Infected - Firefox constantly crashing and IE 8 crashes

tenuglymen · July 20, 2012

Hello -

I am infected and cannot get rid of virus. I will run Rkill and then Malwarebytes and havent found anything as of recent.

I am out of options and looking for any advice?

I attached the 2 DDS files as requested.

Thanks

Mike H

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1

Run by Mike at 7:04:56 on 2012-07-20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1322 [GMT -4:00]

.

AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

c:\Program Files\Zune\ZuneBusEnum.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Thermaltake\Tt eSPORTS BLACK\Black.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DNA\btdna .exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Memeo\AutoBackup\InstantBackup.exe

C:\Program Files\Memeo\AutoBackup\MemeoUpdater.exe

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

.

============== Pseudo HJT Report ===============

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = <local>;*.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [steam] "c:\program files\steam\steam.exe" -silent

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [bitTorrent DNA] "c:\program files\dna\btdna .exe"

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_3_300_257_ActiveX.exe -update activex

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [MP10_EnsureFileVer] c:\windows\inf\unregmp2.exe /EnsureFileVersions

mRun: [Memeo Instant Backup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent --no_ui

mRun: [seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Tt eSPORTS BLACK Gaming Mouse] "c:\program files\thermaltake\tt esports black\Black.exe" /Automation

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [iSTray] "c:\program files\spyware doctor\pctsTray.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [sunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://crucial.com/controls/cpcScanner.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 171064]

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-5-29 36000]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-5-29 86224]

R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-5-29 110032]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-5-29 83392]

R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2010-4-22 25824]

R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-7-4 103040]

R3 Thermnaltake MS1 Filter;Thermnaltake MS1 Filter;c:\windows\system32\drivers\MS1Filter.sys [2011-12-1 31360]

S1 acnydnvk;acnydnvk;\??\c:\windows\system32\drivers\acnydnvk.sys --> c:\windows\system32\drivers\acnydnvk.sys [?]

S1 adocqqdm;adocqqdm;\??\c:\windows\system32\drivers\adocqqdm.sys --> c:\windows\system32\drivers\adocqqdm.sys [?]

S1 aelwisru;aelwisru;\??\c:\windows\system32\drivers\aelwisru.sys --> c:\windows\system32\drivers\aelwisru.sys [?]

S1 agjptvxx;agjptvxx;\??\c:\windows\system32\drivers\agjptvxx.sys --> c:\windows\system32\drivers\agjptvxx.sys [?]

S1 akkfewew;akkfewew;\??\c:\windows\system32\drivers\akkfewew.sys --> c:\windows\system32\drivers\akkfewew.sys [?]

S1 amkatbha;amkatbha;\??\c:\windows\system32\drivers\amkatbha.sys --> c:\windows\system32\drivers\amkatbha.sys [?]

S1 ardvgdvi;ardvgdvi;\??\c:\windows\system32\drivers\ardvgdvi.sys --> c:\windows\system32\drivers\ardvgdvi.sys [?]

S1 aunsmjnh;aunsmjnh;\??\c:\windows\system32\drivers\aunsmjnh.sys --> c:\windows\system32\drivers\aunsmjnh.sys [?]

S1 avpomlai;avpomlai;\??\c:\windows\system32\drivers\avpomlai.sys --> c:\windows\system32\drivers\avpomlai.sys [?]

S1 axtlklvj;axtlklvj;\??\c:\windows\system32\drivers\axtlklvj.sys --> c:\windows\system32\drivers\axtlklvj.sys [?]

S1 ayoyocox;ayoyocox;\??\c:\windows\system32\drivers\ayoyocox.sys --> c:\windows\system32\drivers\ayoyocox.sys [?]

S1 aypstljt;aypstljt;\??\c:\windows\system32\drivers\aypstljt.sys --> c:\windows\system32\drivers\aypstljt.sys [?]

S1 baopbtqb;baopbtqb;\??\c:\windows\system32\drivers\baopbtqb.sys --> c:\windows\system32\drivers\baopbtqb.sys [?]

S1 bdcccaxn;bdcccaxn;\??\c:\windows\system32\drivers\bdcccaxn.sys --> c:\windows\system32\drivers\bdcccaxn.sys [?]

S1 bjfvgobc;bjfvgobc;\??\c:\windows\system32\drivers\bjfvgobc.sys --> c:\windows\system32\drivers\bjfvgobc.sys [?]

S1 bkgktlti;bkgktlti;\??\c:\windows\system32\drivers\bkgktlti.sys --> c:\windows\system32\drivers\bkgktlti.sys [?]

S1 bmuzupjn;bmuzupjn;\??\c:\windows\system32\drivers\bmuzupjn.sys --> c:\windows\system32\drivers\bmuzupjn.sys [?]

S1 boiowsxr;boiowsxr;\??\c:\windows\system32\drivers\boiowsxr.sys --> c:\windows\system32\drivers\boiowsxr.sys [?]

S1 cblfibtr;cblfibtr;\??\c:\windows\system32\drivers\cblfibtr.sys --> c:\windows\system32\drivers\cblfibtr.sys [?]

S1 ccithkfl;ccithkfl;\??\c:\windows\system32\drivers\ccithkfl.sys --> c:\windows\system32\drivers\ccithkfl.sys [?]

S1 chexewdj;chexewdj;\??\c:\windows\system32\drivers\chexewdj.sys --> c:\windows\system32\drivers\chexewdj.sys [?]

S1 cirjxecg;cirjxecg;\??\c:\windows\system32\drivers\cirjxecg.sys --> c:\windows\system32\drivers\cirjxecg.sys [?]

S1 ckxzvofp;ckxzvofp;\??\c:\windows\system32\drivers\ckxzvofp.sys --> c:\windows\system32\drivers\ckxzvofp.sys [?]

S1 cmbrnppr;cmbrnppr;\??\c:\windows\system32\drivers\cmbrnppr.sys --> c:\windows\system32\drivers\cmbrnppr.sys [?]

S1 cmticpgm;cmticpgm;\??\c:\windows\system32\drivers\cmticpgm.sys --> c:\windows\system32\drivers\cmticpgm.sys [?]

S1 cmuijqwf;cmuijqwf;\??\c:\windows\system32\drivers\cmuijqwf.sys --> c:\windows\system32\drivers\cmuijqwf.sys [?]

S1 coixecat;coixecat;\??\c:\windows\system32\drivers\coixecat.sys --> c:\windows\system32\drivers\coixecat.sys [?]

S1 cpnyzaep;cpnyzaep;\??\c:\windows\system32\drivers\cpnyzaep.sys --> c:\windows\system32\drivers\cpnyzaep.sys [?]

S1 cprrlftu;cprrlftu;\??\c:\windows\system32\drivers\cprrlftu.sys --> c:\windows\system32\drivers\cprrlftu.sys [?]

S1 criuzcms;criuzcms;\??\c:\windows\system32\drivers\criuzcms.sys --> c:\windows\system32\drivers\criuzcms.sys [?]

S1 csbobodb;csbobodb;\??\c:\windows\system32\drivers\csbobodb.sys --> c:\windows\system32\drivers\csbobodb.sys [?]

S1 csytclsu;csytclsu;\??\c:\windows\system32\drivers\csytclsu.sys --> c:\windows\system32\drivers\csytclsu.sys [?]

S1 ctdoqjyq;ctdoqjyq;\??\c:\windows\system32\drivers\ctdoqjyq.sys --> c:\windows\system32\drivers\ctdoqjyq.sys [?]

S1 ctfkdwhs;ctfkdwhs;\??\c:\windows\system32\drivers\ctfkdwhs.sys --> c:\windows\system32\drivers\ctfkdwhs.sys [?]

S1 ctjvtycx;ctjvtycx;\??\c:\windows\system32\drivers\ctjvtycx.sys --> c:\windows\system32\drivers\ctjvtycx.sys [?]

S1 cykyiwaw;cykyiwaw;\??\c:\windows\system32\drivers\cykyiwaw.sys --> c:\windows\system32\drivers\cykyiwaw.sys [?]

S1 czaozzpn;czaozzpn;\??\c:\windows\system32\drivers\czaozzpn.sys --> c:\windows\system32\drivers\czaozzpn.sys [?]

S1 deibavba;deibavba;\??\c:\windows\system32\drivers\deibavba.sys --> c:\windows\system32\drivers\deibavba.sys [?]

S1 didctihm;didctihm;\??\c:\windows\system32\drivers\didctihm.sys --> c:\windows\system32\drivers\didctihm.sys [?]

S1 dkdjzpav;dkdjzpav;\??\c:\windows\system32\drivers\dkdjzpav.sys --> c:\windows\system32\drivers\dkdjzpav.sys [?]

S1 dlrptcbj;dlrptcbj;\??\c:\windows\system32\drivers\dlrptcbj.sys --> c:\windows\system32\drivers\dlrptcbj.sys [?]

S1 dnwspytf;dnwspytf;\??\c:\windows\system32\drivers\dnwspytf.sys --> c:\windows\system32\drivers\dnwspytf.sys [?]

S1 dwgoyvnc;dwgoyvnc;\??\c:\windows\system32\drivers\dwgoyvnc.sys --> c:\windows\system32\drivers\dwgoyvnc.sys [?]

S1 dyhonejw;dyhonejw;\??\c:\windows\system32\drivers\dyhonejw.sys --> c:\windows\system32\drivers\dyhonejw.sys [?]

S1 ewfnbnpf;ewfnbnpf;\??\c:\windows\system32\drivers\ewfnbnpf.sys --> c:\windows\system32\drivers\ewfnbnpf.sys [?]

S1 exhfnvnz;exhfnvnz;\??\c:\windows\system32\drivers\exhfnvnz.sys --> c:\windows\system32\drivers\exhfnvnz.sys [?]

S1 fecwqzyz;fecwqzyz;\??\c:\windows\system32\drivers\fecwqzyz.sys --> c:\windows\system32\drivers\fecwqzyz.sys [?]

S1 fervhwau;fervhwau;\??\c:\windows\system32\drivers\fervhwau.sys --> c:\windows\system32\drivers\fervhwau.sys [?]

S1 fftvqnum;fftvqnum;\??\c:\windows\system32\drivers\fftvqnum.sys --> c:\windows\system32\drivers\fftvqnum.sys [?]

S1 fgfonugq;fgfonugq;\??\c:\windows\system32\drivers\fgfonugq.sys --> c:\windows\system32\drivers\fgfonugq.sys [?]

S1 fhrppazp;fhrppazp;\??\c:\windows\system32\drivers\fhrppazp.sys --> c:\windows\system32\drivers\fhrppazp.sys [?]

S1 fitoqrhy;fitoqrhy;\??\c:\windows\system32\drivers\fitoqrhy.sys --> c:\windows\system32\drivers\fitoqrhy.sys [?]

S1 fkfipyic;fkfipyic;\??\c:\windows\system32\drivers\fkfipyic.sys --> c:\windows\system32\drivers\fkfipyic.sys [?]

S1 fpjxhmsb;fpjxhmsb;\??\c:\windows\system32\drivers\fpjxhmsb.sys --> c:\windows\system32\drivers\fpjxhmsb.sys [?]

S1 fuavwbfk;fuavwbfk;\??\c:\windows\system32\drivers\fuavwbfk.sys --> c:\windows\system32\drivers\fuavwbfk.sys [?]

S1 fvmrprqo;fvmrprqo;\??\c:\windows\system32\drivers\fvmrprqo.sys --> c:\windows\system32\drivers\fvmrprqo.sys [?]

S1 gaoucbxe;gaoucbxe;\??\c:\windows\system32\drivers\gaoucbxe.sys --> c:\windows\system32\drivers\gaoucbxe.sys [?]

S1 ghrrxwhc;ghrrxwhc;\??\c:\windows\system32\drivers\ghrrxwhc.sys --> c:\windows\system32\drivers\ghrrxwhc.sys [?]

S1 gipavsdo;gipavsdo;\??\c:\windows\system32\drivers\gipavsdo.sys --> c:\windows\system32\drivers\gipavsdo.sys [?]

S1 gmbzuwlr;gmbzuwlr;\??\c:\windows\system32\drivers\gmbzuwlr.sys --> c:\windows\system32\drivers\gmbzuwlr.sys [?]

S1 gsogeajj;gsogeajj;\??\c:\windows\system32\drivers\gsogeajj.sys --> c:\windows\system32\drivers\gsogeajj.sys [?]

S1 gwdobyzn;gwdobyzn;\??\c:\windows\system32\drivers\gwdobyzn.sys --> c:\windows\system32\drivers\gwdobyzn.sys [?]

S1 gxswmhnj;gxswmhnj;\??\c:\windows\system32\drivers\gxswmhnj.sys --> c:\windows\system32\drivers\gxswmhnj.sys [?]

S1 gznitruk;gznitruk;\??\c:\windows\system32\drivers\gznitruk.sys --> c:\windows\system32\drivers\gznitruk.sys [?]

S1 haachlop;haachlop;\??\c:\windows\system32\drivers\haachlop.sys --> c:\windows\system32\drivers\haachlop.sys [?]

S1 hftffjqv;hftffjqv;\??\c:\windows\system32\drivers\hftffjqv.sys --> c:\windows\system32\drivers\hftffjqv.sys [?]

S1 hgpagzop;hgpagzop;\??\c:\windows\system32\drivers\hgpagzop.sys --> c:\windows\system32\drivers\hgpagzop.sys [?]

S1 hhaqnmse;hhaqnmse;\??\c:\windows\system32\drivers\hhaqnmse.sys --> c:\windows\system32\drivers\hhaqnmse.sys [?]

S1 hkcievze;hkcievze;\??\c:\windows\system32\drivers\hkcievze.sys --> c:\windows\system32\drivers\hkcievze.sys [?]

S1 hqndwuzi;hqndwuzi;\??\c:\windows\system32\drivers\hqndwuzi.sys --> c:\windows\system32\drivers\hqndwuzi.sys [?]

S1 hszmygbz;hszmygbz;\??\c:\windows\system32\drivers\hszmygbz.sys --> c:\windows\system32\drivers\hszmygbz.sys [?]

S1 hulhaopf;hulhaopf;\??\c:\windows\system32\drivers\hulhaopf.sys --> c:\windows\system32\drivers\hulhaopf.sys [?]

S1 hvbpeeuc;hvbpeeuc;\??\c:\windows\system32\drivers\hvbpeeuc.sys --> c:\windows\system32\drivers\hvbpeeuc.sys [?]

S1 hvxqjfbo;hvxqjfbo;\??\c:\windows\system32\drivers\hvxqjfbo.sys --> c:\windows\system32\drivers\hvxqjfbo.sys [?]

S1 hxrupjdi;hxrupjdi;\??\c:\windows\system32\drivers\hxrupjdi.sys --> c:\windows\system32\drivers\hxrupjdi.sys [?]

S1 idmndluy;idmndluy;\??\c:\windows\system32\drivers\idmndluy.sys --> c:\windows\system32\drivers\idmndluy.sys [?]

S1 idymfsgb;idymfsgb;\??\c:\windows\system32\drivers\idymfsgb.sys --> c:\windows\system32\drivers\idymfsgb.sys [?]

S1 iemsvzyd;iemsvzyd;\??\c:\windows\system32\drivers\iemsvzyd.sys --> c:\windows\system32\drivers\iemsvzyd.sys [?]

S1 igckaefn;igckaefn;\??\c:\windows\system32\drivers\igckaefn.sys --> c:\windows\system32\drivers\igckaefn.sys [?]

S1 ihhshoix;ihhshoix;\??\c:\windows\system32\drivers\ihhshoix.sys --> c:\windows\system32\drivers\ihhshoix.sys [?]

S1 ikmmeplk;ikmmeplk;\??\c:\windows\system32\drivers\ikmmeplk.sys --> c:\windows\system32\drivers\ikmmeplk.sys [?]

S1 iperfhqe;iperfhqe;\??\c:\windows\system32\drivers\iperfhqe.sys --> c:\windows\system32\drivers\iperfhqe.sys [?]

