N.DLL

MD5: e09877ba179e67f465dd6eab44684a19 C:\Program Files\Logitech\Video\LTKRN12n.dll

MD5: 3c7b1e2c0e0c54fe99852f18b3dc8445 C:\Program Files\Logitech\Video\LTWVC12n.dll

MD5: d679346402cbf2330cad1fcf815c6524 C:\Program Files\Logitech\Video\ManifestEngine.exe

MD5: 647642eb3ee0c4d819db57ae8dfd8009 C:\Program Files\Logitech\Video\QCUI2.dll

MD5: 55b8c7b701c4d1b0c479f3ffea83850f C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

MD5: ba400ed640bca1eae5c727ae17c10207 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

MD5: 4cfc7e49de0f9dab2b253e223facaa4a C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe

MD5: e910f5e72af41b4ad614355b3fce31d2 c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe

MD5: 6c9ab5adcb829c6cfa16d0aaea4983ce c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe

MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe

MD5: bdc0873d86c9e462acaea3d3518e0b81 C:\Program Files\Microsoft Office\Office\OSA9.EXE

MD5: a8e35801e04a4183a27df60829402867 C:\Program Files\Microsoft Security Client\EppManifest.dll

MD5: 410ccadf699cee2c0c741df0fd90f204 C:\Program Files\Microsoft Security Client\mpclient.dll

MD5: 0b3e2a065bb0e0c8854fef37f90dc3be C:\Program Files\Microsoft Security Client\mprtp.dll

MD5: 120aa0938e8b76ce044d5307dd6caa11 C:\Program Files\Microsoft Security Client\mpsvc.dll

MD5: d5bd2608a465a5867e6220ff84e58768 C:\Program Files\Microsoft Security Client\MsMpCom.dll

MD5: 24516bf4e12a46cb67302e2cdcb8cddf C:\Program Files\Microsoft Security Client\MsMpEng.exe

MD5: 687b71c161b246ece1a13d24aacf0413 C:\Program Files\Microsoft Security Client\msseces.exe

MD5: b5ba71eadeed0773d2e0978f962e1bf3 C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe

MD5: 6204c26dcb34b2eed90d5596940d143b C:\Program Files\Mozilla Firefox\components\browsercomps.dll

MD5: 637f2bdc0e53704d121ddd27a1f62090 C:\Program Files\Mozilla Firefox\firefox.exe

MD5: 792ad4e12d88fa5c00aef1cd47c799f4 C:\Program Files\Mozilla Firefox\freebl3.dll

MD5: 85d4fea81faaa6832e8977712bca7261 C:\Program Files\Mozilla Firefox\gkmedias.dll

MD5: 34de10b73cd7fc49883194e7d3be22de C:\Program Files\Mozilla Firefox\mozalloc.dll

MD5: f999636c41c916d0155d56a85249cc64 C:\Program Files\Mozilla Firefox\mozglue.dll

MD5: 48e8dea531335d2b19a3a8447f8b004b C:\Program Files\Mozilla Firefox\mozjs.dll

MD5: cfa3c950b2b8ee3c5034d65f2bc41197 C:\Program Files\Mozilla Firefox\mozsqlite3.dll

MD5: f4244f5e60a86b5c4bdea7df2a78fc7e C:\Program Files\Mozilla Firefox\nspr4.dll

MD5: 42715cffa91f27e92f7a3ff4f9ebfe66 C:\Program Files\Mozilla Firefox\nss3.dll

MD5: c416c299590deeee0be11b888f883f6a C:\Program Files\Mozilla Firefox\nssckbi.dll

MD5: bbb6d09959d7530254a532a3de0b722a C:\Program Files\Mozilla Firefox\nssdbm3.dll

MD5: 74108b60faf9d33975fec563f151dd4c C:\Program Files\Mozilla Firefox\nssutil3.dll

MD5: 4b1e9f38378763c9947410fc72a8d2d3 C:\Program Files\Mozilla Firefox\plc4.dll

MD5: 81b31aff59c953ab6470db8d1085dbee C:\Program Files\Mozilla Firefox\plds4.dll

MD5: 1aa987a15080e19e83f0872f8fc0ffc2 C:\Program Files\Mozilla Firefox\plugin-container.exe

MD5: d54b335c7a41bbe015a9360b038b78bc C:\Program Files\Mozilla Firefox\smime3.dll

MD5: 7560db4cc2ad90a24bb2f823100cc0b2 C:\Program Files\Mozilla Firefox\softokn3.dll

MD5: 5d8f040c8083a361d3496b06a51d3560 C:\Program Files\Mozilla Firefox\ssl3.dll

MD5: c896d6b31e08d50080495b5de76fc0b5 C:\Program Files\Mozilla Firefox\xpcom.dll

MD5: b2187594f83a69cc04e74bf878d8b5a3 C:\Program Files\Mozilla Firefox\xul.dll

MD5: bb992c4538d14046e0dadc9eb033d4fc C:\Program Files\Plextor\PlexTool.exe

MD5: 9c9b6807425cef840c117654d8b033d1 C:\Program Files\QuickTime\qttask.exe

MD5: 030281783a6239493c1c802019f73970 C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe

MD5: 6b52521fb9cc8fb422c64cf123a47f69 C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\Shellex.dll

MD5: 967fc210a533a49993fd5ac147fa0f8f C:\Program Files\Symantec\pcAnywhere\awhost32.exe

MD5: afdcf8008d0ffe23f42071c1540f35e7 C:\Program Files\Symantec\SYMEVENT.SYS

MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL

MD5: 60fed272bdbafa8214e40ad376c9987e C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx

MD5: e1a1206a4fb19b675e947b29ccd25fba C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe

MD5: e0584ee5e7f07f04a879b19a37465588 C:\WINDOWS\SOUNDMAN.EXE

MD5: ef32415c2755e66ca1b345df68c71243 C:\WINDOWS\system32\1033\dwintl.dll

MD5: d05ab88927849df74cf4f1c303daeb4f C:\WINDOWS\System32\adptif.dll

MD5: d95e8831cc262ac9d19274664afac86c C:\WINDOWS\system32\ATMLIB.dll

MD5: 9b251d476b9308e04fde7c5b81b27499 C:\WINDOWS\system32\awgina.dll

MD5: d1e24d6331691f52bbaaf47850c6946a C:\WINDOWS\system32\awmon.dll

MD5: ac7094a598f6eae8a2c59e376a5b91ad C:\WINDOWS\system32\cdral.DLL

MD5: 2ee9039439b72131939852e1235edb01 C:\WINDOWS\system32\CDRTC.DLL

MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll

MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll

MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll

MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll

MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll

MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: 06848c5a1674fe6c9b7e9ca9b5b4e6e5 C:\WINDOWS\system32\dbgeng.dll

MD5: d4dd44eeaee3799c358df987aa498b17 C:\WINDOWS\system32\DeltTray.exe

MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll

MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll

MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll

MD5: 914a9709fc3bf419ad2f85547f2a4832 C:\WINDOWS\system32\DRIVERS\61883.sys

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: ba88534a3ceb6161e7432438b9ea4f54 C:\WINDOWS\system32\drivers\ALCXSENS.SYS

MD5: 5ff6f7e58c798f1474c0bbffc23cb78d C:\WINDOWS\system32\drivers\ALCXWDM.SYS

MD5: e6a2299284013ec4de3419481a62069f C:\WINDOWS\System32\DRIVERS\AmdK8.sys

MD5: f8e6956a614f15a0860474c5e2a7de6b C:\WINDOWS\system32\DRIVERS\avc.sys

MD5: e3f3b6875d2ead9c03d04fe66dcd84c8 C:\WINDOWS\system32\drivers\aw_host5.sys

MD5: f7e75c620a04963c9a53c3b47da80405 C:\WINDOWS\System32\Drivers\awlegacy.sys

MD5: cba8bce5bf67a3c619d5ce540bed9cf7 C:\WINDOWS\system32\DRIVERS\Camdrl.sys

MD5: 704c8d42e92dbdb0a0b2afdd277df3b8 C:\WINDOWS\system32\DRIVERS\delta.sys

MD5: 6e883bf518296a40959131c2304af714 C:\WINDOWS\System32\DRIVERS\el90xbc5.sys

MD5: 2dd3d27e36ebf6804c40b843ff10872f C:\WINDOWS\system32\DRIVERS\g400dhm.sys

MD5: 36feb2ddce5f84128c2a8dbc60538dad C:\WINDOWS\system32\DRIVERS\G400m.sys

MD5: 90259f3a20fbaec1a08d74ef5415b9d8 C:\WINDOWS\system32\drivers\lvusbsta.sys

MD5: fb097bbc1a18f044bd17bd2fccf97865 C:\WINDOWS\system32\drivers\mbam.sys

MD5: e0e22c8a2c5528919c45b834ca68e5ef C:\WINDOWS\system32\drivers\mbamchameleon.sys