S1 irktqspi;irktqspi;\??\c:\windows\system32\drivers\irktqspi.sys --> c:\windows\system32\drivers\irktqspi.sys [?]

S1 ivnsfgke;ivnsfgke;\??\c:\windows\system32\drivers\ivnsfgke.sys --> c:\windows\system32\drivers\ivnsfgke.sys [?]

S1 ixsroohk;ixsroohk;\??\c:\windows\system32\drivers\ixsroohk.sys --> c:\windows\system32\drivers\ixsroohk.sys [?]

S1 jbrhdnos;jbrhdnos;\??\c:\windows\system32\drivers\jbrhdnos.sys --> c:\windows\system32\drivers\jbrhdnos.sys [?]

S1 jbxcantg;jbxcantg;\??\c:\windows\system32\drivers\jbxcantg.sys --> c:\windows\system32\drivers\jbxcantg.sys [?]

S1 jdaiwyvh;jdaiwyvh;\??\c:\windows\system32\drivers\jdaiwyvh.sys --> c:\windows\system32\drivers\jdaiwyvh.sys [?]

S1 jdkunzzf;jdkunzzf;\??\c:\windows\system32\drivers\jdkunzzf.sys --> c:\windows\system32\drivers\jdkunzzf.sys [?]

S1 jgehpztq;jgehpztq;\??\c:\windows\system32\drivers\jgehpztq.sys --> c:\windows\system32\drivers\jgehpztq.sys [?]

S1 jgocwaps;jgocwaps;\??\c:\windows\system32\drivers\jgocwaps.sys --> c:\windows\system32\drivers\jgocwaps.sys [?]

S1 jgsagnyf;jgsagnyf;\??\c:\windows\system32\drivers\jgsagnyf.sys --> c:\windows\system32\drivers\jgsagnyf.sys [?]

S1 jqvlpjpc;jqvlpjpc;\??\c:\windows\system32\drivers\jqvlpjpc.sys --> c:\windows\system32\drivers\jqvlpjpc.sys [?]

S1 jrszbaop;jrszbaop;\??\c:\windows\system32\drivers\jrszbaop.sys --> c:\windows\system32\drivers\jrszbaop.sys [?]

S1 jspygwwm;jspygwwm;\??\c:\windows\system32\drivers\jspygwwm.sys --> c:\windows\system32\drivers\jspygwwm.sys [?]

S1 jwwhxzpd;jwwhxzpd;\??\c:\windows\system32\drivers\jwwhxzpd.sys --> c:\windows\system32\drivers\jwwhxzpd.sys [?]

S1 kbffughg;kbffughg;\??\c:\windows\system32\drivers\kbffughg.sys --> c:\windows\system32\drivers\kbffughg.sys [?]

S1 kcelgqok;kcelgqok;\??\c:\windows\system32\drivers\kcelgqok.sys --> c:\windows\system32\drivers\kcelgqok.sys [?]

S1 kejapzpu;kejapzpu;\??\c:\windows\system32\drivers\kejapzpu.sys --> c:\windows\system32\drivers\kejapzpu.sys [?]

S1 kjscglac;kjscglac;\??\c:\windows\system32\drivers\kjscglac.sys --> c:\windows\system32\drivers\kjscglac.sys [?]

S1 knstnyzn;knstnyzn;\??\c:\windows\system32\drivers\knstnyzn.sys --> c:\windows\system32\drivers\knstnyzn.sys [?]

S1 kpniheya;kpniheya;\??\c:\windows\system32\drivers\kpniheya.sys --> c:\windows\system32\drivers\kpniheya.sys [?]

S1 kubhuhgw;kubhuhgw;\??\c:\windows\system32\drivers\kubhuhgw.sys --> c:\windows\system32\drivers\kubhuhgw.sys [?]

S1 kuvyncog;kuvyncog;\??\c:\windows\system32\drivers\kuvyncog.sys --> c:\windows\system32\drivers\kuvyncog.sys [?]

S1 kxbbevua;kxbbevua;\??\c:\windows\system32\drivers\kxbbevua.sys --> c:\windows\system32\drivers\kxbbevua.sys [?]

S1 kzrsawjq;kzrsawjq;\??\c:\windows\system32\drivers\kzrsawjq.sys --> c:\windows\system32\drivers\kzrsawjq.sys [?]

S1 lbvnbgwq;lbvnbgwq;\??\c:\windows\system32\drivers\lbvnbgwq.sys --> c:\windows\system32\drivers\lbvnbgwq.sys [?]

S1 ljnymlxf;ljnymlxf;\??\c:\windows\system32\drivers\ljnymlxf.sys --> c:\windows\system32\drivers\ljnymlxf.sys [?]

S1 ljvjamza;ljvjamza;\??\c:\windows\system32\drivers\ljvjamza.sys --> c:\windows\system32\drivers\ljvjamza.sys [?]

S1 lksgmgml;lksgmgml;\??\c:\windows\system32\drivers\lksgmgml.sys --> c:\windows\system32\drivers\lksgmgml.sys [?]

S1 lkttnqvl;lkttnqvl;\??\c:\windows\system32\drivers\lkttnqvl.sys --> c:\windows\system32\drivers\lkttnqvl.sys [?]

S1 lmgafgpj;lmgafgpj;\??\c:\windows\system32\drivers\lmgafgpj.sys --> c:\windows\system32\drivers\lmgafgpj.sys [?]

S1 lnvhoifh;lnvhoifh;\??\c:\windows\system32\drivers\lnvhoifh.sys --> c:\windows\system32\drivers\lnvhoifh.sys [?]

S1 lxhajrha;lxhajrha;\??\c:\windows\system32\drivers\lxhajrha.sys --> c:\windows\system32\drivers\lxhajrha.sys [?]

S1 lxkkqpgr;lxkkqpgr;\??\c:\windows\system32\drivers\lxkkqpgr.sys --> c:\windows\system32\drivers\lxkkqpgr.sys [?]

S1 lymrjfms;lymrjfms;\??\c:\windows\system32\drivers\lymrjfms.sys --> c:\windows\system32\drivers\lymrjfms.sys [?]

S1 lzjibaav;lzjibaav;\??\c:\windows\system32\drivers\lzjibaav.sys --> c:\windows\system32\drivers\lzjibaav.sys [?]

S1 malwljit;malwljit;\??\c:\windows\system32\drivers\malwljit.sys --> c:\windows\system32\drivers\malwljit.sys [?]

S1 mejddmqd;mejddmqd;\??\c:\windows\system32\drivers\mejddmqd.sys --> c:\windows\system32\drivers\mejddmqd.sys [?]

S1 mgclgcdv;mgclgcdv;\??\c:\windows\system32\drivers\mgclgcdv.sys --> c:\windows\system32\drivers\mgclgcdv.sys [?]

S1 mgwpdzgu;mgwpdzgu;\??\c:\windows\system32\drivers\mgwpdzgu.sys --> c:\windows\system32\drivers\mgwpdzgu.sys [?]

S1 miyusmvt;miyusmvt;\??\c:\windows\system32\drivers\miyusmvt.sys --> c:\windows\system32\drivers\miyusmvt.sys [?]

S1 mkusyjit;mkusyjit;\??\c:\windows\system32\drivers\mkusyjit.sys --> c:\windows\system32\drivers\mkusyjit.sys [?]

S1 mmmebvxi;mmmebvxi;\??\c:\windows\system32\drivers\mmmebvxi.sys --> c:\windows\system32\drivers\mmmebvxi.sys [?]

S1 MpKsl0762ee87;MpKsl0762ee87;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d8025e5c-ccd6-45f1-ba7c-3675ed2b1c4d}\mpksl0762ee87.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d8025e5c-ccd6-45f1-ba7c-3675ed2b1c4d}\MpKsl0762ee87.sys [?]

S1 MpKsl3d06d771;MpKsl3d06d771;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3c4e3303-b8af-4019-9540-538501b6504b}\mpksl3d06d771.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3c4e3303-b8af-4019-9540-538501b6504b}\MpKsl3d06d771.sys [?]

S1 MpKsl8e6f2379;MpKsl8e6f2379;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7f241f32-e833-4a87-962c-9e7deafa152c}\mpksl8e6f2379.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7f241f32-e833-4a87-962c-9e7deafa152c}\MpKsl8e6f2379.sys [?]

S1 mqcyseel;mqcyseel;\??\c:\windows\system32\drivers\mqcyseel.sys --> c:\windows\system32\drivers\mqcyseel.sys [?]

S1 mvufivpn;mvufivpn;\??\c:\windows\system32\drivers\mvufivpn.sys --> c:\windows\system32\drivers\mvufivpn.sys [?]

S1 mwqcjdau;mwqcjdau;\??\c:\windows\system32\drivers\mwqcjdau.sys --> c:\windows\system32\drivers\mwqcjdau.sys [?]

S1 mxcfchht;mxcfchht;\??\c:\windows\system32\drivers\mxcfchht.sys --> c:\windows\system32\drivers\mxcfchht.sys [?]

S1 nkbxfznp;nkbxfznp;\??\c:\windows\system32\drivers\nkbxfznp.sys --> c:\windows\system32\drivers\nkbxfznp.sys [?]

S1 nmvwwlpq;nmvwwlpq;\??\c:\windows\system32\drivers\nmvwwlpq.sys --> c:\windows\system32\drivers\nmvwwlpq.sys [?]

S1 nniiorpp;nniiorpp;\??\c:\windows\system32\drivers\nniiorpp.sys --> c:\windows\system32\drivers\nniiorpp.sys [?]

S1 npqvxeov;npqvxeov;\??\c:\windows\system32\drivers\npqvxeov.sys --> c:\windows\system32\drivers\npqvxeov.sys [?]

S1 nqyshldv;nqyshldv;\??\c:\windows\system32\drivers\nqyshldv.sys --> c:\windows\system32\drivers\nqyshldv.sys [?]

S1 nrdtqhgs;nrdtqhgs;\??\c:\windows\system32\drivers\nrdtqhgs.sys --> c:\windows\system32\drivers\nrdtqhgs.sys [?]

S1 nvmknfip;nvmknfip;\??\c:\windows\system32\drivers\nvmknfip.sys --> c:\windows\system32\drivers\nvmknfip.sys [?]

S1 nwvhrlxv;nwvhrlxv;\??\c:\windows\system32\drivers\nwvhrlxv.sys --> c:\windows\system32\drivers\nwvhrlxv.sys [?]

S1 oaqbqfya;oaqbqfya;\??\c:\windows\system32\drivers\oaqbqfya.sys --> c:\windows\system32\drivers\oaqbqfya.sys [?]

S1 ocfijsei;ocfijsei;\??\c:\windows\system32\drivers\ocfijsei.sys --> c:\windows\system32\drivers\ocfijsei.sys [?]

S1 odalxqlr;odalxqlr;\??\c:\windows\system32\drivers\odalxqlr.sys --> c:\windows\system32\drivers\odalxqlr.sys [?]

S1 ogufzfdx;ogufzfdx;\??\c:\windows\system32\drivers\ogufzfdx.sys --> c:\windows\system32\drivers\ogufzfdx.sys [?]

S1 okcpiekk;okcpiekk;\??\c:\windows\system32\drivers\okcpiekk.sys --> c:\windows\system32\drivers\okcpiekk.sys [?]

S1 oormitbk;oormitbk;\??\c:\windows\system32\drivers\oormitbk.sys --> c:\windows\system32\drivers\oormitbk.sys [?]

S1 opklwhqa;opklwhqa;\??\c:\windows\system32\drivers\opklwhqa.sys --> c:\windows\system32\drivers\opklwhqa.sys [?]

S1 osistzol;osistzol;\??\c:\windows\system32\drivers\osistzol.sys --> c:\windows\system32\drivers\osistzol.sys [?]

S1 oukwvesc;oukwvesc;\??\c:\windows\system32\drivers\oukwvesc.sys --> c:\windows\system32\drivers\oukwvesc.sys [?]

S1 ovlgeljj;ovlgeljj;\??\c:\windows\system32\drivers\ovlgeljj.sys --> c:\windows\system32\drivers\ovlgeljj.sys [?]

S1 ovqsfcyh;ovqsfcyh;\??\c:\windows\system32\drivers\ovqsfcyh.sys --> c:\windows\system32\drivers\ovqsfcyh.sys [?]

S1 owzkbwkd;owzkbwkd;\??\c:\windows\system32\drivers\owzkbwkd.sys --> c:\windows\system32\drivers\owzkbwkd.sys [?]

S1 oxeowycq;oxeowycq;\??\c:\windows\system32\drivers\oxeowycq.sys --> c:\windows\system32\drivers\oxeowycq.sys [?]

S1 pbhskxyo;pbhskxyo;\??\c:\windows\system32\drivers\pbhskxyo.sys --> c:\windows\system32\drivers\pbhskxyo.sys [?]

S1 pbtvvesr;pbtvvesr;\??\c:\windows\system32\drivers\pbtvvesr.sys --> c:\windows\system32\drivers\pbtvvesr.sys [?]

S1 pclbkmtr;pclbkmtr;\??\c:\windows\system32\drivers\pclbkmtr.sys --> c:\windows\system32\drivers\pclbkmtr.sys [?]

S1 piaqqqnm;piaqqqnm;\??\c:\windows\system32\drivers\piaqqqnm.sys --> c:\windows\system32\drivers\piaqqqnm.sys [?]

S1 piffbubo;piffbubo;\??\c:\windows\system32\drivers\piffbubo.sys --> c:\windows\system32\drivers\piffbubo.sys [?]

S1 pklzvqbw;pklzvqbw;\??\c:\windows\system32\drivers\pklzvqbw.sys --> c:\windows\system32\drivers\pklzvqbw.sys [?]

S1 pofnfzar;pofnfzar;\??\c:\windows\system32\drivers\pofnfzar.sys --> c:\windows\system32\drivers\pofnfzar.sys [?]

S1 powfqwyp;powfqwyp;\??\c:\windows\system32\drivers\powfqwyp.sys --> c:\windows\system32\drivers\powfqwyp.sys [?]

S1 qaevwfhf;qaevwfhf;\??\c:\windows\system32\drivers\qaevwfhf.sys --> c:\windows\system32\drivers\qaevwfhf.sys [?]

S1 qauxgqdm;qauxgqdm;\??\c:\windows\system32\drivers\qauxgqdm.sys --> c:\windows\system32\drivers\qauxgqdm.sys [?]

S1 qbygnaas;qbygnaas;\??\c:\windows\system32\drivers\qbygnaas.sys --> c:\windows\system32\drivers\qbygnaas.sys [?]

S1 qcmxdffb;qcmxdffb;\??\c:\windows\system32\drivers\qcmxdffb.sys --> c:\windows\system32\drivers\qcmxdffb.sys [?]

S1 qcqjeqdq;qcqjeqdq;\??\c:\windows\system32\drivers\qcqjeqdq.sys --> c:\windows\system32\drivers\qcqjeqdq.sys [?]

S1 qiwpvqvv;qiwpvqvv;\??\c:\windows\system32\drivers\qiwpvqvv.sys --> c:\windows\system32\drivers\qiwpvqvv.sys [?]

S1 qkifmafw;qkifmafw;\??\c:\windows\system32\drivers\qkifmafw.sys --> c:\windows\system32\drivers\qkifmafw.sys [?]

S1 qknobraq;qknobraq;\??\c:\windows\system32\drivers\qknobraq.sys --> c:\windows\system32\drivers\qknobraq.sys [?]

S1 qkqgzybe;qkqgzybe;\??\c:\windows\system32\drivers\qkqgzybe.sys --> c:\windows\system32\drivers\qkqgzybe.sys [?]

S1 qrkhkyga;qrkhkyga;\??\c:\windows\system32\drivers\qrkhkyga.sys --> c:\windows\system32\drivers\qrkhkyga.sys [?]

S1 qxizbcmn;qxizbcmn;\??\c:\windows\system32\drivers\qxizbcmn.sys --> c:\windows\system32\drivers\qxizbcmn.sys [?]

S1 qzchegrv;qzchegrv;\??\c:\windows\system32\drivers\qzchegrv.sys --> c:\windows\system32\drivers\qzchegrv.sys [?]

S1 rfvwjhzg;rfvwjhzg;\??\c:\windows\system32\drivers\rfvwjhzg.sys --> c:\windows\system32\drivers\rfvwjhzg.sys [?]

S1 rgsodgxl;rgsodgxl;\??\c:\windows\system32\drivers\rgsodgxl.sys --> c:\windows\system32\drivers\rgsodgxl.sys [?]

S1 rickzjui;rickzjui;\??\c:\windows\system32\drivers\rickzjui.sys --> c:\windows\system32\drivers\rickzjui.sys [?]

S1 riymkghf;riymkghf;\??\c:\windows\system32\drivers\riymkghf.sys --> c:\windows\system32\drivers\riymkghf.sys [?]

S1 rkgfdmcu;rkgfdmcu;\??\c:\windows\system32\drivers\rkgfdmcu.sys --> c:\windows\system32\drivers\rkgfdmcu.sys [?]

S1 rkhlvtdu;rkhlvtdu;\??\c:\windows\system32\drivers\rkhlvtdu.sys --> c:\windows\system32\drivers\rkhlvtdu.sys [?]

S1 rllzwdom;rllzwdom;\??\c:\windows\system32\drivers\rllzwdom.sys --> c:\windows\system32\drivers\rllzwdom.sys [?]

S1 rtfvhdyj;rtfvhdyj;\??\c:\windows\system32\drivers\rtfvhdyj.sys --> c:\windows\system32\drivers\rtfvhdyj.sys [?]

S1 rvcqiljy;rvcqiljy;\??\c:\windows\system32\drivers\rvcqiljy.sys --> c:\windows\system32\drivers\rvcqiljy.sys [?]

S1 sbogkmqy;sbogkmqy;\??\c:\windows\system32\drivers\sbogkmqy.sys --> c:\windows\system32\drivers\sbogkmqy.sys [?]

S1 sciusoqx;sciusoqx;\??\c:\windows\system32\drivers\sciusoqx.sys --> c:\windows\system32\drivers\sciusoqx.sys [?]

S1 seamfbcm;seamfbcm;\??\c:\windows\system32\drivers\seamfbcm.sys --> c:\windows\system32\drivers\seamfbcm.sys [?]

S1 serkedpa;serkedpa;\??\c:\windows\system32\drivers\serkedpa.sys --> c:\windows\system32\drivers\serkedpa.sys [?]

S1 shxvkpip;shxvkpip;\??\c:\windows\system32\drivers\shxvkpip.sys --> c:\windows\system32\drivers\shxvkpip.sys [?]

S1 sknlpefx;sknlpefx;\??\c:\windows\system32\drivers\sknlpefx.sys --> c:\windows\system32\drivers\sknlpefx.sys [?]

S1 ssqrwrok;ssqrwrok;\??\c:\windows\system32\drivers\ssqrwrok.sys --> c:\windows\system32\drivers\ssqrwrok.sys [?]

S1 suxvpivr;suxvpivr;\??\c:\windows\system32\drivers\suxvpivr.sys --> c:\windows\system32\drivers\suxvpivr.sys [?]

S1 svginnnl;svginnnl;\??\c:\windows\system32\drivers\svginnnl.sys --> c:\windows\system32\drivers\svginnnl.sys [?]

S1 tdnlnlxe;tdnlnlxe;\??\c:\windows\system32\drivers\tdnlnlxe.sys --> c:\windows\system32\drivers\tdnlnlxe.sys [?]

S1 tjmmuhwj;tjmmuhwj;\??\c:\windows\system32\drivers\tjmmuhwj.sys --> c:\windows\system32\drivers\tjmmuhwj.sys [?]

S1 tnenwtug;tnenwtug;\??\c:\windows\system32\drivers\tnenwtug.sys --> c:\windows\system32\drivers\tnenwtug.sys [?]

S1 tnwzkbgu;tnwzkbgu;\??\c:\windows\system32\drivers\tnwzkbgu.sys --> c:\windows\system32\drivers\tnwzkbgu.sys [?]

S1 tqgsyrfz;tqgsyrfz;\??\c:\windows\system32\drivers\tqgsyrfz.sys --> c:\windows\system32\drivers\tqgsyrfz.sys [?]

S1 tqwjsaxg;tqwjsaxg;\??\c:\windows\system32\drivers\tqwjsaxg.sys --> c:\windows\system32\drivers\tqwjsaxg.sys [?]

S1 tqxijuxp;tqxijuxp;\??\c:\windows\system32\drivers\tqxijuxp.sys --> c:\windows\system32\drivers\tqxijuxp.sys [?]

S1 ttwtsjws;ttwtsjws;\??\c:\windows\system32\drivers\ttwtsjws.sys --> c:\windows\system32\drivers\ttwtsjws.sys [?]

S1 twfqhodi;twfqhodi;\??\c:\windows\system32\drivers\twfqhodi.sys --> c:\windows\system32\drivers\twfqhodi.sys [?]

S1 uaqrbbws;uaqrbbws;\??\c:\windows\system32\drivers\uaqrbbws.sys --> c:\windows\system32\drivers\uaqrbbws.sys [?]

S1 ucpbwrsf;ucpbwrsf;\??\c:\windows\system32\drivers\ucpbwrsf.sys --> c:\windows\system32\drivers\ucpbwrsf.sys [?]

S1 uirmafep;uirmafep;\??\c:\windows\system32\drivers\uirmafep.sys --> c:\windows\system32\drivers\uirmafep.sys [?]

S1 uoagbkji;uoagbkji;\??\c:\windows\system32\drivers\uoagbkji.sys --> c:\windows\system32\drivers\uoagbkji.sys [?]

S1 uripynmt;uripynmt;\??\c:\windows\system32\drivers\uripynmt.sys --> c:\windows\system32\drivers\uripynmt.sys [?]

S1 urxiavpj;urxiavpj;\??\c:\windows\system32\drivers\urxiavpj.sys --> c:\windows\system32\drivers\urxiavpj.sys [?]

S1 uswcglzm;uswcglzm;\??\c:\windows\system32\drivers\uswcglzm.sys --> c:\windows\system32\drivers\uswcglzm.sys [?]

S1 uzxqoamd;uzxqoamd;\??\c:\windows\system32\drivers\uzxqoamd.sys --> c:\windows\system32\drivers\uzxqoamd.sys [?]

S1 vcsxkkle;vcsxkkle;\??\c:\windows\system32\drivers\vcsxkkle.sys --> c:\windows\system32\drivers\vcsxkkle.sys [?]

S1 vkpdyzhx;vkpdyzhx;\??\c:\windows\system32\drivers\vkpdyzhx.sys --> c:\windows\system32\drivers\vkpdyzhx.sys [?]

S1 vlzhompo;vlzhompo;\??\c:\windows\system32\drivers\vlzhompo.sys --> c:\windows\system32\drivers\vlzhompo.sys [?]

S1 vqvshtcb;vqvshtcb;\??\c:\windows\system32\drivers\vqvshtcb.sys --> c:\windows\system32\drivers\vqvshtcb.sys [?]

S1 vqzrcrtd;vqzrcrtd;\??\c:\windows\system32\drivers\vqzrcrtd.sys --> c:\windows\system32\drivers\vqzrcrtd.sys [?]

S1 vrtsozjn;vrtsozjn;\??\c:\windows\system32\drivers\vrtsozjn.sys --> c:\windows\system32\drivers\vrtsozjn.sys [?]

S1 vuecksyp;vuecksyp;\??\c:\windows\system32\drivers\vuecksyp.sys --> c:\windows\system32\drivers\vuecksyp.sys [?]

S1 vvffvelu;vvffvelu;\??\c:\windows\system32\drivers\vvffvelu.sys --> c:\windows\system32\drivers\vvffvelu.sys [?]

S1 vywgsxvk;vywgsxvk;\??\c:\windows\system32\drivers\vywgsxvk.sys --> c:\windows\system32\drivers\vywgsxvk.sys [?]

S1 wawdakco;wawdakco;\??\c:\windows\system32\drivers\wawdakco.sys --> c:\windows\system32\drivers\wawdakco.sys [?]

S1 wdcjrcrr;wdcjrcrr;\??\c:\windows\system32\drivers\wdcjrcrr.sys --> c:\windows\system32\drivers\wdcjrcrr.sys [?]

S1 whkfimyl;whkfimyl;\??\c:\windows\system32\drivers\whkfimyl.sys --> c:\windows\system32\drivers\whkfimyl.sys [?]

S1 witvvxqc;witvvxqc;\??\c:\windows\system32\drivers\witvvxqc.sys --> c:\windows\system32\drivers\witvvxqc.sys [?]

S1 wjsqwupc;wjsqwupc;\??\c:\windows\system32\drivers\wjsqwupc.sys --> c:\windows\system32\drivers\wjsqwupc.sys [?]

S1 wpjfymyk;wpjfymyk;\??\c:\windows\system32\drivers\wpjfymyk.sys --> c:\windows\system32\drivers\wpjfymyk.sys [?]

S1 wvrzmklz;wvrzmklz;\??\c:\windows\system32\drivers\wvrzmklz.sys --> c:\windows\system32\drivers\wvrzmklz.sys [?]

S1 wvstuoeh;wvstuoeh;\??\c:\windows\system32\drivers\wvstuoeh.sys --> c:\windows\system32\drivers\wvstuoeh.sys [?]

S1 wwruyjdf;wwruyjdf;\??\c:\windows\system32\drivers\wwruyjdf.sys --> c:\windows\system32\drivers\wwruyjdf.sys [?]

S1 xgnujzol;xgnujzol;\??\c:\windows\system32\drivers\xgnujzol.sys --> c:\windows\system32\drivers\xgnujzol.sys [?]

S1 xhytqemy;xhytqemy;\??\c:\windows\system32\drivers\xhytqemy.sys --> c:\windows\system32\drivers\xhytqemy.sys [?]

S1 xipmiidn;xipmiidn;\??\c:\windows\system32\drivers\xipmiidn.sys --> c:\windows\system32\drivers\xipmiidn.sys [?]

S1 xitbkdzd;xitbkdzd;\??\c:\windows\system32\drivers\xitbkdzd.sys --> c:\windows\system32\drivers\xitbkdzd.sys [?]

S1 xjloodbp;xjloodbp;\??\c:\windows\system32\drivers\xjloodbp.sys --> c:\windows\system32\drivers\xjloodbp.sys [?]

S1 xlccoujp;xlccoujp;\??\c:\windows\system32\drivers\xlccoujp.sys --> c:\windows\system32\drivers\xlccoujp.sys [?]

S1 xrkouzzv;xrkouzzv;\??\c:\windows\system32\drivers\xrkouzzv.sys --> c:\windows\system32\drivers\xrkouzzv.sys [?]

S1 xwgyukwk;xwgyukwk;\??\c:\windows\system32\drivers\xwgyukwk.sys --> c:\windows\system32\drivers\xwgyukwk.sys [?]

S1 yvybihln;yvybihln;\??\c:\windows\system32\drivers\yvybihln.sys --> c:\windows\system32\drivers\yvybihln.sys [?]

S1 zarsmdcb;zarsmdcb;\??\c:\windows\system32\drivers\zarsmdcb.sys --> c:\windows\system32\drivers\zarsmdcb.sys [?]

S1 zbnrqcjg;zbnrqcjg;\??\c:\windows\system32\drivers\zbnrqcjg.sys --> c:\windows\system32\drivers\zbnrqcjg.sys [?]

S1 zbviwtiv;zbviwtiv;\??\c:\windows\system32\drivers\zbviwtiv.sys --> c:\windows\system32\drivers\zbviwtiv.sys [?]

S1 zdiitexw;zdiitexw;\??\c:\windows\system32\drivers\zdiitexw.sys --> c:\windows\system32\drivers\zdiitexw.sys [?]

S1 zkodmnak;zkodmnak;\??\c:\windows\system32\drivers\zkodmnak.sys --> c:\windows\system32\drivers\zkodmnak.sys [?]

S1 zlpatdca;zlpatdca;\??\c:\windows\system32\drivers\zlpatdca.sys --> c:\windows\system32\drivers\zlpatdca.sys [?]

S1 zlpwltlw;zlpwltlw;\??\c:\windows\system32\drivers\zlpwltlw.sys --> c:\windows\system32\drivers\zlpwltlw.sys [?]

S1 zpmptgib;zpmptgib;\??\c:\windows\system32\drivers\zpmptgib.sys --> c:\windows\system32\drivers\zpmptgib.sys [?]

S1 zrekrxjp;zrekrxjp;\??\c:\windows\system32\drivers\zrekrxjp.sys --> c:\windows\system32\drivers\zrekrxjp.sys [?]

S1 zromcnhg;zromcnhg;\??\c:\windows\system32\drivers\zromcnhg.sys --> c:\windows\system32\drivers\zromcnhg.sys [?]

S1 zrqfvdrp;zrqfvdrp;\??\c:\windows\system32\drivers\zrqfvdrp.sys --> c:\windows\system32\drivers\zrqfvdrp.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]

S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2011-7-3 30576]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2011-8-5 268512]

.

=============== Created Last 30 ================

.

2012-07-20 10:39:16 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1c31f5b8-81c7-4cc4-9187-9b6cfa05a334}\mpengine.dll

2012-07-18 22:04:11 -------- d-----w- C:\6514d27b1caa752ef6046fa3c0fa

2012-07-16 10:56:17 -------- d-----w- c:\documents and settings\mike\application data\ElevatedDiagnostics

2012-07-16 00:27:20 -------- dc-h--w- c:\windows\ie8

2012-07-15 10:37:23 6762896 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-07-09 18:46:22 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-08 23:29:54 -------- d-----w- c:\documents and settings\all users\application data\EA Core

2012-07-07 16:42:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-05 18:32:27 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2012-07-05 18:32:24 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-07-05 18:32:03 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys

2012-07-05 18:29:28 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys

2012-07-05 18:29:27 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-07-05 18:29:27 3072 ------w- c:\windows\system32\iacenc.dll

2012-07-05 14:55:08 -------- d-----w- c:\program files\ESET

2012-07-05 11:20:07 -------- d-sh--r- C:\cmdcons

2012-07-05 11:17:38 98816 ----a-w- c:\windows\sed.exe

2012-07-05 11:17:38 518144 ----a-w- c:\windows\SWREG.exe

2012-07-05 11:17:38 256000 ----a-w- c:\windows\PEV.exe

2012-07-05 11:17:38 208896 ----a-w- c:\windows\MBR.exe

2012-07-04 20:13:40 -------- d-----w- C:\523343ab8e706eb6c91b06

2012-07-04 12:51:02 103040 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys

2012-07-04 12:48:49 -------- d-----w- C:\AMD

2012-06-29 12:21:21 -------- d-----w- c:\documents and settings\mike\application data\SPORE

2012-06-22 20:35:05 -------- d-----w- c:\documents and settings\mike\local settings\application data\Sun

2012-06-22 14:50:44 -------- d-----w- c:\program files\Oracle

2012-06-22 14:50:31 772504 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-06-22 14:50:31 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-21 01:05:16 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2012-06-21 00:10:24 -------- d-----w- c:\documents and settings\mike\local settings\application data\Origin

2012-06-21 00:10:22 -------- d-----w- c:\documents and settings\all users\application data\Origin

2012-06-21 00:06:06 -------- d-----w- c:\documents and settings\mike\application data\Origin

2012-06-21 00:06:04 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts

2012-06-21 00:05:57 -------- d-----w- c:\program files\Origin

.

==================== Find3M ====================

.

2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-22 14:49:58 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 21:35:26 222448 ----a-w- c:\windows\system32\muweb.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-24 21:23:48 7746048 ----a-w- c:\windows\system32\drivers\ati2mtag.sys

2012-05-24 20:47:16 19976192 ----a-w- c:\windows\system32\atioglxx.dll

2012-05-24 20:40:04 311296 ----a-w- c:\windows\system32\atiiiexx.dll

2012-05-24 20:37:50 5374560 ----a-w- c:\windows\system32\ati3duag.dll

2012-05-24 20:37:44 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-05-24 20:36:34 305664 ----a-w- c:\windows\system32\ati2dvag.dll

2012-05-24 20:28:38 956160 ----a-w- c:\windows\system32\ativvamv.dll

2012-05-24 20:14:20 3900928 ----a-w- c:\windows\system32\ativvaxx.dll

2012-05-24 20:14:02 217088 ----a-w- c:\windows\system32\atipdlxx.dll

2012-05-24 20:13:50 159744 ----a-w- c:\windows\system32\Oemdspif.dll

2012-05-24 20:13:42 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe

2012-05-24 20:13:36 43520 ----a-w- c:\windows\system32\ati2edxx.dll

2012-05-24 20:13:24 192512 ----a-w- c:\windows\system32\ati2evxx.dll

2012-05-24 20:12:04 647168 ----a-w- c:\windows\system32\ati2evxx.exe

2012-05-24 20:10:48 53248 ----a-w- c:\windows\system32\ATIDDC.DLL

2012-05-24 20:08:42 159744 ----a-w- c:\windows\system32\atiapfxx.exe

2012-05-24 20:04:28 847872 ----a-w- c:\windows\system32\atikvmag.dll

2012-05-24 20:00:52 638976 ----a-w- c:\windows\system32\atiok3x2.dll

2012-05-24 19:59:50 237568 ----a-w- c:\windows\system32\atiadlxx.dll

2012-05-24 19:59:34 17408 ----a-w- c:\windows\system32\atitvo32.dll

2012-05-24 19:53:54 888832 ----a-w- c:\windows\system32\ati2cqag.dll

2012-05-24 19:52:14 65024 ----a-w- c:\windows\system32\atimpc32.dll

2012-05-24 19:52:14 65024 ----a-w- c:\windows\system32\amdpcom32.dll

2012-05-24 19:51:38 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-28 01:34:23 140496 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2012-04-28 01:34:01 280736 ----a-w- c:\windows\system32\PnkBstrB.xtr

2012-04-28 01:34:01 280736 ----a-w- c:\windows\system32\PnkBstrB.exe

2012-04-25 04:32:27 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-04-23 14:46:47 78336 ------w- c:\windows\system32\ieencode.dll

2012-04-21 11:28:38 280736 ----a-w- c:\windows\system32\PnkBstrB.ex0

.

============= FINISH: 7:05:49.20 ===============

attach.txt

dds.txt

Maurice Naggar · July 20, 2012

Hello,

Uninstall BIttorrentdna and any other 'torrent.

Your logs show this pc has 2 antivirus programs installed. Avira and MSE :excl: What's up with that ?

Having two active antivirus programs will lead to deadlocks and conflicts.

You must de-install one of them before going forward. Tell me what you have done and Restart the system fresh.

Do as much as possible of the following. Meantime do NOT do any websurfing, online games, or any online transactions.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

Run Security Check
Follow the onscreen instructions inside of the command window.
A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5

Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Start Internet Explorer

Using Internet Explorer browser only, go to BitDefender Quickscan website:

http://quickscan.bitdefender.com

and click "Start Scan".

Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.

Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.

If prompted, reply yes to allow it to run.

Press the Allow button and follow prompts.

Press the "Start Scan" once more.

You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/

and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.

It may seem to stall at moments, but have patience; it will move on.

You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.

The log report will show in your text editor. Save the log.

Do a Select ALL, Copy. Then paste contents into your next reply.

Step 6

Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
>> from here <<
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Click on Scan.
Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

Edited July 20, 2012 by Maurice Naggar
notes added

tenuglymen · July 20, 2012

Thanks for the help - i am sending the other file in the next post.

info.txt logfile of random's system information tool 1.09 2012-07-20 18:03:37

======Uninstall list======

-->MsiExec /X{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly

3DVIA player 5.0-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10ze_Plugin.exe -maintain plugin

Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe -maintain activex

Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}

Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"

Alien Swarm-->"C:\program files\steam\steam.exe" steam://uninstall/630

Amazon MP3 Downloader 1.0.5-->C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe

AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}

Apple Mobile Device Support-->MsiExec.exe /I{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}

ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}

Avira Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Battlefield: Bad Company 2-->"C:\program files\steam\steam.exe" steam://uninstall/24960

Better Homes and Gardens Home Designer Pro 7.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E613434-312D-4786-B879-8659B0EB0FCA}\setup.exe" -l0x9 -removeonly

Bing Maps 3D-->MsiExec.exe /I{2D87E961-577B-492B-AD54-1368680FB9A7}

BioShock 2-->"C:\program files\steam\steam.exe" steam://uninstall/8850

BioShock-->"C:\program files\steam\steam.exe" steam://uninstall/7670

BlackBerry App World Browser Plugin-->MsiExec.exe /X{598420E8-E9F9-4FAE-9B6C-599FDF2F611A}

BlackBerry Desktop Software 6.0-->MsiExec.exe /i{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}

Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}

Borderlands-->"C:\program files\steam\steam.exe" steam://uninstall/8980

Catalyst Control Center - Branding-->MsiExec.exe /I{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}

Catalyst Control Center - Branding-->MsiExec.exe /I{BB5202A5-B5B4-4899-ADD9-984EA71FA979}

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}

Dead Island-->"C:\program files\steam\steam.exe" steam://uninstall/91310

Dungeon Defenders-->"C:\program files\steam\steam.exe" steam://uninstall/65800

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_F91D44FAA5479127.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Half-Life 2: Lost Coast-->"C:\program files\steam\steam.exe" steam://uninstall/340

Half-Life 2-->"C:\program files\steam\steam.exe" steam://uninstall/220

Hotfix for Windows Media Format 11 SDK (KB973442)-->"C:\WINDOWS\$NtUninstallKB973442_WM11$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat

HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat

HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}

HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

Internet Explorer (Enable DEP)-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb"

iTunes-->MsiExec.exe /I{29ED20C9-5E15-4969-9279-25BF3727A3DA}

Java 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217005FF}

JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}

JumpStart Kindergarten-->C:\Program Files\Common Files\JumpStart Classics\Uninstall\KGUn.exe

JumpStart PreSchool-->C:\Program Files\Common Files\JumpStart Classics\Uninstall\PreSchoolUn.exe

JumpStart Toddlers-->C:\Program Files\Common Files\JumpStart Classics\Uninstall\ToddlerUn.exe

Just Cause 2-->"C:\program files\steam\steam.exe" steam://uninstall/8190

Killing Floor Mod: Defence Alliance 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/35420

Killing Floor-->"C:\Program Files\Steam\steam.exe" steam://uninstall/1250

Left 4 Dead 2 Add-on Support-->"C:\program files\steam\steam.exe" steam://uninstall/564

Left 4 Dead 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/550

Left 4 Dead-->"C:\Program Files\Steam\steam.exe" steam://uninstall/500

LightScribe System Software-->MsiExec.exe /X{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}

Magic 3D Coloring Book Amazing Animals-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM and Crayola\Amazing Animals\Uninst.isu"

Malwarebytes Anti-Malware version 1.62.0.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Map To Atlantis-->msiexec /qb /x {1214875C-89CF-4C0C-4944-F4D23A4D1995}

Map To Atlantis-->MsiExec.exe /I{1214875C-89CF-4C0C-4944-F4D23A4D1995}

Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe

Memeo Instant Backup-->C:\Program Files\Memeo\AutoBackup\uninstall.exe

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)-->MsiExec.exe /X{41785C66-90F2-40CE-8CB5-1C94BFC97280}

Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}

Microsoft Games for Windows - LIVE-->MsiExec.exe /X{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"

Microsoft LifeCam-->MsiExec.exe /X{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office PowerPoint 2003 Template Pack 1-->MsiExec.exe /I{90AB0409-6000-11D3-8CFE-0150048383C9}

Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Mz Ultimate Tweaker-->C:\Program Files\MZ U.T\uninstall.exe

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI

OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}

OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}

Orcs Must Die!-->"C:\program files\steam\steam.exe" steam://uninstall/102600

Origin-->C:\Program Files\Origin\OriginUninstall.exe

Portal 2-->"C:\program files\steam\steam.exe" steam://uninstall/620

Prime95-->"C:\Program Files\Prime95\Uninstall.exe" "C:\Program Files\Prime95\install.log"

PunkBuster Services-->c:\program files\steam\steamapps\common\red orchestra 2\Binaries\Win32\pbsvc_hos.exe -u

QuickTime-->MsiExec.exe /I{0E64B098-8018-4256-BA23-C316A43AD9B0}

REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -removeonly

Red Orchestra 2: Heroes of Stalingrad-->"C:\program files\steam\steam.exe" steam://uninstall/35450

Royal Envoy™ Collector’s Edition-->"C:\Program Files\Playrix Entertainment\Royal Envoy CE\unins000.exe"

Safari-->MsiExec.exe /I{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 8 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"

Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}

Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}

Spec Ops: The Line-->"C:\program files\steam\steam.exe" steam://uninstall/50300

SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe" -runfromtemp -l0x0009 -removeonly

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

Team Fortress 2-->"C:\program files\steam\steam.exe" steam://uninstall/440

Tt eSPORTS BLACK-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1651B6FF-DC41-48F8-9B10-AAAEFC496933}\setup.exe" -l0x9 -removeonly

Update for Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe"

Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}

WebEx-->C:\PROGRA~1\MOZILL~1\plugins\atcliun.exe

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows PowerShell 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

XPS Essentials Pack 1.0-->%SystemRoot%\$NtUninstallXpsEP$\spuninst\spuninst.exe /u

XPS Essentials Pack-->MsiExec.exe /X{6A69D94E-C569-4154-9643-72E94D1DDFDA}

Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

Zune Language Pack (CHS)-->MsiExec.exe /X{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}

Zune Language Pack (CHT)-->MsiExec.exe /X{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}

Zune Language Pack (CSY)-->MsiExec.exe /X{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}

Zune Language Pack (DAN)-->MsiExec.exe /X{8B112338-2B08-4851-AF84-E7CAD74CEB32}

Zune Language Pack (DEU)-->MsiExec.exe /X{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}

Zune Language Pack (ELL)-->MsiExec.exe /X{3589A659-F732-4E65-A89A-5438C332E59D}

Zune Language Pack (ESP)-->MsiExec.exe /X{6B33492E-FBBC-4EC3-8738-09E16E395A10}

Zune Language Pack (FIN)-->MsiExec.exe /X{B4870774-5F3A-46D9-9DFE-06FB5599E26B}

Zune Language Pack (IND)-->MsiExec.exe /X{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}

Zune Language Pack (KOR)-->MsiExec.exe /X{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}

Zune Language Pack (MSL)-->MsiExec.exe /X{76BA306B-2AA0-47C0-AB6B-F313AB56C136}

Zune Language Pack (NLD)-->MsiExec.exe /X{6740BCB0-5863-47F4-80F4-44F394DE4FE2}

Zune Language Pack (NOR)-->MsiExec.exe /X{5DEFD397-4012-46C3-B6DA-E8013E660772}

Zune Language Pack (PLK)-->MsiExec.exe /X{8960A0A1-BB5A-479E-92CF-65AB9D684B43}

Zune Language Pack (PTB)-->MsiExec.exe /X{07EEE598-5F21-4B57-B40B-46592625B3D9}

Zune Language Pack (PTG)-->MsiExec.exe /X{5C93E291-A1CC-4E51-85C6-E194209FCDB4}

Zune Language Pack (RUS)-->MsiExec.exe /X{57C51D56-B287-4C11-9192-EC3C46EF76A4}

Zune Language Pack (SVE)-->MsiExec.exe /X{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}

Zune-->c:\Program Files\Zune\ZuneSetup.exe /x

Zune-->MsiExec.exe /X{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}

======Security center information======

AV: Avira Desktop

AV: Microsoft Security Essentials (disabled)

======System event log======

Computer Name: MIKES-E8400

Event Code: 57

Message: The system failed to flush data to the transaction log. Corruption may occur.

Record Number: 152894

Source Name: Ftdisk

Time Written: 20120712083657.000000-240

Event Type: warning

User:

Computer Name: MIKES-E8400

Event Code: 57

Message: The system failed to flush data to the transaction log. Corruption may occur.

Record Number: 152893

Source Name: Ftdisk

Time Written: 20120712083657.000000-240

Event Type: warning

User:

Computer Name: MIKES-E8400

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 152892

Source Name: Tcpip

Time Written: 20120712081605.000000-240

Event Type: warning

User:

Computer Name: MIKES-E8400

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 152888

Source Name: Tcpip

Time Written: 20120712060513.000000-240

Event Type: warning

User:

Computer Name: MIKES-E8400

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 152887

Source Name: Tcpip

Time Written: 20120712053832.000000-240

Event Type: warning

User:

=====Application event log=====

Computer Name: MIKES-E8400

Event Code: 8

Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Record Number: 34586

Source Name: crypt32

Time Written: 20120701021903.000000-240

Event Type: error

User:

Computer Name: MIKES-E8400

Event Code: 11

Message: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Record Number: 34585

Source Name: crypt32

Time Written: 20120701021903.000000-240

Event Type: error

User:

Computer Name: MIKES-E8400

Event Code: 8

Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Record Number: 34584

Source Name: crypt32

Time Written: 20120701021903.000000-240

Event Type: error

User:

Computer Name: MIKES-E8400

Event Code: 11

Message: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Record Number: 34583

Source Name: crypt32

Time Written: 20120701021903.000000-240

Event Type: error

User:

Computer Name: MIKES-E8400

Event Code: 8

Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Record Number: 34582

Source Name: crypt32

Time Written: 20120701021903.000000-240

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\AMD APP\bin\x86;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32\WindowsPowerShell\v1.0

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel

"PROCESSOR_REVISION"=1706

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"asl.log"=Destination=file

"AMDAPPSDKROOT"=C:\Program Files\AMD APP\

"CLASSPATH"=.;C:\Program Files\Java\jre7\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre7\lib\ext\QTJava.zip

-----------------EOF-----------------

tenuglymen · July 20, 2012

^{^{Logfile of random's system information tool 1.09 (written by random/random)}}

^{^{Run by Mike at 2012-07-20 18:03:18}}

^{^{Microsoft Windows XP Professional Service Pack 3}}

^{^{System drive C: has 38 GB (12%) free of 305 GB}}

^{^{Total RAM: 2046 MB (54% free)}}

^{^{Logfile of Trend Micro HijackThis v2.0.4}}

^{^{Scan saved at 6:03:34 PM, on 7/20/2012}}

^{^{Platform: Windows XP SP3 (WinNT 5.01.2600)}}

^{^{MSIE: Internet Explorer v8.00 (8.00.6001.18702)}}

^{^{Boot mode: Normal}}

^{^{Running processes:}}

^{^{C:\WINDOWS\System32\smss.exe}}

^{^{C:\WINDOWS\system32\winlogon.exe}}

^{^{C:\WINDOWS\system32\services.exe}}

^{^{C:\WINDOWS\system32\lsass.exe}}

^{^{C:\WINDOWS\system32\Ati2evxx.exe}}

^{^{C:\WINDOWS\system32\svchost.exe}}

^{^{C:\WINDOWS\System32\svchost.exe}}

^{^{C:\WINDOWS\system32\svchost.exe}}

^{^{C:\WINDOWS\system32\Ati2evxx.exe}}

^{^{C:\WINDOWS\system32\spoolsv.exe}}

^{^{C:\Program Files\Avira\AntiVir Desktop\sched.exe}}

^{^{C:\Program Files\Avira\AntiVir Desktop\avguard.exe}}

^{^{C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe}}

^{^{C:\Program Files\Bonjour\mDNSResponder.exe}}

^{^{C:\Program Files\Common Files\LightScribe\LSSrvc.exe}}

^{^{C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe}}

^{^{C:\WINDOWS\Explorer.EXE}}

^{^{C:\WINDOWS\RTHDCPL.EXE}}

^{^{C:\Program Files\Microsoft LifeCam\MSCamS32.exe}}

^{^{C:\WINDOWS\system32\PnkBstrA.exe}}

^{^{C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe}}

^{^{C:\WINDOWS\System32\svchost.exe}}

^{^{c:\Program Files\Zune\ZuneBusEnum.exe}}

^{^{C:\Program Files\iTunes\iTunesHelper.exe}}

^{^{C:\Program Files\Thermaltake\Tt eSPORTS BLACK\Black.exe}}

^{^{C:\Program Files\Avira\AntiVir Desktop\avgnt.exe}}

^{^{C:\Program Files\HP\HP Software Update\HPWuSchd2.exe}}

^{^{C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe}}

^{^{C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe}}

^{^{C:\program files\steam\steam.exe}}

^{^{C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe}}

^{^{C:\WINDOWS\system32\ctfmon.exe}}

^{^{C:\Program Files\DNA\btdna .exe}}

^{^{C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe}}

^{^{C:\Program Files\Avira\AntiVir Desktop\avshadow.exe}}

^{^{C:\Program Files\Memeo\AutoBackup\InstantBackup.exe}}

^{^{C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe}}

^{^{C:\Program Files\iPod\bin\iPodService.exe}}

^{^{C:\Program Files\Internet Explorer\iexplore.exe}}

^{^{C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe}}

^{^{C:\Program Files\Internet Explorer\iexplore.exe}}

^{^{C:\WINDOWS\system32\NOTEPAD.EXE}}

^{^{C:\Program Files\ERUNT\ERUNT.EXE}}

^{^{C:\Program Files\Internet Explorer\iexplore.exe}}

^{^{C:\Documents and Settings\Mike\Local Settings\Temporary Internet Files\Content.IE5\0DXGUCBB\RSIT[1].exe}}

^{^{C:\Program Files\trend micro\Mike.exe}}

^{^{R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =}}^{^{http://go.microsoft.com/fwlink/?LinkId=69157}}

^{^{R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =}}^{^{http://go.microsoft.com/fwlink/?LinkId=69157}}

^{^{R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =}}^{^{http://go.microsoft.com/fwlink/?LinkId=54896}}

^{^{R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =}}^{^{http://go.microsoft.com/fwlink/?LinkId=54896}}

^{^{R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =}}^{^{http://go.microsoft.com/fwlink/?LinkId=69157}}

^{^{O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll}}

^{^{O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll}}

^{^{O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)}}

^{^{O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll}}

^{^{O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll}}

^{^{O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll}}

^{^{O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll}}

^{^{O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll}}

^{^{O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE}}

^{^{O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions}}

^{^{O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui}}

^{^{O4 - HKLM\..\Run: [seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui}}

^{^{O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"}}

^{^{O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"}}

^{^{O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe}}

^{^{O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"}}

^{^{O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"}}

^{^{O4 - HKLM\..\Run: [Tt eSPORTS BLACK Gaming Mouse] "C:\Program Files\Thermaltake\Tt eSPORTS BLACK\Black.exe" /Automation}}

^{^{O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"}}

^{^{O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min}}

^{^{O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun}}

^{^{O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"}}

^{^{O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe}}

^{^{O4 - HKLM\..\Run: [ATICustomerCare] "c:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"}}

^{^{O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime}}

^{^{O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe"}}

^{^{O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden}}

^{^{O4 - HKCU\..\Run: [steam] "C:\program files\steam\steam.exe" -silent}}

^{^{O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"}}

^{^{O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe}}

^{^{O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna .exe"}}

^{^{O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')}}

^{^{O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')}}

^{^{O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe}}

^{^{O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE}}

^{^{O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll}}

^{^{O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll}}

^{^{O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe}}

^{^{O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe}}

^{^{O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)}}

^{^{O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)}}

^{^{O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -}}^{^{https://support.microsoft.com/OAS/ActiveX/MSDcode.cab}}

^{^{O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -}}^{^{http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab}}

^{^{O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll}}

^{^{O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -}}^{^{http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab}}

^{^{O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) -}}^{^{http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab}}

^{^{O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -}}^{^{http://crucial.com/controls/cpcScanner.cab}}

^{^{O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) -}}^{^{http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe}}

^{^{O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll}}

^{^{O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll}}

^{^{O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll}}

^{^{O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe}}

^{^{O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe}}

^{^{O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe}}

^{^{O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe}}

^{^{O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe}}

^{^{O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe}}

^{^{O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe}}

^{^{O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe}}

^{^{O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe}}

^{^{O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe}}

^{^{O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe}}

^{^{O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe}}

^{^{O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)}}

^{^{O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe}}

^{^{O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe}}

^{^{O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe}}

^{^--}

^{^{End of file - 10715 bytes}}

^{^{======Scheduled tasks folder======}}

^{^{C:\WINDOWS\tasks\AppleSoftwareUpdate.job}}

^{^{C:\WINDOWS\tasks\Google Software Updater.job}}

^{^{C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job}}

^{^{C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job}}

^{^{C:\WINDOWS\tasks\OGALogon.job}}

^{^{======Registry dump======}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]}}

^{^{Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]}}

^{^{Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]}}

^{^{Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-19 192112]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]}}

^{^{Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]}}

^{^{Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-12 1003576]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]}}

^{^{{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]}}

^{^{{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-19 192112]}}

^{^{[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]}}

^{^{"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-11 16844800]}}

^{^{"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2008-04-13 208896]}}

^{^{"Memeo Instant Backup"=C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe [2010-04-22 136416]}}

^{^{"Seagate Dashboard"=C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [2011-06-01 79112]}}

^{^{"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]}}

^{^{"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]}}

^{^{"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]}}

^{^{"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]}}

^{^{"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-10-09 421736]}}

^{^{"Tt eSPORTS BLACK Gaming Mouse"=C:\Program Files\Thermaltake\Tt eSPORTS BLACK\Black.exe [2011-01-06 13346600]}}

^{^{"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]}}

^{^{"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-02 348624]}}

^{^{"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-24 98304]}}

^{^{"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe []}}

^{^{"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]}}

^{^{"ATICustomerCare"=c:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]}}

^{^{"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-04-18 421888]}}

^{^{"SunJavaUpdateSched"=C:\Program Files\Java\jre7\bin\jusched.exe []}}

^{^{[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]}}

^{^{"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]}}

^{^{"Steam"=C:\program files\steam\steam.exe [2011-08-11 1242448]}}

^{^{"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-30 39408]}}

^{^{"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]}}

^{^{"BitTorrent DNA"=C:\Program Files\DNA\btdna .exe [2009-11-13 323392]}}

^{^{C:\Documents and Settings\All Users\Start Menu\Programs\Startup}}

^{^{HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe}}

^{^{Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]}}

^{^{C:\WINDOWS\system32\Ati2evxx.dll [2012-05-24 192512]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]}}

^{^{C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]}}

^{^{WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]}}

^{^{[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]}}

^{^{[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]}}

^{^{"dontdisplaylastusername"=0}}

^{^{"legalnoticecaption"=}}

^{^{"legalnoticetext"=}}

^{^{"shutdownwithoutlogon"=1}}

^{^{"undockwithoutlogon"=1}}

^{^{[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]}}

^{^{"NoDriveTypeAutoRun"=323}}

^{^{"NoDriveAutoRun"=67108863}}

^{^"NoDrives"=0}

^{^{[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]}}

^{^{"HonorAutoRunSetting"=1}}

^{^{"NoDriveAutoRun"=67108863}}

^{^{"NoDriveTypeAutoRun"=323}}

^{^"NoDrives"=0}

^{^{[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]}}

^{^{"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"}}

^{^{"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"}}

^{^{"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"}}

^{^{"C:\Program Files\America's Army\System\ArmyOps.exe"="C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"}}

^{^{"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"}}

^{^{"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"}}

^{^{"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"}}

^{^{"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"}}

^{^{"C:\Program Files\USArmy\America's Army 3\Binaries\AA3Game.exe"="C:\Program Files\USArmy\America's Army 3\Binaries\AA3Game.exe:*:Enabled:AA3Game"}}

^{^{"C:\Documents and Settings\Mike\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\Mike\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"}}

^{^{"C:\Program Files\DNA\btdna .exe"="C:\Program Files\DNA\btdna .exe:*:Enabled:DNA"}}

^{^{"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"}}

^{^{"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe"="C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software"}}

^{^{"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"}}

^{^{"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"}}

^{^{"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"}}

^{^{"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"}}

^{^{"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"}}

^{^{"C:\Program Files\Steam\steamapps\common\battlefield bad company 2\BFBC2Game.exe"="C:\Program Files\Steam\steamapps\common\battlefield bad company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm"="C:\Program Files\Steam\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Battlefield: Bad Company 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"}}

^{^{"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"}}

^{^{"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"}}

^{^{"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"}}

^{^{"C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe"="C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"}}

^{^{"C:\Program Files\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe"="C:\Program Files\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"}}

^{^{"C:\Program Files\Steam\steamapps\common\orcs must die!\Build\release\OrcsMustDie.exe"="C:\Program Files\Steam\steamapps\common\orcs must die!\Build\release\OrcsMustDie.exe:*:Enabled:Orcs Must Die!"}}

^{^{"C:\Program Files\Steam\steamapps\common\dead island\DeadIslandGame.exe"="C:\Program Files\Steam\steamapps\common\dead island\DeadIslandGame.exe:*:Enabled:Dead Island"}}

^{^{"C:\Program Files\Steam\steamapps\common\red orchestra 2\Binaries\Win32\ROGame.exe"="C:\Program Files\Steam\steamapps\common\red orchestra 2\Binaries\Win32\ROGame.exe:*:Enabled:Red Orchestra 2: Heroes of Stalingrad"}}

^{^{"C:\Program Files\Steam\steamapps\common\Just Cause 2\JustCause2.exe"="C:\Program Files\Steam\steamapps\common\Just Cause 2\JustCause2.exe:*:Enabled:Just Cause 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe"="C:\Program Files\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe:*:Enabled:BioShock 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe"="C:\Program Files\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe:*:Enabled:BioShock 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe"="C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe:*:Enabled:BioShock"}}

^{^{"C:\Program Files\Steam\steamapps\common\portal 2\portal2.exe"="C:\Program Files\Steam\steamapps\common\portal 2\portal2.exe:*:Enabled:Portal 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe"="C:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe:*:Enabled:Dungeon Defenders"}}

^{^{"C:\Program Files\Steam\steamapps\common\killingfloor\System\KillingFloor.exe"="C:\Program Files\Steam\steamapps\common\killingfloor\System\KillingFloor.exe:*:Enabled:Killing Floor"}}

^{^{"C:\Program Files\Steam\steamapps\common\specops_theline\Binaries\Win32\SpecOpsTheLine.exe"="C:\Program Files\Steam\steamapps\common\specops_theline\Binaries\Win32\SpecOpsTheLine.exe:*:Enabled:Spec Ops: The Line"}}

^{^{"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"}}

^{^{"C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe"="C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent"}}

^{^{"C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"}}

^{^{"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"}}

^{^{"C:\Program Files\Steam\steamapps\common\alien swarm\bin\SDKLauncher.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\bin\SDKLauncher.exe:*:Enabled:Alien Swarm - SDK"}}

^{^{[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]}}

^{^{"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"}}

^{^{"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"}}

^{^{[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]}}

^{^{"midimapper"=midimap.dll}}

^{^{"msacm.imaadpcm"=imaadp32.acm}}

^{^{"msacm.msadpcm"=msadp32.acm}}

^{^{"msacm.msg711"=msg711.acm}}

^{^{"msacm.msgsm610"=msgsm32.acm}}

^{^{"msacm.trspch"=tssoft32.acm}}

^{^{"vidc.cvid"=iccvid.dll}}

^{^{"VIDC.I420"=msh263.drv}}

^{^{"vidc.iv31"=ir32_32.dll}}

^{^{"vidc.iv32"=ir32_32.dll}}

^{^{"vidc.iv41"=ir41_32.ax}}

^{^{"VIDC.IYUV"=iyuv_32.dll}}

^{^{"vidc.mrle"=msrle32.dll}}

^{^{"vidc.msvc"=msvidc32.dll}}

^{^{"VIDC.UYVY"=msyuv.dll}}

^{^{"VIDC.YUY2"=msyuv.dll}}

^{^{"VIDC.YVU9"=tsbyuv.dll}}

^{^{"VIDC.YVYU"=msyuv.dll}}

^{^{"wavemapper"=msacm32.drv}}

^{^{"msacm.msg723"=msg723.acm}}

^{^{"vidc.M263"=msh263.drv}}

^{^{"vidc.M261"=msh261.drv}}

^{^{"msacm.msaudio1"=msaud32.acm}}

^{^{"msacm.sl_anet"=sl_anet.acm}}

^{^{"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax}}

^{^{"vidc.iv50"=ir50_32.dll}}

^{^{"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm}}

^{^{"wave"=wdmaud.drv}}

^{^{"midi"=wdmaud.drv}}

^{^{"mixer"=wdmaud.drv}}

^{^{"aux"=wdmaud.drv}}

^{^{"MSVideo8"=VfWWDM32.dll}}

^{^{"wave2"=wdmaud.drv}}

^{^{"mixer2"=wdmaud.drv}}

^{^{"wave3"=wdmaud.drv}}

^{^{"mixer3"=wdmaud.drv}}

^{^{"wave4"=wdmaud.drv}}

^{^{"mixer4"=wdmaud.drv}}

^{^{"wave1"=wdmaud.drv}}

^{^{"midi1"=wdmaud.drv}}

^{^{"mixer1"=wdmaud.drv}}

^{^{"aux1"=wdmaud.drv}}

^{^{======List of files/folders created in the last 1 month======}}

^{^{2012-07-20 18:03:18 ----D---- C:\rsit}}

^{^{2012-07-20 18:03:18 ----D---- C:\Program Files\trend micro}}

^{^{2012-07-20 17:47:13 ----D---- C:\Program Files\ERUNT}}

^{^{2012-07-18 18:04:11 ----D---- C:\6514d27b1caa752ef6046fa3c0fa}}

^{^{2012-07-16 06:56:17 ----D---- C:\Documents and Settings\Mike\Application Data\ElevatedDiagnostics}}

^{^{2012-07-16 06:55:29 ----D---- C:\WINDOWS\system32\windowspowershell}}

^{^{2012-07-16 06:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$}}

^{^{2012-07-15 20:27:20 ----HDC---- C:\WINDOWS\ie8}}

^{^{2012-07-15 20:15:34 ----A---- C:\WINDOWS\imsins.BAK}}

^{^{2012-07-15 20:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$}}

^{^{2012-07-15 19:05:17 ----A---- C:\WINDOWS\SchedLgU.Txt}}

^{^{2012-07-11 03:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$}}

^{^{2012-07-11 03:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$}}

^{^{2012-07-11 03:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$}}

^{^{2012-07-11 03:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$}}

^{^{2012-07-11 03:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$}}

^{^{2012-07-09 14:46:22 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe}}

^{^{2012-07-08 19:29:54 ----D---- C:\Documents and Settings\All Users\Application Data\EA Core}}

^{^{2012-07-07 06:44:21 ----D---- C:\Program Files\QuickTime}}

^{^{2012-07-06 19:59:59 ----ASH---- C:\pagefile.sys}}

^{^{2012-07-06 11:58:23 ----SHD---- C:\RECYCLER}}

^{^{2012-07-05 17:42:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2685939$}}

^{^{2012-07-05 17:42:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$}}

^{^{2012-07-05 17:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2707511$}}

^{^{2012-07-05 17:39:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2718704$}}

^{^{2012-07-05 17:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$}}

^{^{2012-07-05 17:31:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$}}

^{^{2012-07-05 17:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$}}

^{^{2012-07-05 17:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$}}

^{^{2012-07-05 17:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$}}

^{^{2012-07-05 17:29:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$}}

^{^{2012-07-05 17:27:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$}}

^{^{2012-07-05 17:27:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$}}

^{^{2012-07-05 17:26:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$}}

^{^{2012-07-05 17:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$}}

^{^{2012-07-05 17:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$}}

^{^{2012-07-05 17:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$}}

^{^{2012-07-05 17:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$}}

^{^{2012-07-05 17:25:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$}}

^{^{2012-07-05 17:25:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$}}

^{^{2012-07-05 17:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$}}

^{^{2012-07-05 17:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$}}

^{^{2012-07-05 17:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$}}

^{^{2012-07-05 17:24:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$}}

^{^{2012-07-05 17:24:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$}}

^{^{2012-07-05 17:24:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$}}

^{^{2012-07-05 17:24:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$}}

^{^{2012-07-05 17:24:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$}}

^{^{2012-07-05 17:24:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$}}

^{^{2012-07-05 17:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$}}

^{^{2012-07-05 17:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$}}

^{^{2012-07-05 17:23:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$}}

^{^{2012-07-05 17:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$}}

^{^{2012-07-05 17:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$}}

^{^{2012-07-05 17:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$}}

^{^{2012-07-05 17:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$}}

^{^{2012-07-05 14:29:27 ----N---- C:\WINDOWS\system32\iacenc.dll}}

^{^{2012-07-05 10:55:08 ----D---- C:\Program Files\ESET}}

^{^{2012-07-05 08:07:03 ----N---- C:\TDSSKiller.2.7.44.0_05.07.2012_08.07.03_log.txt}}

^{^{2012-07-05 07:42:24 ----A---- C:\WINDOWS\system32\javaws.exe}}

^{^{2012-07-05 07:42:17 ----A---- C:\WINDOWS\system32\javaw.exe}}

^{^{2012-07-05 07:42:17 ----A---- C:\WINDOWS\system32\java.exe}}

^{^{2012-07-05 07:37:04 ----N---- C:\ComboFix.txt}}

^{^{2012-07-05 07:20:15 ----N---- C:\Boot.bak}}

^{^{2012-07-05 07:20:07 ----RSHD---- C:\cmdcons}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\zip.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\SWXCACLS.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\SWSC.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\SWREG.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\sed.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\PEV.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\NIRCMD.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\MBR.exe}}

^{^{2012-07-05 07:17:38 ----A---- C:\WINDOWS\grep.exe}}

^{^{2012-07-05 07:17:08 ----D---- C:\WINDOWS\erdnt}}

^{^{2012-07-04 16:13:40 ----D---- C:\523343ab8e706eb6c91b06}}

^{^{2012-07-04 09:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\ATI}}

^{^{2012-07-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\AtihdXP3.sys}}

^{^{2012-07-04 08:48:49 ----D---- C:\AMD}}

^{^{2012-06-29 08:21:21 ----D---- C:\Documents and Settings\Mike\Application Data\SPORE}}

^{^{2012-06-22 10:51:19 ----D---- C:\Documents and Settings\All Users\Application Data\Sun}}

^{^{2012-06-22 10:50:44 ----D---- C:\Program Files\Oracle}}

^{^{2012-06-22 10:50:34 ----D---- C:\Documents and Settings\Mike\Application Data\Oracle}}

^{^{2012-06-22 10:50:31 ----A---- C:\WINDOWS\system32\npDeployJava1.dll}}

^{^{2012-06-22 10:50:31 ----A---- C:\WINDOWS\system32\deployJava1.dll}}

^{^{======List of files/folders modified in the last 1 month======}}

^{^{2012-07-20 18:03:24 ----D---- C:\WINDOWS\Prefetch}}

^{^{2012-07-20 18:03:23 ----D---- C:\WINDOWS\Temp}}

^{^{2012-07-20 18:03:18 ----RD---- C:\Program Files}}

^{^{2012-07-20 17:58:43 ----D---- C:\Documents and Settings\Mike\Application Data\DNA}}

^{^{2012-07-20 17:41:07 ----D---- C:\WINDOWS\system32\CatRoot2}}

^{^{2012-07-20 17:40:22 ----A---- C:\WINDOWS\win.ini}}

^{^{2012-07-20 17:40:19 ----SHD---- C:\WINDOWS\Installer}}

^{^{2012-07-20 17:40:19 ----D---- C:\Config.Msi}}

^{^{2012-07-20 17:39:32 ----D---- C:\WINDOWS\system32\config}}

^{^{2012-07-20 17:39:08 ----D---- C:\Program Files\Steam}}

^{^{2012-07-20 17:38:32 ----D---- C:\Program Files\DNA}}

^{^{2012-07-20 17:35:09 ----D---- C:\WINDOWS\system32\drivers}}

^{^{2012-07-20 17:35:00 ----SD---- C:\WINDOWS\Tasks}}

^{^{2012-07-20 06:39:09 ----D---- C:\WINDOWS\Minidump}}

^{^{2012-07-20 06:39:00 ----D---- C:\WINDOWS}}

^{^{2012-07-19 19:20:52 ----D---- C:\WINDOWS\AppPatch}}

^{^{2012-07-19 19:01:11 ----D---- C:\WINDOWS\Registration}}

^{^{2012-07-16 07:44:14 ----RSD---- C:\WINDOWS\assembly}}

^{^{2012-07-16 07:44:14 ----D---- C:\WINDOWS\Microsoft.NET}}

^{^{2012-07-16 07:24:55 ----D---- C:\WINDOWS\system32\CatRoot}}

^{^{2012-07-16 07:24:48 ----HD---- C:\WINDOWS\inf}}

^{^{2012-07-16 07:24:47 ----RSHDC---- C:\WINDOWS\system32\dllcache}}

^{^{2012-07-16 07:24:47 ----D---- C:\WINDOWS\system32}}

^{^{2012-07-16 07:24:45 ----D---- C:\WINDOWS\ie8updates}}

^{^{2012-07-15 21:57:22 ----D---- C:\Program Files\Oront Burning Kit 2}}

^{^{2012-07-15 21:56:08 ----D---- C:\Program Files\Common Files\Ahead}}

^{^{2012-07-15 21:52:45 ----D---- C:\Documents and Settings\Mike\Application Data\IGN_DLM}}

^{^{2012-07-15 21:50:17 ----D---- C:\Program Files\America's Army}}

^{^{2012-07-15 21:32:06 ----D---- C:\Program Files\Mozilla Firefox}}

^{^{2012-07-15 21:30:25 ----D---- C:\Program Files\Common Files\Java}}

^{^{2012-07-15 21:29:51 ----D---- C:\Program Files\Java}}

^{^{2012-07-15 20:54:20 ----D---- C:\WINDOWS\system32\en-us}}

^{^{2012-07-15 20:54:20 ----D---- C:\WINDOWS\Media}}

^{^{2012-07-15 20:54:20 ----D---- C:\WINDOWS\Help}}

^{^{2012-07-15 20:54:20 ----D---- C:\Program Files\Internet Explorer}}

^{^{2012-07-15 20:39:05 ----D---- C:\WINDOWS\ie7updates}}

^{^{2012-07-15 20:34:50 ----HD---- C:\WINDOWS\$hf_mig$}}

^{^{2012-07-15 19:03:39 ----D---- C:\WINDOWS\Debug}}

^{^{2012-07-15 18:17:11 ----SHD---- C:\WINDOWS\CSC}}

^{^{2012-07-15 15:21:03 ----SD---- C:\WINDOWS\Downloaded Program Files}}

^{^{2012-07-14 15:52:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware}}

^{^{2012-07-14 13:15:51 ----A---- C:\WINDOWS\NeroDigital.ini}}

^{^{2012-07-13 05:41:28 ----D---- C:\WINDOWS\repair}}

^{^{2012-07-12 20:43:00 ----D---- C:\WINDOWS\system32\NtmsData}}

^{^{2012-07-12 08:46:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft}}

^{^{2012-07-11 07:00:56 ----RSH---- C:\boot.ini}}

^{^{2012-07-11 07:00:56 ----A---- C:\WINDOWS\system.ini}}

^{^{2012-07-07 07:03:58 ----D---- C:\Program Files\Spybot - Search & Destroy}}

^{^{2012-07-07 07:03:58 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy}}

^{^{2012-07-07 07:03:34 ----D---- C:\WINDOWS\WinSxS}}

^{^{2012-07-07 07:03:13 ----D---- C:\WINDOWS\system32\XPSViewer}}

^{^{2012-07-07 07:02:43 ----D---- C:\Program Files\Microsoft Silverlight}}

^{^{2012-07-07 06:14:55 ----D---- C:\WINDOWS\pss}}

^{^{2012-07-05 17:42:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI}}

^{^{2012-07-05 13:19:41 ----D---- C:\WINDOWS\CoreComp}}

^{^{2012-07-05 08:54:22 ----SHD---- C:\System Volume Information}}

^{^{2012-07-05 07:37:06 ----D---- C:\Qoobox}}

^{^{2012-07-05 07:33:51 ----D---- C:\WINDOWS\system32\drivers\etc}}

^{^{2012-07-05 07:32:58 ----D---- C:\Program Files\Messenger}}

^{^{2012-07-05 07:30:38 ----D---- C:\Program Files\Common Files}}

^{^{2012-07-05 06:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$}}

^{^{2012-07-04 09:34:05 ----D---- C:\Program Files\ATI Technologies}}

^{^{2012-07-04 09:33:24 ----D---- C:\WINDOWS\system32\ReinstallBackups}}

^{^{2012-07-04 09:23:44 ----DC---- C:\WINDOWS\system32\DRVSTORE}}

^{^{2012-07-04 09:23:28 ----D---- C:\Program Files\ATI}}

^{^{2012-07-03 21:45:57 ----D---- C:\WINDOWS\system32\DirectX}}

^{^{2012-07-03 03:13:34 ----A---- C:\WINDOWS\system32\MRT.exe}}

^{^{======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======}}

^{^{R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-04-27 137928]}}

^{^{R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]}}

^{^{R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]}}

^{^{R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]}}

^{^{R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]}}

^{^{R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-24 278984]}}

^{^{R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-04-25 83392]}}

^{^{R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []}}

^{^{R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []}}

^{^{R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-24 25416]}}

^{^{R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-05-24 7746048]}}

^{^{R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]}}

^{^{R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]}}

^{^{R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]}}

^{^{R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]}}

^{^{R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-11 4614656]}}

^{^{R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-08-29 12160]}}

^{^{R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2008-08-25 14208]}}

^{^{R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]}}

^{^{R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]}}

^{^{R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]}}

^{^{R3 Thermnaltake MS1 Filter;Thermnaltake MS1 Filter; C:\WINDOWS\System32\Drivers\MS1Filter.sys [2010-11-30 31360]}}

^{^{S1 acnydnvk;acnydnvk; \??\C:\WINDOWS\system32\drivers\acnydnvk.sys []}}

^{^{S1 adocqqdm;adocqqdm; \??\C:\WINDOWS\system32\drivers\adocqqdm.sys []}}

^{^{S1 aelwisru;aelwisru; \??\C:\WINDOWS\system32\drivers\aelwisru.sys []}}

^{^{S1 agjptvxx;agjptvxx; \??\C:\WINDOWS\system32\drivers\agjptvxx.sys []}}

^{^{S1 akkfewew;akkfewew; \??\C:\WINDOWS\system32\drivers\akkfewew.sys []}}

^{^{S1 amkatbha;amkatbha; \??\C:\WINDOWS\system32\drivers\amkatbha.sys []}}

^{^{S1 ardvgdvi;ardvgdvi; \??\C:\WINDOWS\system32\drivers\ardvgdvi.sys []}}

^{^{S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]}}

^{^{S1 aunsmjnh;aunsmjnh; \??\C:\WINDOWS\system32\drivers\aunsmjnh.sys []}}

^{^{S1 avpomlai;avpomlai; \??\C:\WINDOWS\system32\drivers\avpomlai.sys []}}

^{^{S1 axtlklvj;axtlklvj; \??\C:\WINDOWS\system32\drivers\axtlklvj.sys []}}

^{^{S1 ayoyocox;ayoyocox; \??\C:\WINDOWS\system32\drivers\ayoyocox.sys []}}

^{^{S1 aypstljt;aypstljt; \??\C:\WINDOWS\system32\drivers\aypstljt.sys []}}

^{^{S1 baopbtqb;baopbtqb; \??\C:\WINDOWS\system32\drivers\baopbtqb.sys []}}

^{^{S1 bdcccaxn;bdcccaxn; \??\C:\WINDOWS\system32\drivers\bdcccaxn.sys []}}

^{^{S1 bjfvgobc;bjfvgobc; \??\C:\WINDOWS\system32\drivers\bjfvgobc.sys []}}

^{^{S1 bkgktlti;bkgktlti; \??\C:\WINDOWS\system32\drivers\bkgktlti.sys []}}

^{^{S1 bmuzupjn;bmuzupjn; \??\C:\WINDOWS\system32\drivers\bmuzupjn.sys []}}

^{^{S1 boiowsxr;boiowsxr; \??\C:\WINDOWS\system32\drivers\boiowsxr.sys []}}

^{^{S1 cblfibtr;cblfibtr; \??\C:\WINDOWS\system32\drivers\cblfibtr.sys []}}

^{^{S1 ccithkfl;ccithkfl; \??\C:\WINDOWS\system32\drivers\ccithkfl.sys []}}

^{^{S1 chexewdj;chexewdj; \??\C:\WINDOWS\system32\drivers\chexewdj.sys []}}

^{^{S1 cirjxecg;cirjxecg; \??\C:\WINDOWS\system32\drivers\cirjxecg.sys []}}

^{^{S1 ckxzvofp;ckxzvofp; \??\C:\WINDOWS\system32\drivers\ckxzvofp.sys []}}

^{^{S1 cmbrnppr;cmbrnppr; \??\C:\WINDOWS\system32\drivers\cmbrnppr.sys []}}

^{^{S1 cmticpgm;cmticpgm; \??\C:\WINDOWS\system32\drivers\cmticpgm.sys []}}

^{^{S1 cmuijqwf;cmuijqwf; \??\C:\WINDOWS\system32\drivers\cmuijqwf.sys []}}

^{^{S1 coixecat;coixecat; \??\C:\WINDOWS\system32\drivers\coixecat.sys []}}

^{^{S1 cpnyzaep;cpnyzaep; \??\C:\WINDOWS\system32\drivers\cpnyzaep.sys []}}

^{^{S1 cprrlftu;cprrlftu; \??\C:\WINDOWS\system32\drivers\cprrlftu.sys []}}

^{^{S1 criuzcms;criuzcms; \??\C:\WINDOWS\system32\drivers\criuzcms.sys []}}

^{^{S1 csbobodb;csbobodb; \??\C:\WINDOWS\system32\drivers\csbobodb.sys []}}

^{^{S1 csytclsu;csytclsu; \??\C:\WINDOWS\system32\drivers\csytclsu.sys []}}

^{^{S1 ctdoqjyq;ctdoqjyq; \??\C:\WINDOWS\system32\drivers\ctdoqjyq.sys []}}

^{^{S1 ctfkdwhs;ctfkdwhs; \??\C:\WINDOWS\system32\drivers\ctfkdwhs.sys []}}

^{^{S1 ctjvtycx;ctjvtycx; \??\C:\WINDOWS\system32\drivers\ctjvtycx.sys []}}

^{^{S1 cykyiwaw;cykyiwaw; \??\C:\WINDOWS\system32\drivers\cykyiwaw.sys []}}

^{^{S1 czaozzpn;czaozzpn; \??\C:\WINDOWS\system32\drivers\czaozzpn.sys []}}

^{^{S1 deibavba;deibavba; \??\C:\WINDOWS\system32\drivers\deibavba.sys []}}

^{^{S1 didctihm;didctihm; \??\C:\WINDOWS\system32\drivers\didctihm.sys []}}

^{^{S1 dkdjzpav;dkdjzpav; \??\C:\WINDOWS\system32\drivers\dkdjzpav.sys []}}

^{^{S1 dlrptcbj;dlrptcbj; \??\C:\WINDOWS\system32\drivers\dlrptcbj.sys []}}

^{^{S1 dnwspytf;dnwspytf; \??\C:\WINDOWS\system32\drivers\dnwspytf.sys []}}

^{^{S1 dwgoyvnc;dwgoyvnc; \??\C:\WINDOWS\system32\drivers\dwgoyvnc.sys []}}

^{^{S1 dyhonejw;dyhonejw; \??\C:\WINDOWS\system32\drivers\dyhonejw.sys []}}

^{^{S1 ewfnbnpf;ewfnbnpf; \??\C:\WINDOWS\system32\drivers\ewfnbnpf.sys []}}

^{^{S1 exhfnvnz;exhfnvnz; \??\C:\WINDOWS\system32\drivers\exhfnvnz.sys []}}

^{^{S1 fecwqzyz;fecwqzyz; \??\C:\WINDOWS\system32\drivers\fecwqzyz.sys []}}

^{^{S1 fervhwau;fervhwau; \??\C:\WINDOWS\system32\drivers\fervhwau.sys []}}

^{^{S1 fftvqnum;fftvqnum; \??\C:\WINDOWS\system32\drivers\fftvqnum.sys []}}

^{^{S1 fgfonugq;fgfonugq; \??\C:\WINDOWS\system32\drivers\fgfonugq.sys []}}

^{^{S1 fhrppazp;fhrppazp; \??\C:\WINDOWS\system32\drivers\fhrppazp.sys []}}

^{^{S1 fitoqrhy;fitoqrhy; \??\C:\WINDOWS\system32\drivers\fitoqrhy.sys []}}

^{^{S1 fkfipyic;fkfipyic; \??\C:\WINDOWS\system32\drivers\fkfipyic.sys []}}

^{^{S1 fpjxhmsb;fpjxhmsb; \??\C:\WINDOWS\system32\drivers\fpjxhmsb.sys []}}

^{^{S1 fuavwbfk;fuavwbfk; \??\C:\WINDOWS\system32\drivers\fuavwbfk.sys []}}

^{^{S1 fvmrprqo;fvmrprqo; \??\C:\WINDOWS\system32\drivers\fvmrprqo.sys []}}

^{^{S1 gaoucbxe;gaoucbxe; \??\C:\WINDOWS\system32\drivers\gaoucbxe.sys []}}

^{^{S1 ghrrxwhc;ghrrxwhc; \??\C:\WINDOWS\system32\drivers\ghrrxwhc.sys []}}

^{^{S1 gipavsdo;gipavsdo; \??\C:\WINDOWS\system32\drivers\gipavsdo.sys []}}

^{^{S1 gmbzuwlr;gmbzuwlr; \??\C:\WINDOWS\system32\drivers\gmbzuwlr.sys []}}

^{^{S1 gsogeajj;gsogeajj; \??\C:\WINDOWS\system32\drivers\gsogeajj.sys []}}

^{^{S1 gwdobyzn;gwdobyzn; \??\C:\WINDOWS\system32\drivers\gwdobyzn.sys []}}

^{^{S1 gxswmhnj;gxswmhnj; \??\C:\WINDOWS\system32\drivers\gxswmhnj.sys []}}

^{^{S1 gznitruk;gznitruk; \??\C:\WINDOWS\system32\drivers\gznitruk.sys []}}

^{^{S1 haachlop;haachlop; \??\C:\WINDOWS\system32\drivers\haachlop.sys []}}

^{^{S1 hftffjqv;hftffjqv; \??\C:\WINDOWS\system32\drivers\hftffjqv.sys []}}

^{^{S1 hgpagzop;hgpagzop; \??\C:\WINDOWS\system32\drivers\hgpagzop.sys []}}

^{^{S1 hhaqnmse;hhaqnmse; \??\C:\WINDOWS\system32\drivers\hhaqnmse.sys []}}

^{^{S1 hkcievze;hkcievze; \??\C:\WINDOWS\system32\drivers\hkcievze.sys []}}

^{^{S1 hqndwuzi;hqndwuzi; \??\C:\WINDOWS\system32\drivers\hqndwuzi.sys []}}

^{^{S1 hszmygbz;hszmygbz; \??\C:\WINDOWS\system32\drivers\hszmygbz.sys []}}

^{^{S1 hulhaopf;hulhaopf; \??\C:\WINDOWS\system32\drivers\hulhaopf.sys []}}

^{^{S1 hvbpeeuc;hvbpeeuc; \??\C:\WINDOWS\system32\drivers\hvbpeeuc.sys []}}

^{^{S1 hvxqjfbo;hvxqjfbo; \??\C:\WINDOWS\system32\drivers\hvxqjfbo.sys []}}

^{^{S1 hxrupjdi;hxrupjdi; \??\C:\WINDOWS\system32\drivers\hxrupjdi.sys []}}

^{^{S1 idmndluy;idmndluy; \??\C:\WINDOWS\system32\drivers\idmndluy.sys []}}

^{^{S1 idymfsgb;idymfsgb; \??\C:\WINDOWS\system32\drivers\idymfsgb.sys []}}

^{^{S1 iemsvzyd;iemsvzyd; \??\C:\WINDOWS\system32\drivers\iemsvzyd.sys []}}

^{^{S1 igckaefn;igckaefn; \??\C:\WINDOWS\system32\drivers\igckaefn.sys []}}

^{^{S1 ihhshoix;ihhshoix; \??\C:\WINDOWS\system32\drivers\ihhshoix.sys []}}

^{^{S1 ikmmeplk;ikmmeplk; \??\C:\WINDOWS\system32\drivers\ikmmeplk.sys []}}

^{^{S1 iperfhqe;iperfhqe; \??\C:\WINDOWS\system32\drivers\iperfhqe.sys []}}

^{^{S1 irktqspi;irktqspi; \??\C:\WINDOWS\system32\drivers\irktqspi.sys []}}

^{^{S1 ivnsfgke;ivnsfgke; \??\C:\WINDOWS\system32\drivers\ivnsfgke.sys []}}

^{^{S1 ixsroohk;ixsroohk; \??\C:\WINDOWS\system32\drivers\ixsroohk.sys []}}

^{^{S1 jbrhdnos;jbrhdnos; \??\C:\WINDOWS\system32\drivers\jbrhdnos.sys []}}

^{^{S1 jbxcantg;jbxcantg; \??\C:\WINDOWS\system32\drivers\jbxcantg.sys []}}

^{^{S1 jdaiwyvh;jdaiwyvh; \??\C:\WINDOWS\system32\drivers\jdaiwyvh.sys []}}

^{^{S1 jdkunzzf;jdkunzzf; \??\C:\WINDOWS\system32\drivers\jdkunzzf.sys []}}

^{^{S1 jgehpztq;jgehpztq; \??\C:\WINDOWS\system32\drivers\jgehpztq.sys []}}

^{^{S1 jgocwaps;jgocwaps; \??\C:\WINDOWS\system32\drivers\jgocwaps.sys []}}

^{^{S1 jgsagnyf;jgsagnyf; \??\C:\WINDOWS\system32\drivers\jgsagnyf.sys []}}

^{^{S1 jqvlpjpc;jqvlpjpc; \??\C:\WINDOWS\system32\drivers\jqvlpjpc.sys []}}

^{^{S1 jrszbaop;jrszbaop; \??\C:\WINDOWS\system32\drivers\jrszbaop.sys []}}

^{^{S1 jspygwwm;jspygwwm; \??\C:\WINDOWS\system32\drivers\jspygwwm.sys []}}

^{^{S1 jwwhxzpd;jwwhxzpd; \??\C:\WINDOWS\system32\drivers\jwwhxzpd.sys []}}

^{^{S1 kbffughg;kbffughg; \??\C:\WINDOWS\system32\drivers\kbffughg.sys []}}

^{^{S1 kcelgqok;kcelgqok; \??\C:\WINDOWS\system32\drivers\kcelgqok.sys []}}

^{^{S1 kejapzpu;kejapzpu; \??\C:\WINDOWS\system32\drivers\kejapzpu.sys []}}

^{^{S1 kjscglac;kjscglac; \??\C:\WINDOWS\system32\drivers\kjscglac.sys []}}

^{^{S1 knstnyzn;knstnyzn; \??\C:\WINDOWS\system32\drivers\knstnyzn.sys []}}

^{^{S1 kpniheya;kpniheya; \??\C:\WINDOWS\system32\drivers\kpniheya.sys []}}

^{^{S1 kubhuhgw;kubhuhgw; \??\C:\WINDOWS\system32\drivers\kubhuhgw.sys []}}

^{^{S1 kuvyncog;kuvyncog; \??\C:\WINDOWS\system32\drivers\kuvyncog.sys []}}

^{^{S1 kxbbevua;kxbbevua; \??\C:\WINDOWS\system32\drivers\kxbbevua.sys []}}

^{^{S1 kzrsawjq;kzrsawjq; \??\C:\WINDOWS\system32\drivers\kzrsawjq.sys []}}

^{^{S1 lbvnbgwq;lbvnbgwq; \??\C:\WINDOWS\system32\drivers\lbvnbgwq.sys []}}

^{^{S1 ljnymlxf;ljnymlxf; \??\C:\WINDOWS\system32\drivers\ljnymlxf.sys []}}

^{^{S1 ljvjamza;ljvjamza; \??\C:\WINDOWS\system32\drivers\ljvjamza.sys []}}

^{^{S1 lksgmgml;lksgmgml; \??\C:\WINDOWS\system32\drivers\lksgmgml.sys []}}

^{^{S1 lkttnqvl;lkttnqvl; \??\C:\WINDOWS\system32\drivers\lkttnqvl.sys []}}

^{^{S1 lmgafgpj;lmgafgpj; \??\C:\WINDOWS\system32\drivers\lmgafgpj.sys []}}

^{^{S1 lnvhoifh;lnvhoifh; \??\C:\WINDOWS\system32\drivers\lnvhoifh.sys []}}

^{^{S1 lxhajrha;lxhajrha; \??\C:\WINDOWS\system32\drivers\lxhajrha.sys []}}

^{^{S1 lxkkqpgr;lxkkqpgr; \??\C:\WINDOWS\system32\drivers\lxkkqpgr.sys []}}

^{^{S1 lymrjfms;lymrjfms; \??\C:\WINDOWS\system32\drivers\lymrjfms.sys []}}

^{^{S1 lzjibaav;lzjibaav; \??\C:\WINDOWS\system32\drivers\lzjibaav.sys []}}

^{^{S1 malwljit;malwljit; \??\C:\WINDOWS\system32\drivers\malwljit.sys []}}

^{^{S1 mejddmqd;mejddmqd; \??\C:\WINDOWS\system32\drivers\mejddmqd.sys []}}

^{^{S1 mgclgcdv;mgclgcdv; \??\C:\WINDOWS\system32\drivers\mgclgcdv.sys []}}

^{^{S1 mgwpdzgu;mgwpdzgu; \??\C:\WINDOWS\system32\drivers\mgwpdzgu.sys []}}

^{^{S1 miyusmvt;miyusmvt; \??\C:\WINDOWS\system32\drivers\miyusmvt.sys []}}

^{^{S1 mkusyjit;mkusyjit; \??\C:\WINDOWS\system32\drivers\mkusyjit.sys []}}

^{^{S1 mmmebvxi;mmmebvxi; \??\C:\WINDOWS\system32\drivers\mmmebvxi.sys []}}

^{^{S1 MpKsl0762ee87;MpKsl0762ee87; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D8025E5C-CCD6-45F1-BA7C-3675ED2B1C4D}\MpKsl0762ee87.sys []}}

^{^{S1 MpKsl3d06d771;MpKsl3d06d771; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3C4E3303-B8AF-4019-9540-538501B6504B}\MpKsl3d06d771.sys []}}

^{^{S1 MpKsl8e6f2379;MpKsl8e6f2379; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F241F32-E833-4A87-962C-9E7DEAFA152C}\MpKsl8e6f2379.sys []}}

^{^{S1 mqcyseel;mqcyseel; \??\C:\WINDOWS\system32\drivers\mqcyseel.sys []}}

^{^{S1 mvufivpn;mvufivpn; \??\C:\WINDOWS\system32\drivers\mvufivpn.sys []}}

^{^{S1 mwqcjdau;mwqcjdau; \??\C:\WINDOWS\system32\drivers\mwqcjdau.sys []}}

^{^{S1 mxcfchht;mxcfchht; \??\C:\WINDOWS\system32\drivers\mxcfchht.sys []}}

^{^{S1 nkbxfznp;nkbxfznp; \??\C:\WINDOWS\system32\drivers\nkbxfznp.sys []}}

^{^{S1 nmvwwlpq;nmvwwlpq; \??\C:\WINDOWS\system32\drivers\nmvwwlpq.sys []}}

^{^{S1 nniiorpp;nniiorpp; \??\C:\WINDOWS\system32\drivers\nniiorpp.sys []}}

^{^{S1 npqvxeov;npqvxeov; \??\C:\WINDOWS\system32\drivers\npqvxeov.sys []}}

^{^{S1 nqyshldv;nqyshldv; \??\C:\WINDOWS\system32\drivers\nqyshldv.sys []}}

^{^{S1 nrdtqhgs;nrdtqhgs; \??\C:\WINDOWS\system32\drivers\nrdtqhgs.sys []}}

^{^{S1 nvmknfip;nvmknfip; \??\C:\WINDOWS\system32\drivers\nvmknfip.sys []}}

^{^{S1 nwvhrlxv;nwvhrlxv; \??\C:\WINDOWS\system32\drivers\nwvhrlxv.sys []}}

^{^{S1 oaqbqfya;oaqbqfya; \??\C:\WINDOWS\system32\drivers\oaqbqfya.sys []}}

^{^{S1 ocfijsei;ocfijsei; \??\C:\WINDOWS\system32\drivers\ocfijsei.sys []}}

^{^{S1 odalxqlr;odalxqlr; \??\C:\WINDOWS\system32\drivers\odalxqlr.sys []}}

^{^{S1 ogufzfdx;ogufzfdx; \??\C:\WINDOWS\system32\drivers\ogufzfdx.sys []}}

^{^{S1 okcpiekk;okcpiekk; \??\C:\WINDOWS\system32\drivers\okcpiekk.sys []}}

^{^{S1 oormitbk;oormitbk; \??\C:\WINDOWS\system32\drivers\oormitbk.sys []}}

^{^{S1 opklwhqa;opklwhqa; \??\C:\WINDOWS\system32\drivers\opklwhqa.sys []}}

^{^{S1 osistzol;osistzol; \??\C:\WINDOWS\system32\drivers\osistzol.sys []}}

^{^{S1 oukwvesc;oukwvesc; \??\C:\WINDOWS\system32\drivers\oukwvesc.sys []}}

^{^{S1 ovlgeljj;ovlgeljj; \??\C:\WINDOWS\system32\drivers\ovlgeljj.sys []}}

^{^{S1 ovqsfcyh;ovqsfcyh; \??\C:\WINDOWS\system32\drivers\ovqsfcyh.sys []}}

^{^{S1 owzkbwkd;owzkbwkd; \??\C:\WINDOWS\system32\drivers\owzkbwkd.sys []}}

^{^{S1 oxeowycq;oxeowycq; \??\C:\WINDOWS\system32\drivers\oxeowycq.sys []}}

^{^{S1 pbhskxyo;pbhskxyo; \??\C:\WINDOWS\system32\drivers\pbhskxyo.sys []}}

^{^{S1 pbtvvesr;pbtvvesr; \??\C:\WINDOWS\system32\drivers\pbtvvesr.sys []}}

^{^{S1 pclbkmtr;pclbkmtr; \??\C:\WINDOWS\system32\drivers\pclbkmtr.sys []}}

^{^{S1 piaqqqnm;piaqqqnm; \??\C:\WINDOWS\system32\drivers\piaqqqnm.sys []}}

^{^{S1 piffbubo;piffbubo; \??\C:\WINDOWS\system32\drivers\piffbubo.sys []}}

^{^{S1 pklzvqbw;pklzvqbw; \??\C:\WINDOWS\system32\drivers\pklzvqbw.sys []}}

^{^{S1 pofnfzar;pofnfzar; \??\C:\WINDOWS\system32\drivers\pofnfzar.sys []}}

^{^{S1 powfqwyp;powfqwyp; \??\C:\WINDOWS\system32\drivers\powfqwyp.sys []}}

^{^{S1 qaevwfhf;qaevwfhf; \??\C:\WINDOWS\system32\drivers\qaevwfhf.sys []}}

^{^{S1 qauxgqdm;qauxgqdm; \??\C:\WINDOWS\system32\drivers\qauxgqdm.sys []}}

^{^{S1 qbygnaas;qbygnaas; \??\C:\WINDOWS\system32\drivers\qbygnaas.sys []}}

^{^{S1 qcmxdffb;qcmxdffb; \??\C:\WINDOWS\system32\drivers\qcmxdffb.sys []}}

^{^{S1 qcqjeqdq;qcqjeqdq; \??\C:\WINDOWS\system32\drivers\qcqjeqdq.sys []}}

^{^{S1 qiwpvqvv;qiwpvqvv; \??\C:\WINDOWS\system32\drivers\qiwpvqvv.sys []}}

^{^{S1 qkifmafw;qkifmafw; \??\C:\WINDOWS\system32\drivers\qkifmafw.sys []}}

^{^{S1 qknobraq;qknobraq; \??\C:\WINDOWS\system32\drivers\qknobraq.sys []}}

^{^{S1 qkqgzybe;qkqgzybe; \??\C:\WINDOWS\system32\drivers\qkqgzybe.sys []}}

^{^{S1 qrkhkyga;qrkhkyga; \??\C:\WINDOWS\system32\drivers\qrkhkyga.sys []}}

^{^{S1 qxizbcmn;qxizbcmn; \??\C:\WINDOWS\system32\drivers\qxizbcmn.sys []}}

^{^{S1 qzchegrv;qzchegrv; \??\C:\WINDOWS\system32\drivers\qzchegrv.sys []}}

^{^{S1 rfvwjhzg;rfvwjhzg; \??\C:\WINDOWS\system32\drivers\rfvwjhzg.sys []}}

^{^{S1 rgsodgxl;rgsodgxl; \??\C:\WINDOWS\system32\drivers\rgsodgxl.sys []}}

^{^{S1 rickzjui;rickzjui; \??\C:\WINDOWS\system32\drivers\rickzjui.sys []}}

^{^{S1 riymkghf;riymkghf; \??\C:\WINDOWS\system32\drivers\riymkghf.sys []}}

^{^{S1 rkgfdmcu;rkgfdmcu; \??\C:\WINDOWS\system32\drivers\rkgfdmcu.sys []}}

^{^{S1 rkhlvtdu;rkhlvtdu; \??\C:\WINDOWS\system32\drivers\rkhlvtdu.sys []}}

^{^{S1 rllzwdom;rllzwdom; \??\C:\WINDOWS\system32\drivers\rllzwdom.sys []}}

^{^{S1 rtfvhdyj;rtfvhdyj; \??\C:\WINDOWS\system32\drivers\rtfvhdyj.sys []}}

^{^{S1 rvcqiljy;rvcqiljy; \??\C:\WINDOWS\system32\drivers\rvcqiljy.sys []}}

^{^{S1 sbogkmqy;sbogkmqy; \??\C:\WINDOWS\system32\drivers\sbogkmqy.sys []}}

^{^{S1 sciusoqx;sciusoqx; \??\C:\WINDOWS\system32\drivers\sciusoqx.sys []}}

^{^{S1 seamfbcm;seamfbcm; \??\C:\WINDOWS\system32\drivers\seamfbcm.sys []}}

^{^{S1 serkedpa;serkedpa; \??\C:\WINDOWS\system32\drivers\serkedpa.sys []}}

^{^{S1 shxvkpip;shxvkpip; \??\C:\WINDOWS\system32\drivers\shxvkpip.sys []}}

^{^{S1 sknlpefx;sknlpefx; \??\C:\WINDOWS\system32\drivers\sknlpefx.sys []}}

^{^{S1 ssqrwrok;ssqrwrok; \??\C:\WINDOWS\system32\drivers\ssqrwrok.sys []}}

^{^{S1 suxvpivr;suxvpivr; \??\C:\WINDOWS\system32\drivers\suxvpivr.sys []}}

^{^{S1 svginnnl;svginnnl; \??\C:\WINDOWS\system32\drivers\svginnnl.sys []}}

^{^{S1 tdnlnlxe;tdnlnlxe; \??\C:\WINDOWS\system32\drivers\tdnlnlxe.sys []}}

^{^{S1 tjmmuhwj;tjmmuhwj; \??\C:\WINDOWS\system32\drivers\tjmmuhwj.sys []}}

^{^{S1 tnenwtug;tnenwtug; \??\C:\WINDOWS\system32\drivers\tnenwtug.sys []}}

^{^{S1 tnwzkbgu;tnwzkbgu; \??\C:\WINDOWS\system32\drivers\tnwzkbgu.sys []}}

^{^{S1 tqgsyrfz;tqgsyrfz; \??\C:\WINDOWS\system32\drivers\tqgsyrfz.sys []}}

^{^{S1 tqwjsaxg;tqwjsaxg; \??\C:\WINDOWS\system32\drivers\tqwjsaxg.sys []}}

^{^{S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2006-11-22 327168]}}

^{^{S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2006-11-22 100096]}}

^{^{S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]}}

^{^{S3 catchme;catchme; \??\C:\DOCUME~1\Mike\LOCALS~1\Temp\catchme.sys []}}

^{^{S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]}}

^{^{S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []}}

^{^{S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []}}

^{^{S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-12-17 51120]}}

^{^{S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-12-17 16496]}}

^{^{S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-12-17 21744]}}

^{^{S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2010-12-13 30576]}}

^{^{S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]}}

^{^{S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]}}

^{^{S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]}}

^{^{S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]}}

^{^{S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]}}

^{^{S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]}}

^{^{S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]}}

^{^{======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======}}

^{^{R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]}}

^{^{R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]}}

^{^{R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]}}

^{^{R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-05-24 647168]}}

^{^{R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]}}

^{^{R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]}}

^{^{R2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-04-22 25824]}}

^{^{R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-12-13 135536]}}

^{^{R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-12-21 75136]}}

^{^{R2 SeagateDashboardService;Seagate Dashboard Service; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]}}

^{^{R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 821608]}}

^{^{S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-07-31 593920]}}

^{^{S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]}}

^{^{S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-06 194104]}}

^{^{S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]}}

^{^{S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]}}

^{^{S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]}}

^{^{S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]}}

^{^{S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]}}

^{^{S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]}}

^{^{S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []}}

^{^{S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]}}

^{^{S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]}}

tenuglymen · July 20, 2012

Hello - IE keeps crashing when i try to run Bitdefender.

Here is the text file from item 6,

RogueKiller V7.6.4 [07/17/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Mike [Admin rights]

Mode: Scan -- Date: 07/20/2012 19:53:33

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xBA68F51C)

SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xBA68F4D6)

SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xBA68F526)

SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xBA68F4CC)

SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xBA68F4DB)

SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xBA68F4E5)

SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xBA68F517)

SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xBA68F4EA)

SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xBA68F4B8)

SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xBA68F4BD)

SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xBA68F53F)

SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xBA68F4F4)

SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xBA68F530)

SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xBA68F4EF)

SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xBA68F52B)

SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xBA68F535)

SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xBA68F4E0)

SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xBA68F53A)

SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xBA68F4C7)

S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xBA68F54E)

S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xBA68F553)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAKS-00B3A0 +++++

--- User ---

[MBR] d3c1cb009894692c1feccc2ba5620442

[bSP] 77c86a332690e0fe94a4cc5d83d97c0a : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Maurice Naggar · July 21, 2012

It is imperative that you de-install (remove) BittorrentDNA and that you confirm that for me in your reply! and also remove any other peer-to-peer filesharing program.

Filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

#2

You have Avira antivirus as your active antivirus program. This pc also has MS Security Essentials. Having two installed a-v programs will cause conflicts. Use Control Panel >> Add-or-Remove Programs

Remove MS Security Essentials.

Then logoff and do a fresh Restart of Windows. :excl:

Confirm that for me in your reply.

#3

Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Please disconnect any USB or external drives from the computer before you run this scan!
Right-Click RogueKiller and select Run as Administrator.
Wait until Prescan finishes.
On the RogueKiller console, click the Registry tab.
Then press the Delete button.
When done, logoff & Restart the system.
The log will be found as RKreport
Copy & Paste the contents into next reply.

#4

Let's forget the BitDefender scan for the time being.

tenuglymen · July 22, 2012

Hello and thanks again for your help.

1. Somthing is up with DNA - I removed it from Control Panel - add/remove programs but i still see it in my program files and I tried deleting it and got and error saying that Cannot delete BTNA access is denied.

2. I removed MS Security Essentials

3. Getting RK Report after I log off

tenuglymen · July 22, 2012

_{Here is the report from Roguekiller:}

_{RogueKiller V7.6.4 [07/17/2012] by Tigzy}

_{mail: tigzyRK<at>gmail<dot>com}

_Feedback:_{http://www.geekstogo...13-roguekiller/}

_Blog:_{http://tigzyrk.blogspot.com}

_{Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version}

_{Started in : Normal mode}

_{User: Mike [Admin rights]}

_{Mode: Scan -- Date: 07/22/2012 07:11:19}

_{¤¤¤ Bad processes: 0 ¤¤¤}

_{¤¤¤ Registry Entries: 0 ¤¤¤}

_{¤¤¤ Particular Files / Folders: ¤¤¤}

_{[Faked.Drv][FAKED] ati2mtag.sys : c:\windows\system32\drivers\ati2mtag.sys --> CANNOT FIX}

_{[Faked.Drv][FAKED] Hdaudio.sys : c:\windows\system32\drivers\Hdaudio.sys --> CANNOT FIX}

_{[Faked.Drv][FAKED] rndismpx.sys : c:\windows\system32\drivers\rndismpx.sys --> CANNOT FIX}

_{[Faked.Drv][FAKED] RtkHDAud.sys : c:\windows\system32\drivers\RtkHDAud.sys --> CANNOT FIX}

_{¤¤¤ Driver: [LOADED] ¤¤¤}

_{SSDT[25] : NtClose @ 0x805BC538 -> HOOKED (Unknown @ 0xBA6DB1D4)}

_{SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (Unknown @ 0xBA6DB18E)}

_{SSDT[50] : NtCreateSection @ 0x805AB3D0 -> HOOKED (Unknown @ 0xBA6DB1DE)}

_{SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0xBA6DB184)}

_{SSDT[63] : NtDeleteKey @ 0x80624472 -> HOOKED (Unknown @ 0xBA6DB193)}

_{SSDT[65] : NtDeleteValueKey @ 0x80624642 -> HOOKED (Unknown @ 0xBA6DB19D)}

_{SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0xBA6DB1CF)}

_{SSDT[98] : NtLoadKey @ 0x806261FA -> HOOKED (Unknown @ 0xBA6DB1A2)}

_{SSDT[122] : NtOpenProcess @ 0x805CB456 -> HOOKED (Unknown @ 0xBA6DB170)}

_{SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0xBA6DB175)}

_{SSDT[177] : NtQueryValueKey @ 0x806221FA -> HOOKED (Unknown @ 0xBA6DB1F7)}

_{SSDT[193] : NtReplaceKey @ 0x806260AA -> HOOKED (Unknown @ 0xBA6DB1AC)}

_{SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D7E -> HOOKED (Unknown @ 0xBA6DB1E8)}

_{SSDT[204] : NtRestoreKey @ 0x806259B6 -> HOOKED (Unknown @ 0xBA6DB1A7)}

_{SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0xBA6DB1E3)}

_{SSDT[237] : NtSetSecurityObject @ 0x805C0636 -> HOOKED (Unknown @ 0xBA6DB1ED)}

_{SSDT[247] : NtSetValueKey @ 0x80622548 -> HOOKED (Unknown @ 0xBA6DB198)}

_{SSDT[255] : NtSystemDebugControl @ 0x80617FAA -> HOOKED (Unknown @ 0xBA6DB1F2)}

_{SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (Unknown @ 0xBA6DB17F)}

_{S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xBA6DB206)}

_{S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xBA6DB20B)}

_{¤¤¤ Infection : ¤¤¤}

_{¤¤¤ HOSTS File: ¤¤¤}

_{127.0.0.1 localhost}

_{¤¤¤ MBR Check: ¤¤¤}

_{+++++ PhysicalDrive0: WDC WD3200AAKS-00B3A0 +++++}

_{--- User ---}

_{[MBR] d3c1cb009894692c1feccc2ba5620442}

_{[bSP] 77c86a332690e0fe94a4cc5d83d97c0a : Windows XP MBR Code}

_{Partition table:}

_{0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo}

_{User = LL1 ... OK!}

_{User = LL2 ... OK!}

_{Finished : << RKreport[4].txt >>}

_{RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt}

Edited July 22, 2012 by Maurice Naggar

tenuglymen · July 22, 2012

^{FTI - I am now getting the Windows Secuirty Alert red shield in the bottom tray which I believe is a fake?}

Maurice Naggar · July 22, 2012

Do as much as possible of the following:

1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

2

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on Combo-Fix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. :excl:

-------------------------------------------------------

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

When all finished, RE-Enable your AntiVirus and AntiSpyware applications. :excl:

tenuglymen · July 22, 2012

Hello - i just ran comboFix and it is preparing log report and is just hanging. I believe it isn't completing the report becasue the red shield has the baloon above it saying "your computer may be at risk, your antivrus .............Click this baloon".

Any ideas on how I should proceed?

tenuglymen · July 22, 2012

Hello - below is the ComboFix report. I had to send it in 2 seperate posts because of its length,

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]

"Steam"="c:\program files\steam\steam.exe" [2012-07-22 1242448]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-30 39408]

"BitTorrent DNA"="c:\program files\DNA\btdna .exe" [2009-11-13 323392]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2007-09-11 16844800]

"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2008-04-14 208896]

"Memeo Instant Backup"="c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe" [2010-04-23 136416]

"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]

"Tt eSPORTS BLACK Gaming Mouse"="c:\program files\Thermaltake\Tt eSPORTS BLACK\Black.exe" [2011-01-06 13346600]

"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-02 348624]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-05-24 98304]

"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [N/A]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]

"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]

"SunJavaUpdateSched"="c:\program files\Java\jre7\bin\jusched.exe" [N/A]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\USArmy\\America's Army 3\\Binaries\\AA3Game.exe"=

"c:\\Documents and Settings\\Mike\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=

"c:\\Program Files\\DNA\\btdna .exe"=

"c:\\Program Files\\Steam\\Steam.exe"=

"c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\battlefield bad company 2\\BFBC2Game.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\battlefield bad company 2\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=

"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\borderlands\\Binaries\\Borderlands.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\orcs must die!\\Build\\release\\OrcsMustDie.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\dead island\\DeadIslandGame.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\red orchestra 2\\Binaries\\Win32\\ROGame.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\Just Cause 2\\JustCause2.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\BioShock 2\\SP\\Builds\\Binaries\\Bioshock2Launcher.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\BioShock 2\\MP\\Builds\\Binaries\\Bioshock2Launcher.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\bioshock\\Builds\\Release\\Bioshock.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\portal 2\\portal2.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\dungeon defenders\\Binaries\\Win32\\DungeonDefenders.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\killingfloor\\System\\KillingFloor.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\specops_theline\\Binaries\\Win32\\SpecOpsTheLine.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\Seagate\\Seagate Dashboard\\HipServAgent\\HipServAgent.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\bin\\SDKLauncher.exe"=

tenuglymen · July 22, 2012

Second part of ComboFix report:

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [5/29/2012 7:21 AM 36000]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/29/2012 7:21 AM 86224]

R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [4/22/2010 8:33 PM 25824]

R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [6/1/2011 12:42 PM 14088]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [7/4/2012 8:51 AM 103040]

R3 Thermnaltake MS1 Filter;Thermnaltake MS1 Filter;c:\windows\system32\drivers\MS1Filter.sys [12/1/2011 7:48 AM 31360]