MD5: d993bea500e7382dc4e760bf4f35efcb C:\WINDOWS\system32\DRIVERS\MpFilter.sys

MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys

MD5: 1477849772712bac69c144dcf2c9ce81 C:\WINDOWS\system32\DRIVERS\msdv.sys

MD5: ca3e22598f411199adc2dfee76cd0ae0 C:\WINDOWS\system32\drivers\msmpu401.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\System32\DRIVERS\ndistapi.sys

MD5: c43d9d777d53d668d1fe683947c9ffe1 C:\WINDOWS\System32\DRIVERS\nv4_mini.sys

MD5: c0fcd544a1c4eea6d11a0ae6a07dac9d C:\WINDOWS\System32\DRIVERS\nv_agp.sys

MD5: 46deed4c6c5fa765f9a2c723be60348d C:\WINDOWS\System32\DRIVERS\nvatabus.sys

MD5: 23297b3c2ff3510e2e760714fc6f094e C:\WINDOWS\System32\DRIVERS\NVENETFD.sys

MD5: bcc3722a2db99ad6f367344997c26654 C:\WINDOWS\System32\DRIVERS\nvnetbus.sys

MD5: 8b8b1be2dba4025da6786c645f77f123 C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

MD5: 444f122e68db44c0589227781f3c8b3f C:\WINDOWS\system32\drivers\pfc.sys

MD5: 78754021e551113c97dabba2d4425a5c C:\WINDOWS\system32\DRIVERS\PxHelp20.sys

MD5: b244960e5a1db8e9d5d17086de37c1e4 C:\WINDOWS\system32\DRIVERS\sbp2port.sys

MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\System32\DRIVERS\srv.sys

MD5: c9f5e1de6da983e89e714ed80c11f000 C:\WINDOWS\system32\drwtsn32.exe

MD5: 8e16bf5600797e678ea97051cf93e6bf C:\WINDOWS\system32\dumprep.exe

MD5: 86042f6f6a5287eaf9379c91d0bf72b6 C:\WINDOWS\system32\dwwin.exe

MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll

MD5: d7ae907903a6f46384b0f1d618fce822 C:\WINDOWS\system32\exts.dll

MD5: 303a63f4b913aa5d8998161cb77a8ce7 C:\WINDOWS\system32\feclient.dll

MD5: 119224478f77bebdc36368e346d39b0c C:\WINDOWS\system32\ieframe.dll

MD5: 4bb6a2e5080c2b9fb332acd756f6d1b8 C:\WINDOWS\system32\iepeers.dll

MD5: d5f7ceb91fa9d4d364dd522988dac618 C:\WINDOWS\system32\iertutil.dll

MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll

MD5: b1ded39112e0c85bafa58dcbec6718b6 C:\WINDOWS\System32\ipxwan.dll

MD5: 61fdaa6e76f887d8b28a9c8edb489e40 C:\WINDOWS\system32\javacypt.dll

MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\System32\jscript.dll

MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll

MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\System32\logon.scr

MD5: 55d4ade8d0b10f9b491f021228f7127e C:\WINDOWS\system32\LQCUI2.dll

MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll

MD5: fb8081383c5360fba8829e717fe6ac44 C:\WINDOWS\system32\lvcomcx.dll

MD5: 5ba8a7da5d0573f7923e02b260aad2f1 C:\WINDOWS\system32\LVCOMSX.EXE

MD5: f703c8018abaeefd6129c374cc2969d0 C:\WINDOWS\system32\lvmaenum.dll

MD5: e46ea53d149113b9a513bfe0955968ce C:\WINDOWS\system32\Macromed\Flash\Flash10w.ocx

MD5: bb646927c878ef8b966ed168d4c712ae C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe

MD5: af43092e55306659cf366f9b42e4a981 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\MFC71.DLL

MD5: 966fe72529898a4493be6a1c69df28e1 C:\WINDOWS\system32\mgabg.exe

MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\MSFTEDIT.DLL

MD5: dade53318d8e5335ee2e1745f1c3fc4d C:\WINDOWS\system32\mshtml.dll

MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\Msi.dll

MD5: 8e7b7465e75a8afefc5d463a6d633a08 C:\WINDOWS\system32\msjava.dll

MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll

MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: 3225c2bcbcaf3f0d994dadc82112e233 C:\WINDOWS\system32\ntsdexts.dll

MD5: 61fb4ea7255985cecfa5192dfece72cc C:\WINDOWS\system32\NvCpl.dll

MD5: 48ce432465570dafc3bcf338a76fc06e C:\WINDOWS\system32\NvMcTray.dll

MD5: c0547b578e7d4e413f1170ad00cd8e13 C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe

MD5: d1b1d9f8cfcaf03872b6f769a79ca3e8 C:\WINDOWS\system32\nvsvc32.exe

MD5: 4f17c2e181329383912c5e3a6153636d C:\WINDOWS\system32\nwiz.exe

MD5: 06e587f41466569f32beaac7260e8aec C:\WINDOWS\System32\nwprovau.dll

MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll

MD5: 64e95c60bbef9b7bc16b3d4f6cb527c4 C:\WINDOWS\system32\PCANotify.dll

MD5: f1dac7969c1337af790bd1d981aa780c C:\WINDOWS\System32\qmgrprxy.dll

MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll

MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll

MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll

MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\SECURITY.DLL

MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\shdocvw.dll

MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll

MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll

MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe

MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll

MD5: d0049860b63dd87a73a5d165c829c65f C:\WINDOWS\system32\t2embed.dll

MD5: 22c7e8410fc990759533e70b5250cb24 C:\WINDOWS\system32\urlmon.dll

MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe

MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll

MD5: a1b0c284f08a2bd2375611e63ddefc99 C:\WINDOWS\system32\VMHELPER.DLL

MD5: 1b648150030fad2f07ba2ee7bb94cd25 C:\WINDOWS\System32\vsdatant.sys

MD5: e837fdbb92e9873e538395b623f45462 C:\WINDOWS\System32\wbem\cimwin32.dll

MD5: 4306fa2f1099d7c606139255fdb62b19 C:\WINDOWS\System32\wbem\framedyn.dll

MD5: c7000f2db2a5515c64c257478769a481 C:\WINDOWS\system32\wbem\unsecapp.exe

MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\System32\WINHTTP.dll

MD5: 009e7b4c284f080608d7286484015ee5 C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll

MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll

MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll

MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll

MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll

MD5: 811bb60991fc03a63f2f844a3f9c6488 C:\WINDOWS\System32\wshisn.dll

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\System32\xpsp2res.dll

MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll

MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll

No file uploaded.

Scan finished - communication took 2 sec

Total traffic - 0.01 MB sent, 1.02 KB recvd

Scanned 656 files and modules - 899 seconds

==============================================================================

Running the 2nd program now...

[panwalker]

Here's the RogueKiller report.

RogueKiller V7.4.3 [05/04/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Video [Admin rights]

Mode: Scan -- Date: 05/07/2012 12:33:55

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD800BB-00CAA1 +++++

--- User ---

[MBR] 8ceba27f811b9aaf981aa23ad4e22e65

[bSP] c2b303ea3f67312947e36776b757659e : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo

Error reading LL1 MBR!

Error reading LL2 MBR!

+++++ PhysicalDrive1: WDC WD2500JB-00GVA0 +++++

--- User ---

[MBR] 5581bd0d28a0b8e32ec0eec237a0ea4e

[bSP] 3888cc55cf3cdff1dccdc7343674e66e : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238473 Mo

Error reading LL1 MBR!

Error reading LL2 MBR!

+++++ PhysicalDrive2: SAMSUNG HM080HC USB Device +++++

--- User ---

[MBR] 8965b2cc940de6ae7db190b04c0258d5

[bSP] f075523eae892d1497b65cef7d58b943 : MBR Code unknown

Partition table:

0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[Maurice Naggar]

Temporarily turn off your Antivirus program so that it does not interfere. Then

Download aswMBR.exe ( 4.8mb ) to your desktop.

Double click the aswMBR.exe to run it Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

Step 2

Re-Enable your antivirus.

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

• Close all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  
• In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  
• Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  
• It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  
• Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  
• Exit OTL by clicking the X at top right.

Then copy/paste the following into your post (in order):

• contents of aswMBR log
  
• the contents of OTL.txt;
  
• the contents of Extras.txt ; and
  
• And tell me, in general, How is the system now?

Edited May 7, 2012 by Maurice Naggar

[panwalker]

Started running aswMBR 20 mins ago... will update with report when done.

The system is running fine, as far as I can tell.

[panwalker]

It's been scanning for 33 minutes... Should I allot an hour or two for this?

[panwalker]

Aborting scan. Will run it when I leave work tonight, and post the results tomorrow.

[Maurice Naggar]

It usually takes just a few minutes to run aswMBR, plus we shoulda' unchecked the trace i/o

Next time you run it, be sure nothing else is running !!! Do not start any other job during the scan !

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply