Jump to content

Desktop icons gone -- folders and files gone in folder


Recommended Posts

Hello etamoss and welcome to MalwareBytes forums.

What is the version of Windows on this system?

What "update" is involved?

Do you see a taskbar after Windows is loaded?

Details are needed so that I can understand what the situation is.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Step 2

Download DDS and save it to your desktop from http://download.bleepingcomputer.com/sUBs/dds.com here

or http://download.bleepingcomputer.com/sUBs/dds.scr or

http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

Then double click dds.scr to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Link to post
Share on other sites

Two files attached

Rkill 2.4.5 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/04/2013 12:43:57 PM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/04/2013 12:45:13 PM

Execution time: 0 hours(s), 1 minute(s), and 16 seconds(s)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6000.17115 BrowserJavaVersion: 10.9.2

Run by Mark at 12:46:29 on 2013-01-04

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3037.1901 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Disabled*

.

============== Running Processes ================

.

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Synology\Assistant\UsbClientService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Dell\DellDock\DellDock.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

C:\Program Files\BUFFALO\NASNAVI\nassche.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Program Files\Synology\Assistant\DSAssistant.exe

C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgr.exe

C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\PROGRA~1\Intuit\QUICKB~1\dbextclr11.exe

C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.live.com

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120627111946.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [AdobeBridge] <no file>

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [Desktop Disc Tool] "c:\program files\roxio\roxio burn\RoxioBurnLauncher.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\docume~1\mark\startm~1\programs\startup\buffal~1.lnk - c:\program files\buffalo\nasnavi\NasNavi.exe

StartupFolder: c:\docume~1\mark\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe

StartupFolder: c:\docume~1\mark\startm~1\programs\startup\nassch~1.lnk - c:\program files\buffalo\nasnavi\nassche.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2011\QBW32.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{D7522808-F9B6-49CD-85A3-814533D3A0A4} : DHCPNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - c:\program files\intuit\quickbooks 2011\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\mark\application data\mozilla\firefox\profiles\g3lri5gy.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - ExtSQL: 2012-12-06 12:45; amznUWL2@amazon.com; c:\documents and settings\mark\application data\mozilla\firefox\profiles\g3lri5gy.default\extensions\amznUWL2@amazon.com.xpi

FF - ExtSQL: !HIDDEN! 2010-03-02 13:33; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-28 565352]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-8-28 91168]

R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-28 167784]

R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-28 203400]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-28 168880]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-28 167344]

R2 NasPmService;NAS PM Service;c:\program files\buffalo\nasnavi\nassvc.exe -service_execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 --> c:\program files\buffalo\nasnavi\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 [?]

R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2012-3-9 1248256]

R2 UsbClientService;UsbClientService;c:\program files\synology\assistant\UsbClientService.exe [2011-2-18 245760]

R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [2011-2-18 46304]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-28 60480]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-28 234824]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-28 65488]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-28 362640]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-13 84432]

S2 0151451356539822mcinstcleanup;McAfee Application Installer Cleanup (0151451356539822);c:\windows\temp\015145~1.exe -cleanup -nolog --> c:\windows\temp\015145~1.EXE -cleanup -nolog [?]

S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?]

S3 cpuz134;cpuz134;\??\c:\docume~1\mark\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\mark\locals~1\temp\cpuz134\cpuz134_x32.sys [?]

S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-10-27 146872]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-13 84432]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-28 92192]

S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2009-6-26 1124848]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs5\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2013-01-03 19:28:47 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-01-03 19:28:47 -------- d-----w- c:\windows\system32\wbem\Repository

2012-12-13 23:19:07 84432 ----a-w- c:\windows\system32\drivers\mfendisk.sys

2012-12-13 17:20:31 73696 ----a-w- c:\program files\mozilla firefox\updated\breakpadinjector.dll

2012-12-13 17:20:31 261600 ----a-w- c:\program files\mozilla firefox\updated\components\browsercomps.dll

2012-12-13 17:20:31 18912 ----a-w- c:\program files\mozilla firefox\updated\AccessibleMarshal.dll

.

==================== Find3M ====================

.

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-12 19:09:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-12 19:09:40 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-13 11:20:36 1875456 ----a-w- c:\windows\system32\win32k.sys

2012-11-09 11:56:16 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys

2012-11-09 11:53:02 91168 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys

2012-11-09 11:52:22 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2012-11-09 11:52:12 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2012-11-09 11:51:12 565352 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2012-11-09 11:50:20 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2012-11-09 11:50:00 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2012-11-09 11:49:40 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2012-11-09 11:49:10 132912 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 03:30:04 832512 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 03:30:04 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-11-01 03:30:04 1830912 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 03:30:04 17408 ----a-w- c:\windows\system32\corpol.dll

.

============= FINISH: 12:47:44.98 ===============

Link to post
Share on other sites

Hello etamos,

From this point & forward, please do NOT attach logs. Use Notepad to open a report, COPY All, then Paste directly into main-body of reply box.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Mark at 2013-01-05 14:52:59

Microsoft Windows XP Professional Service Pack 3

System drive C: has 538 GB (90%) free of 600 GB

Total RAM: 3037 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:53:30 PM, on 1/5/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17115)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Synology\Assistant\UsbClientService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Dell\DellDock\DellDock.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

C:\Program Files\BUFFALO\NASNAVI\nassche.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Program Files\Synology\Assistant\DSAssistant.exe

C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\McAfee\VirusScan\mcods.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\Mark\Desktop\RSIT.exe

C:\Program Files\trend micro\Mark.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s%s

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Startup: BUFFALO NAS Navigator2.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE

O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe

O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll

O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: McAfee Application Installer Cleanup (0151451356539822) (0151451356539822mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\015145~1.EXE (file missing)

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: NAS PM Service (NasPmService) - BUFFALO INC. - C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: SessionLauncher - Unknown owner - c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe

--

End of file - 13778 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Blanca.job

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Mark.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011Core.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011UA.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012Core.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default

prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.4"

prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=mcafee&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{000a9d1c-beef-4f90-9363-039d445309b8}"=C:\Program Files\Google\Google Gears\Firefox\

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor

"{D19CA586-DD6C-4a0a-96F8-14644F340D60}"=C:\Program Files\Common Files\McAfee\SystemCore

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.5.502.135 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]

"Description"=McAfee Total Protection MIME Plugin

"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]

"Description"=

"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

npCouponPrinter.xpt

Scriptff.dll

C:\Program Files\Mozilla Firefox\plugins\

npCouponPrinter.dll

npMozCouponPrinter.dll

nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

McSiteAdvisor.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\

{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]

McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]

scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll [2012-05-25 79776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]

Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-04 18084864]

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-03-04 57344]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-04 150040]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-04 178712]

"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-04 150040]

"Dell DataSafe Online"=C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [2009-07-07 1779952]

"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-02-04 128232]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2012-09-12 1278648]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

"Desktop Disc Tool"=C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2009-12-15 498160]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]

"Intuit SyncManager"=C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [2012-10-08 2643320]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"AdobeBridge"= []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Intuit Data Protect.lnk - C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

QuickBooks_Standard_21.lnk - C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Mark\Start Menu\Programs\Startup

BUFFALO NAS Navigator2.lnk - C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe

ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

NAS Scheduler.lnk - C:\Program Files\BUFFALO\NASNAVI\nassche.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2009-03-04 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"

"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"

"C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe"="C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2"

"C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe"="C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager"

"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"

"C:\Program Files\Synology\Assistant\DSAssistant.exe"="C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"msacm.siren"=sirenacm.dll

======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2013-01-05 14:53:00 ----D---- C:\Program Files\trend micro

2013-01-05 14:52:59 ----D---- C:\rsit

2013-01-05 14:52:00 ----D---- C:\WINDOWS\ERDNT

2013-01-05 14:50:00 ----D---- C:\Program Files\ERUNT

2013-01-03 14:36:14 ----D---- C:\WINDOWS\LastGood

2012-12-21 03:02:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$

2012-12-13 18:19:07 ----A---- C:\WINDOWS\system32\drivers\mfendisk.sys

2012-12-12 03:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$

2012-12-12 03:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$

2012-12-12 03:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$

2012-12-12 03:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$

2012-12-12 03:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$

======List of files/folders modified in the last 1 month======

2013-01-05 14:53:35 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-01-05 14:53:32 ----D---- C:\WINDOWS\Temp

2013-01-05 14:53:15 ----D---- C:\WINDOWS\Prefetch

2013-01-05 14:53:00 ----RD---- C:\Program Files

2013-01-05 14:52:00 ----AD---- C:\WINDOWS

2013-01-05 10:36:29 ----D---- C:\WINDOWS\system32\CatRoot

2013-01-05 10:35:09 ----HD---- C:\WINDOWS\inf

2013-01-04 16:02:42 ----RSD---- C:\WINDOWS\Fonts

2013-01-04 15:44:19 ----D---- C:\Documents and Settings\Mark\Application Data\FileZilla

2013-01-04 13:54:15 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-01-03 14:36:07 ----D---- C:\WINDOWS\system32\CatRoot2

2013-01-03 14:33:20 ----D---- C:\Documents and Settings

2013-01-03 14:29:14 ----D---- C:\WINDOWS\system32\config

2013-01-03 14:28:48 ----D---- C:\WINDOWS\system32\wbem

2013-01-03 14:28:47 ----D---- C:\WINDOWS\Registration

2013-01-03 14:24:22 ----D---- C:\WINDOWS\system32\Restore

2013-01-02 16:39:34 ----AD---- C:\WINDOWS\system32

2012-12-28 10:32:47 ----D---- C:\Program Files\Adobe

2012-12-27 14:11:28 ----SHD---- C:\WINDOWS\Installer

2012-12-27 14:11:18 ----A---- C:\WINDOWS\OEWABLog.txt

2012-12-26 12:37:11 ----D---- C:\Program Files\Mozilla Firefox

2012-12-21 09:20:20 ----D---- C:\Program Files\Mozilla Maintenance Service

2012-12-21 03:01:15 ----HD---- C:\WINDOWS\$hf_mig$

2012-12-20 15:57:13 ----D---- C:\Program Files\Common Files\McAfee

2012-12-16 07:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll

2012-12-13 18:19:07 ----D---- C:\WINDOWS\system32\drivers

2012-12-12 14:09:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2012-12-12 03:06:42 ----A---- C:\WINDOWS\imsins.BAK

2012-12-12 03:06:16 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2012-12-12 03:05:31 ----D---- C:\WINDOWS\system32\en-US

2012-12-12 03:05:31 ----D---- C:\Program Files\Internet Explorer

2012-12-12 03:05:20 ----D---- C:\WINDOWS\ie7updates

2012-12-12 03:00:39 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2012-11-09 565352]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-07-09 45200]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]

R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]

R1 mfetdi2k;McAfee Inc. mfetdi2k; C:\WINDOWS\system32\drivers\mfetdi2k.sys [2012-11-09 91168]

R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]

R3 busenum;Synology Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\busenum.sys [2011-02-18 46304]

R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2012-11-09 60480]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]

R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-04 6048768]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-04 5027840]

R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2012-11-09 132912]

R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2012-11-09 234824]

R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2012-11-09 65488]

R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2012-11-09 362640]

R3 mfendiskmp;mfendiskmp; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-11-09 84432]

R3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2012-11-09 92192]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-04 117888]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

S3 cpuz134;cpuz134; \??\C:\DOCUME~1\Mark\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys []

S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-04-20 146872]

S3 mbr;mbr; \??\C:\DOCUME~1\Mark\LOCALS~1\Temp\mbr.sys []

S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys []

S3 mfendisk;McAfee Core NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-11-09 84432]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]

S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]

S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]

S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]

S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2009-06-26 57328]

S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]

S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-11 30312]

R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-24 161768]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-11-09 203400]

R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 168880]

R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-11-09 167344]

R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 NasPmService;NAS PM Service; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [2008-07-11 251184]

R2 QBCFMonitorService;QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [2012-10-24 45056]

R2 QBVSS;QBIDPService; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-03-09 1248256]

R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]

R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2011-02-18 245760]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]

R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

R3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2012-11-16 279048]

S2 0151451356539822mcinstcleanup;McAfee Application Installer Cleanup (0151451356539822); C:\WINDOWS\TEMP\015145~1.EXE -cleanup -nolog []

S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]

S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-23 136176]

S2 SessionLauncher;SessionLauncher; c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-04 655624]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-23 136176]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 LPDSVC;TCP/IP Print Server; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-30 115168]

S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 QBFCService;Intuit QuickBooks FCS; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [2009-07-23 61440]

S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]

S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Link to post
Share on other sites

info.txt logfile of random's system information tool 1.09 2013-01-05 14:53:41

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}

Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}

Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}

Adobe Community Help-->msiexec /qb /x {A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}

Adobe Community Help-->MsiExec.exe /I{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}

Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}

Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}

Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}

Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}

Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain plugin

Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}

Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}

Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1

Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}

Adobe Photoshop Lightroom 2.7-->MsiExec.exe /I{B0513493-04B9-4F21-B4AB-83E750D54256}

Adobe Reader 9.5.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001}

Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Allied Color Labs' Digital Studio v5 5-->C:\Program Files\LabPrints\Allied Color Labs' Digital Studio v5\uninstall.exe

Bing Bar-->MsiExec.exe /X{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}

BUFFALO LinkStation(LX-WXL) Setup Guide-->C:\WINDOWS\UN090928.EXE /U

BUFFALO NAS Navigator2-->C:\WINDOWS\UN060501.EXE /U

Business Contact Manager for Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {B32C4059-6E7A-41EF-AD20-56DF1872B923}

Business Contact Manager for Outlook 2007 SP2-->MsiExec.exe /X{B32C4059-6E7A-41EF-AD20-56DF1872B923}

Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}

Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"

Dell DataSafe Online-->MsiExec.exe /X{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}

Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}

DirectXInstallService-->MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75}

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

FileZilla Client 3.6.0.2-->C:\Program Files\FileZilla FTP Client\uninstall.exe

Full Color's Digital Studio v5 5-->C:\Program Files\LabPrints\Full Color's Digital Studio v5\uninstall.exe

Google Gears-->MsiExec.exe /I{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall

Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}

Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}

kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}

McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"

McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall

MCL-Modern Image's Digital Studio v5 5-->C:\Program Files\LabPrints\MCL-Modern Image's Digital Studio v5\uninstall.exe

Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB2698023)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2698023\M2698023Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}

Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Small Business 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SMALLBUSINESSR /dll OSETUP.DLL

Microsoft Office Small Business 2007-->MsiExec.exe /X{91120000-00CA-0000-0000-0000000FF1CE}

Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}

Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove

Microsoft SQL Server Native Client-->MsiExec.exe /I{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}

Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual Studio 2005 Tools for Office Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe

Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}

Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}

Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}

Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}

Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

PowerDVD DX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x9 -cluninstall

Production Studio v5 5.0-->C:\Program Files\LabPrints\Production Studio v5\uninstall.exe

QuickBooks Pro 2011-->msiexec.exe /I {1D70AABC-CB59-4700-A708-EA56D1CA07B0} UNIQUE_NAME="pro" QBFULLNAME="QuickBooks Pro 2011" ADDREMOVE=1 QB_IS_SUBSCRIPTION=0

QuickBooks-->MsiExec.exe /I{1D70AABC-CB59-4700-A708-EA56D1CA07B0}

RedCart Desktop 1.3.4-->msiexec /qb /x {057A0C9D-5543-581B-612E-D87288AC113C}

RedCart Desktop 1.3.4-->MsiExec.exe /I{057A0C9D-5543-581B-612E-D87288AC113C}

Reimage Repair-->C:\Program Files\Reimage\Reimage Repair\uninst.exe

Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}

Roxio Burn-->C:\Documents and Settings\All Users\Application Data\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe /x {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}

Roxio Burn-->MsiExec.exe /I{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}

Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}

Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}

Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}

Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}

Roxio Easy CD and DVD Burning-->C:\Documents and Settings\All Users\Application Data\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}

Roxio Easy CD and DVD Burning-->MsiExec.exe /I{612B5D2E-8084-4102-91DE-24281E4EFB2C}

Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}

Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7}

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2722913)-->"C:\WINDOWS\ie7updates\KB2722913-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2744842)-->"C:\WINDOWS\ie7updates\KB2744842-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2761465)-->"C:\WINDOWS\ie7updates\KB2761465-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"

Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Shared C Run-time for x86-->MsiExec.exe /I{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}

Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

Synology Assistant (remove only)-->C:\Program Files\Synology\Assistant\Uninstall.exe

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {ED38F8A3-4F61-494E-8BCA-E3AC7760C924}

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {5DB2894C-2DA4-4DEF-A051-795AE799964A}

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition-->msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {2F2E7045-D922-4BF4-8F87-1583B61D1D6E}

Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"

Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"

Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"

Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"

Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}

Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}

Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}

Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}

Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}

Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}

Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"

Xerox Support Centre-->C:\Program Files\Xerox\Support Centre\supportuninstall.exe

======Security center information======

AV: McAfee Anti-Virus and Anti-Spyware

FW: McAfee Firewall

======System event log======

Computer Name: PRINTER

Event Code: 64008

Message: The protected system file c:\windows\system32\batmeter.dll could not be verified as valid because Windows

File Protection is terminating.

Use the SFC utility to verify the integrity of the file at a later time.

Record Number: 56032

Source Name: Windows File Protection

Time Written: 20121212032224.000000-300

Event Type: warning

User:

Computer Name: PRINTER

Event Code: 1073

Message: The attempt to reboot PRINTER failed

Record Number: 56031

Source Name: USER32

Time Written: 20121212032210.000000-300

Event Type: warning

User: NT AUTHORITY\SYSTEM

Computer Name: PRINTER

Event Code: 36

Message: The time service has not been able to synchronize the system time

for 49152 seconds because none of the time providers has been able to

provide a usable time stamp. The system clock is unsynchronized.

Record Number: 55993

Source Name: W32Time

Time Written: 20121212000319.000000-300

Event Type: warning

User:

Computer Name: PRINTER

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 55911

Source Name: Tcpip

Time Written: 20121211124113.000000-300

Event Type: warning

User:

Computer Name: PRINTER

Event Code: 1073

Message: The attempt to unknown PRINTER failed

Record Number: 55907

Source Name: USER32

Time Written: 20121211111611.000000-300

Event Type: warning

User: PRINTER\Blanca

=====Application event log=====

Computer Name: PRINTER

Event Code: 4

Message: An unexpected error has occured in "QuickBooks Pro 2011":

DB-82 Error: -816 ErrorMessage:'Specified database file already in use'

Record Number: 15780

Source Name: QuickBooks

Time Written: 20120918112159.000000-240

Event Type: error

User:

Computer Name: PRINTER

Event Code: 3013

Message: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:

A device attached to the system is not functioning. (0x8007001f)

Record Number: 15772

Source Name: Windows Search Service

Time Written: 20120917200235.000000-240

Event Type: error

User:

Computer Name: PRINTER

Event Code: 3013

Message: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:

A device attached to the system is not functioning. (0x8007001f)

Record Number: 15771

Source Name: Windows Search Service

Time Written: 20120917200235.000000-240

Event Type: error

User:

Computer Name: PRINTER

Event Code: 1002

Message: Hanging application Photoshop.exe, version 11.0.2.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 15766

Source Name: Application Hang

Time Written: 20120917103134.000000-240

Event Type: error

User:

Computer Name: PRINTER

Event Code: 3013

Message: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:

A device attached to the system is not functioning. (0x8007001f)

Record Number: 15735

Source Name: Windows Search Service

Time Written: 20120915073332.000000-240

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Common Files\Intuit\QBPOSSDKRuntime

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"NUMBER_OF_PROCESSORS"=4

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\

"EMC_AUTOPLAY"=c:\Program Files\Common Files\Roxio Shared\

-----------------EOF-----------------

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.56

Windows XP Service Pack 3 x86

Internet Explorer 7 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

McAfee Anti-Virus and Anti-Spyware

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Java 6 Update 16

Java 7 Update 9

Adobe Flash Player 11.5.502.135

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox (17.0.1)

````````Process Check: objlist.exe by Laurent````````

McAfee VirusScan mcods.exe

Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link to post
Share on other sites

QuickScan 32-bit v0.9.9.118

---------------------------

Scan date: Sat Jan 05 15:00:07 2013

Machine ID: BC9457DE

No infection found.

-------------------

Processes

---------

AAM Updates Notifier Application 4308 C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

Bing Bar 10316 C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE

Bing Bar 12152 C:\Program Files\Microsoft\BingBar\7.1.391.0\BingApp.exe

Bing Bar 12204 C:\Program Files\Microsoft\BingBar\7.1.391.0\BingBar.exe

Bing Bar 10260 C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe

Bing Bar 10476 C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe

Bing Bar 10572 C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe

Bing Bar 3764 C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE

Cyberlink PowerDVD 2860 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

DataSafeOnline 2144 C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

Dell Dock 3212 C:\Program Files\Dell\DellDock\DellDock.exe

Dock Login Service 1540 C:\Program Files\Dell\DellDock\DockLogin.exe

DSAssistant.exe 2408 C:\Program Files\Synology\Assistant\DSAssistant.exe

Google Update 848 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

Intel® Common User Interface 4052 C:\WINDOWS\system32\hkcmd.exe

Intel® Common User Interface 3432 C:\WINDOWS\system32\igfxpers.exe

Intel® Common User Interface 2252 C:\WINDOWS\system32\igfxsrvc.exe

Intel® Common User Interface 3436 C:\WINDOWS\system32\igfxtray.exe

Java Platform SE 7 U9 476 C:\Program Files\Java\jre7\bin\jqs.exe

Java Platform SE Auto Updater 2 0 2316 C:\Program Files\Common Files\Java\Java Update\jusched.exe

McAfee Security Scanner 2452 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

McAfee SecurityCenter 4232 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

McAfee Shared Service Host 516 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

McAfee SiteAdvisor 12052 C:\PROGRA~1\McAfee\SITEAD~1\saUI.exe

McAfee VirusScan 5856 C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

Microsoft Office Outlook 2007 with Busi 384 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

Microsoft SQL Server 648 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

Microsoft SQL Server 684 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

Microsoft® Windows® Operating System 3612 C:\Program Files\Windows Desktop Search\WindowsSearch.exe

Microsoft® Windows® Operating System 2020 C:\WINDOWS\system32\spoolsv.exe

Microsoft® Windows® Operating System 3720 C:\WINDOWS\system32\wuauclt.exe

NAS Function Scheduling Application 1764 C:\Program Files\BUFFALO\NASNAVI\nassche.exe

NAS Power Management Service 932 C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

NASNaviator2 3156 C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

QBIDPService 1964 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

QuickBooks 2484 C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

QuickBooks Automatic Update 1144 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

QuickBooks for Windows 1072 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

Realtek HD Audio Sound Effect Manager 3544 C:\WINDOWS\RTHDCPL.EXE

Roxio Burn 2704 C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

SYSCORE 1660 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

SYSCORE 916 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

UsbClientService.exe 808 C:\Program Files\Synology\Assistant\UsbClientService.exe

VSCORE 940 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

Windows® Internet Explorer 11896 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Microsoft® .NET Framework 2748 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(verified) Microsoft® Windows® Operating System 1720 C:\WINDOWS\explorer.exe

(verified) Microsoft® Windows® Operating System 4060 C:\WINDOWS\system32\alg.exe

(verified) Microsoft® Windows® Operating System 1084 C:\WINDOWS\system32\csrss.exe

(verified) Microsoft® Windows® Operating System 992 C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System 1164 C:\WINDOWS\system32\lsass.exe

(verified) Microsoft® Windows® Operating System 3592 C:\WINDOWS\system32\searchindexer.exe

(verified) Microsoft® Windows® Operating System 1152 C:\WINDOWS\system32\services.exe

(verified) Microsoft® Windows® Operating System 1032 C:\WINDOWS\system32\smss.exe

(verified) Microsoft® Windows® Operating System 748 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1820 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 268 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1708 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1416 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1332 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1552 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 780 C:\WINDOWS\system32\wdfmgr.exe

(verified) Microsoft® Windows® Operating System 1108 C:\WINDOWS\system32\winlogon.exe

Network activity

----------------

Process McSvHost.exe (516) connected on port 443 (HTTP over SSL) --> 8.18.25.10

Process McSvHost.exe (516) listens on ports: 6646

Process QBCFMonitorService.exe (1072) listens on ports: 8019

Process svchost.exe (1416) listens on ports: 135 (RPC)

Autoruns and critical files

---------------------------

Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

Adobe CS4 Service Manager C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

Adobe CS5 Service Manager C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Adobe Updater Startup Utility C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

AUTOBACK.EXE C:\Program Files\ERUNT\AUTOBACK.EXE

CommonSDK c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe

Cyberlink PowerDVD C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

Data Protect C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe

DataSafeOnline C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

Dell Dock C:\Program Files\Dell\DellDock\DellDock.exe

Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe

Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll

Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe

Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe

IntuitSyncManager C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe

Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe

McAfee Security Scanner C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

McAfee SecurityCenter c:\Program Files\McAfee.com\Agent\mcagent.exe

Microsoft® Windows® Operating System C:\Program Files\Windows Desktop Search\WindowsSearch.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr

Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll

NAS Function Scheduling Application C:\Program Files\BUFFALO\NASNAVI\nassche.exe

NASNaviator2 C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

QuickBooks C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

QuickBooks Automatic Update C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

Realtek AC97 Audio - Event Monitor C:\WINDOWS\ALCMTR.EXE

Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE

Roxio Burn C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

Windows® Search C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

(verified) Google Update C:\Documents and Settings\Alex\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

(verified) Google Update C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe

(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll

Browser plugins

---------------

AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

Akamai Download Manager ActiveX Control C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.ocx

Akamai Download Manager ActiveX Control C:\WINDOWS\Downloaded Program Files\Manager.exe

Bing Bar C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll

Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll

Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

Google Gears 0.5.36.0 C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

Google Update C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe

Java Deployment Toolkit 7.0.70.11 C:\WINDOWS\system32\npDeployJava1.dll

Java Platform SE 7 U9 c:\program files\java\jre7\bin\jp2ssv.dll

Java Platform SE 7 U9 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

Java Platform SE 7 U9 C:\Program Files\Java\jre7\bin\ssv.dll

McAfee SiteAdvisor c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll

McAfee SiteAdvisor C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

Messenger C:\Program Files\Messenger\msmsgs.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

npMcSnFFPl.dll c:\Program Files\McAfee\MSC\npMcSnFFPl.dll

NPSWF32_11_5_502_135.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

Silverlight Plug-In c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

Software Manager C:\WINDOWS\Downloaded Program Files\isusweb.dll

VSCORE C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll

Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll

(verified) Microsoft® Windows Live Login Helper C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

(verified) Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

Missing files

-------------

File not found: "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"

--> HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)"

File not found: c:\progra~1\mcafee\msk\mskapbho.dll

--> HKLM\Software\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\InprocServer32\"(default)"

Scan

----

MD5: e426229aaa46c7fece3778a2642bb6b3 C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\BingBar\Apps\Mail_15642ee020d2449d86382022aa6f2548\7.1.398\mailcomm.dll

MD5: b018ecfeae42dc7c2d9c767a9438ffd3 C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\BingBar\Apps\Search_6f21d9007fa34bc78d94309126de58f5\7.1.382\SearchGhosting.dll

MD5: 5c5f3722da38e9695af41baf86ef86d1 C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\BingBar\Apps\Search_6f21d9007fa34bc78d94309126de58f5\7.1.382\SearchHistoryStore.dll

MD5: 4cd43010502a7e1337d72e2ad296b239 C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

MD5: 0600cb2613bea0c6c0987b58d56d77b9 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

MD5: e8f503eb5f9633a1547b3f0968f3b662 C:\Program Files\BUFFALO\NASNAVI\nasdmn.dll

MD5: 08de24b7b61cbca3aefdf201a25f5d4e C:\Program Files\BUFFALO\NASNAVI\nasexo.dll

MD5: 9653cd450c4001f5ebf71df801ee70ee C:\Program Files\BUFFALO\NASNAVI\nasfcn.dll

MD5: 200d8288fcafbc0471ef6bf9f188d42a C:\Program Files\BUFFALO\NASNAVI\nasfsy.dll

MD5: 8327313f3c13ffb4d2f0ebd70352638f C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

MD5: 56fb475a55bb4f322eca9c951530761b C:\Program Files\BUFFALO\NASNAVI\NasNavi2Res.dll

MD5: da614f3014897fe46d6e4a2d483cddd2 C:\Program Files\BUFFALO\NASNAVI\nassche.exe

MD5: 15e5abd9e03d57671bb74eb5cbab8019 C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

MD5: 42a2940d2177e2a7d3506c792ce95d3e C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

MD5: 0171a39ae9f529e4e49f02bcf8d22ebd C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

MD5: 392e9883ae3da54d00a2e1dba8a9a359 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

MD5: ab056f204be2b2754e25ab1f4a98f021 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll

MD5: 185d50da1832a734dc9826037e82be40 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

MD5: 87af77718e3bfb5a7766f575609c057a C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll

MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: e43a851f7b12de589424d6c656155cfc C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

MD5: 639b783f5bc546d8d9662881730aff9b C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

MD5: 9c825b8bbef134fff112225202e22d1a C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\LogSession.dll

MD5: 779a4ab4661fec74a95943f97a7cc2be C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dll

MD5: 1da03f345eb9949f70fb5d266b82a5c9 C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe

MD5: 9e5e9af398d1ae13b67b623d5c695ba9 C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

MD5: 65e4bfc416f58b68d09bf2001c656679 C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Client\EntitlementClientBootstrap.dll

MD5: 6c61a9b95fc6786393172d384561132d C:\Program Files\Common Files\Intuit\QuickBooks\addinmgr2.dll

MD5: a1e14bad0c0da15a35a95188bb580305 C:\Program Files\Common Files\Intuit\QuickBooks\CFScan.dll

MD5: 2572a4407bb6f1d85c5594e9dca0cb7f C:\Program Files\Common Files\Intuit\QuickBooks\CoLocator2.dll

MD5: 6bee1814470dc12fa20c53dfc3c97ebb C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

MD5: dee107066b957d9846d5036a5d40ed0c C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

MD5: 4964f6d0b643cf57f4f0844d20437cb2 C:\Program Files\Common Files\Intuit\QuickBooks\QBDBPortFinder.dll

MD5: 4a45af020d687c0291620ad5a100ecdb C:\Program Files\Common Files\Intuit\QuickBooks\QBInstanceFinder.dll

MD5: f5dd097058c147cde4c5aa476b2f3f2c C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll

MD5: 97e641325339938e22a1c11916280297 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgrps.dll

MD5: 90d87714323df53c136de4e755bd024d C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgRequestMgr.dll

MD5: 9443062f3d064479844cfb1e9735114b C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBSendError20.dll

MD5: ce5ad8f10818a9fb67cf18aa4a078938 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUChannel.dll

MD5: f25f18edc248037ed30d107f02ae89e3 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

MD5: 763f825bba16e28018c07bf820a0525e C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\QBUServiceMgr.dll

MD5: fc2741a70b84d7e7ba5f51a352669ee8 C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\stlport_r50.dll

MD5: fc2741a70b84d7e7ba5f51a352669ee8 C:\Program Files\Common Files\Intuit\QuickBooks\stlport_r50.dll

MD5: a055fb9195bad9f2c7ad18b2fa9ff87c C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe

MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files\Common Files\Java\Java Update\jusched.exe

MD5: 28e60c4ec03340ee7c5d51d79c19498b c:\Program Files\Common Files\McAfee\Core\mccoreps.dll

MD5: c3333dd48a39c17689414275e09d7cc7 c:\Program Files\Common Files\McAfee\Core\McEvtBrk.dll

MD5: 43979c30662f322e720b50b3d95f5d95 c:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.dll

MD5: f0012f09428ad9952ff57c93acaab585 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll

MD5: ecab006ac6136f1307e140b633cdb8c2 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

MD5: f721987c5a710ef2eda2cba9cffafaf7 C:\Program Files\Common Files\Mcafee\MNA\McNASvc.dll

MD5: ae02e6dac99fa4dc642c71b10fee9971 C:\Program Files\Common Files\McAfee\MSC\LangSel.dll

MD5: b1e8af364027029272758c8e34776144 C:\Program Files\Common Files\McAfee\MSC\LogCntrl.dll

MD5: 85ad707f3c3af8079b2f22c1dc7238c0 C:\Program Files\Common Files\McAfee\MSC\mcbrwsr2.dll

MD5: 017ec72c3c9add080daa10956374884a c:\Program Files\Common Files\McAfee\MSC\McDspWrp.dll

MD5: 4be8d8fb641f43f4c4d6cf6ab5ade968 C:\Program Files\Common Files\McAfee\MSC\McRtMui.dll

MD5: 2e50b9e0c0647475116247dce4357161 c:\Program Files\Common Files\McAfee\MSC\mcutil\11,6,277,0\mcutil.dll

MD5: 08e110d89b8c831bf8c3748b8458b82e C:\Program Files\Common Files\McAfee\MSC\sqlite3.dll

MD5: b17440a103bc883b57974d63f43b7485 C:\Program Files\Common Files\Mcafee\NMC\McDisc.dll

MD5: 3eca9b282687a529995953e1c048bb2d c:\Program Files\Common Files\McAfee\NMC\McMPFEvt.dll

MD5: a518d3c9fb121f0f37f86b3f1f5d1c32 C:\Program Files\Common Files\Mcafee\NMC\McNDSv.dll

MD5: 6c169a7b9cd228cd56bd95814ebc6194 C:\Program Files\Common Files\Mcafee\NMC\McNmcSrv.dll

MD5: 6c2d89c52da8592c57fb0dc7bab36ff7 C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

MD5: 4e13ea496e202bcb4fcc342d96faf83a C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

MD5: 250304dc7238574a6cecc88f13e07538 C:\Program Files\Common Files\McAfee\SystemCore\FTL.Dll

MD5: a4d46b6fa6ad0e3aa309d060f00a3808 C:\Program Files\Common Files\McAfee\SystemCore\LockDown.dll

MD5: 240f879f13cffae974b8929adc42a257 C:\Program Files\Common Files\McAfee\SystemCore\McShield.dll

MD5: 6c2d89c52da8592c57fb0dc7bab36ff7 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

MD5: f0898390403be08777978b4f483953a8 C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll

MD5: da7212a2e5df4058ff72840bf4ef67ec C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll

MD5: 9f0b0280d1aa8f9b733ad35d7ca92adf C:\Program Files\Common Files\McAfee\SystemCore\mfebopa.dll

MD5: e64585a16e4452df3f756ec4ca809e75 C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll

MD5: 4e13ea496e202bcb4fcc342d96faf83a C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

MD5: fc76f0803bf2b86e3abd2c63bb0fdefd C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll

MD5: 7509744ad3eca4d625520b55633cb2cf C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll

MD5: f2afa7e4c5408872cfe6ea814c2d1aaf C:\Program Files\Common Files\McAfee\SystemCore\mferkda.dll

MD5: 55e8267140290d8e1bf291252f3723d1 C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll

MD5: 82b7415d5a8fb24d3f6736400f5e1600 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

MD5: 01e8d9b07eeb603cc6bf5cdb21f1dcc9 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll

MD5: 8d3ff64e90496c73c0344774329581b6 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll

MD5: d37356755af6b5a6c84735258edbbc57 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll

MD5: 9e94814109a822d4618e8a0a7bd2f722 C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll

MD5: a4d46b6fa6ad0e3aa309d060f00a3808 C:\Program Files\Common Files\McAfee\VSCore\Lockdown.dll

MD5: 2424231bbd703a677d115c29983b4293 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

MD5: 744cd19aa835ec79384ba19343291a86 c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\cdral.DLL

MD5: 3431100adeaa484a1a36bc4623097420 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe

MD5: 05fc44d32a144925eae45570029fd6e1 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

MD5: ff5eb78af7dfb68c2fb363537aaf753e c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

MD5: 2133b82cd52f1b62cdea633769819a60 C:\Program Files\Common Files\System\ado\msado15.dll

MD5: a0c2cb21f4b521429f033fdeb18d63d7 C:\Program Files\Common Files\System\directdb.dll

MD5: a74db1e8ebd71b5337defa078b4bbcef C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\CyberLink\PowerDVD DX\MFC71.DLL

MD5: be4c00e9bf06c136a1f63856bb7aac5e C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

MD5: d225a5294a135f409cc6354561066e3a C:\Program Files\Dell DataSafe Online\BalloonWindow.dll

MD5: b2a31dfeeea314104b16ea238ff24e26 C:\Program Files\Dell DataSafe Online\BuEng.dll

MD5: 5f41266a590682f2f831884d007dac30 C:\Program Files\Dell DataSafe Online\cpputils.dll

MD5: 4cd6180cb65630f9d8028e9cf51cd64f C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

MD5: 456d4d2759ae9f84c5290749f1e77115 C:\Program Files\Dell DataSafe Online\OlbEng.dll

MD5: 1eb873f19426a826dca41c08cdad98b4 C:\Program Files\Dell DataSafe Online\SdbShared.dll

MD5: a5d805752fbe16d6ab6e5f52cb01563d C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll

MD5: 2eb78ee9e99b49e1e2ec329e6b3b6de5 C:\Program Files\Dell DataSafe Online\SdbUI.dll

MD5: 80e69585023a52f3cc5daf2abce5e17e C:\Program Files\Dell\DellDock\DellDock.exe

MD5: 0840abbbdf438691ee65a20040635cbe C:\Program Files\Dell\DellDock\DockLogin.exe

MD5: 68bdda3fc149d5d605efdf249695c129 C:\Program Files\Dell\DellDock\MyDockLib.dll

MD5: e00de20f0f6bed5cd2160247ddc9443b C:\Program Files\ERUNT\AUTOBACK.EXE

MD5: 13e9240c63604f14fd1b3a0b0f66910e C:\Program Files\FileZilla FTP Client\fzshellext.dll

MD5: 432226e3e9c09a73f389a65dec49bb2f C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

MD5: ae5a69f44c1f97edc83237fc0b29b6fb C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\ieproxy.dll

MD5: f77e696991fed3b92e09ac0ce91e9bca C:\Program Files\Internet Explorer\iexplore.exe

MD5: cb7c8ecc2ac0acc7018a1028b9bc914a C:\Program Files\Intuit\QuickBooks 2011\abmapi.dll

MD5: 639fee12f0b8652bf98c142cdc2cf8c1 C:\Program Files\Intuit\QuickBooks 2011\Accountant.dll

MD5: a5fb1a83d2e3a78687dd3fad21b70a7b C:\Program Files\Intuit\QuickBooks 2011\AccountRegistersUI.dll

MD5: 1d1d0bd1907b65d481c50d2464e47742 C:\Program Files\Intuit\QuickBooks 2011\ACE.dll

MD5: 6e014878193d46028dd1340931fcd6b5 C:\Program Files\Intuit\QuickBooks 2011\ACM.dll

MD5: 3ba31650e083d9332c07bc8286ddeb54 C:\Program Files\Intuit\QuickBooks 2011\ADR.dll

MD5: c5e95147f745269071131fb0500d59c5 C:\Program Files\Intuit\QuickBooks 2011\APPCORE.dll

MD5: 7bb295f36f3217885a7e9071b6f4ce59 C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll

MD5: cb41206780d5f45039210dce3d140466 C:\Program Files\Intuit\QuickBooks 2011\bizutil.dll

MD5: 8ab0a83b4133d29c4f00ca904b7577c2 C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll

MD5: 7c87d481895349db3e897be6b04ef7b5 C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll

MD5: 585987f3efa93560243e945410c8bfed C:\Program Files\Intuit\QuickBooks 2011\cindexdb.dll

MD5: f8f970ae961a41cd2c4b045db7882b5f C:\Program Files\Intuit\QuickBooks 2011\components\payroll\FilePay\Rules.dll

MD5: 0117089b3546196c69f991cd2bfb0503 C:\Program Files\Intuit\QuickBooks 2011\components\payroll\FilePay\Rules.Resources.dll

MD5: b75aadfbb4ede4e99f337a97692e9521 C:\Program Files\Intuit\QuickBooks 2011\DatabaseManager.dll

MD5: f5dd097058c147cde4c5aa476b2f3f2c C:\Program Files\Intuit\QuickBooks 2011\dbghelp.dll

MD5: 7f83f3380b0265eced742387697e6181 C:\Program Files\Intuit\QuickBooks 2011\dbicu11.dll

MD5: dfe34774a89f456a99d386b14ad68e41 C:\Program Files\Intuit\QuickBooks 2011\dbicudt11.dll

MD5: ea5fb736f9437a99f39d9aa53498f5be C:\Program Files\Intuit\QuickBooks 2011\dblgen11.dll

MD5: e0ade91c23e5402e70d5d1a8fd3ffdd2 C:\Program Files\Intuit\QuickBooks 2011\dblib11.dll

MD5: 5f4cebf8febb68378b58369f3774dfbc C:\Program Files\Intuit\QuickBooks 2011\dbtool11.dll

MD5: 469b487a46c6b17c359bad4036520e27 C:\Program Files\Intuit\QuickBooks 2011\DMAccountant.dll

MD5: 04370cb80b6851451c650f7dadffde1d C:\Program Files\Intuit\QuickBooks 2011\DMALIAS.dll

MD5: 088f571eb8df0b92e783af7536d12490 C:\Program Files\Intuit\QuickBooks 2011\DMAUDIT.dll

MD5: 5a9b8ffbb45926934ac5c39f7abbc4fa C:\Program Files\Intuit\QuickBooks 2011\DMBUDGET.dll

MD5: b563a123e821e0dc67c2c94b61f3c9b0 C:\Program Files\Intuit\QuickBooks 2011\DMCore.dll

MD5: 0225c3aae96489fe52bdf2e1bfb632ba C:\Program Files\Intuit\QuickBooks 2011\DMDATASYNC.dll

MD5: 9302b5446a77a407466cc1da72dac455 C:\Program Files\Intuit\QuickBooks 2011\DMDQE.dll

MD5: 80f428f767dc73504001ffd835763d20 C:\Program Files\Intuit\QuickBooks 2011\DMEDL.dll

MD5: 91394575905b5b1d66d2945c78ec53de C:\Program Files\Intuit\QuickBooks 2011\DMGenPrefs.dll

MD5: 993b1a2c8895987240e1adfed7079ef8 C:\Program Files\Intuit\QuickBooks 2011\DMInventory.dll

MD5: b91974425069b668ea41799f493397e0 C:\Program Files\Intuit\QuickBooks 2011\DMOLB.dll

MD5: 1120b5783806c8e23a1e5cddf3c681cb C:\Program Files\Intuit\QuickBooks 2011\DMPAYROLL.dll

MD5: b33744d5b166e33b72d2681788eefac0 C:\Program Files\Intuit\QuickBooks 2011\DMPREFS.dll

MD5: a0da57c2bfd29bebeace2cbceccd89e2 C:\Program Files\Intuit\QuickBooks 2011\DMTIME.dll

MD5: ca2c0fbee3fce40d08c48c40eab5140b C:\Program Files\Intuit\QuickBooks 2011\DMTXN.dll

MD5: 2e9f7f8dd16b6af9ff96413e22ffd43d C:\Program Files\Intuit\QuickBooks 2011\DMUI.dll

MD5: 24a6678ff8faf1a042372dbae7b37e68 C:\Program Files\Intuit\QuickBooks 2011\DMUSERS.dll

MD5: cee1c6261dc6a71a69b5ad79d7ea7f65 C:\Program Files\Intuit\QuickBooks 2011\DocumentManagement.dll

MD5: 67c9d22c9a08fe86903c77724a994074 C:\Program Files\Intuit\QuickBooks 2011\ELCORE.dll

MD5: c4cccb24be1298c731063b1bdd70852e C:\Program Files\Intuit\QuickBooks 2011\ESHELL.dll

MD5: 8d171c0355e89960c1890c1dbbc0f3a9 C:\Program Files\Intuit\QuickBooks 2011\FeatureMgr.dll

MD5: 33c9314284e70668c00067e8021c9e53 C:\Program Files\Intuit\QuickBooks 2011\Features.dll

MD5: b713e072b9ef22d2e34d14fc9bebc5a2 C:\Program Files\Intuit\QuickBooks 2011\FileManifest.dll

MD5: 83b4fa2eb706a811f38b5ad86596dfa6 C:\Program Files\Intuit\QuickBooks 2011\htmlhelper.dll

MD5: 6393038e358d6cd04a510ead43e85c94 C:\Program Files\Intuit\QuickBooks 2011\IdentityMine.Windows.dll

MD5: 520ce25901b9c561a4f50a1ad9d9df99 C:\Program Files\Intuit\QuickBooks 2011\IdentityMine.Windows.Media3D.dll

MD5: ce3a70030bc77cc896f77040d74771ba C:\Program Files\Intuit\QuickBooks 2011\IdentityMine.Windows.Panels.dll

MD5: e8f8cfb5136d38d77155c6580ba5631d C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetBridge.dll

MD5: 00c7a6f949854e26671564aacb391603 C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetInterop.dll

MD5: 9a8b3db586ac03702b4623607de28671 C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetLibrary.dll

MD5: f49a32f911469d3ae9fc46c4b3b0f536 C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll

MD5: 2491c412924f0d959b103207be24eab9 C:\Program Files\Intuit\QuickBooks 2011\msgDBAddIn.dll

MD5: 45937c60a8a51eee148cefcae32e6bd9 C:\Program Files\Intuit\QuickBooks 2011\NAAuthTool.dll

MD5: 252133372e997b96e41dfa2a12e6c2fa C:\Program Files\Intuit\QuickBooks 2011\OLBService.DLL

MD5: 0f69c03ac76b25d28276e554d52aea99 C:\Program Files\Intuit\QuickBooks 2011\OPAQUEBUFFER.dll

MD5: fb064852aee17c1f78f3fa7b4876e14d C:\Program Files\Intuit\QuickBooks 2011\paycore.dll

MD5: 11ff49461e9b99ca85d619ed0e9945ef C:\Program Files\Intuit\QuickBooks 2011\PAYRES.dll

MD5: 6921550f8fe4377a90ea6f56eda7acc8 C:\Program Files\Intuit\QuickBooks 2011\PAYSERV.dll

MD5: c325c1ba9bc99af49915bae3fc4eb305 C:\Program Files\Intuit\QuickBooks 2011\PAYUTIL.dll

MD5: ca435ec75bc7db6a77f04248fa0d95f8 C:\Program Files\Intuit\QuickBooks 2011\payxsgen.dll

MD5: a71851325c78f2fddea188eb8e3aac65 C:\Program Files\Intuit\QuickBooks 2011\PM.dll

MD5: 37622df7ff716674c1fe20b50a7e58f0 C:\Program Files\Intuit\QuickBooks 2011\PortFile.dll

MD5: 7c9bf69524ddd1a44fb94ba7da1ac3a2 C:\Program Files\Intuit\QuickBooks 2011\PREFS.dll

MD5: b73648432725e8fb59f5ba493540fcfb C:\Program Files\Intuit\QuickBooks 2011\PRLoader.dll

MD5: 3af35620ad9ae47c1f73247156732687 C:\Program Files\Intuit\QuickBooks 2011\PRNotificationLoader.dll

MD5: 9d15bdb3085c459b9a54bac3a579dad1 C:\Program Files\Intuit\QuickBooks 2011\QB2WPFBridge.dll

MD5: c640795903b9841a0380fc76e504fc42 C:\Program Files\Intuit\QuickBooks 2011\QBATTR32.dll

MD5: d1e7cdd9ce2ef79b6c6c51e19694a061 C:\Program Files\Intuit\QuickBooks 2011\qbbrow32.dll

MD5: ca178183b6be0dd2439de3315abe1dc4 C:\Program Files\Intuit\QuickBooks 2011\QBCHAO32.dll

MD5: 8499d4a9054ff25f6bd9a9d00fd6aff8 C:\Program Files\Intuit\QuickBooks 2011\qbci32.dll

MD5: c829b4ba559668d3577f8b1854e3c46e C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.dll

MD5: 96fe99a003497bd9635d44b1d04e669c C:\Program Files\Intuit\QuickBooks 2011\QBCONV32.dll

MD5: 18c38a8898c2f45fc0e51226c7c2b525 C:\Program Files\Intuit\QuickBooks 2011\QBDomain.dll

MD5: 93b38f34b8509cd5aef4eb8595d32a8b C:\Program Files\Intuit\QuickBooks 2011\qbform32.dll

MD5: 5807513bfbf975dd759494eaec661b53 C:\Program Files\Intuit\QuickBooks 2011\QBInbox.dll

MD5: 22edc659a1555a89854341d25b6e6aca C:\Program Files\Intuit\QuickBooks 2011\QBINTR32.dll

MD5: 25c8567cf720875f7623cac8cedf2e13 C:\Program Files\Intuit\QuickBooks 2011\QBITools.dll

MD5: 75de945e9e106f829499fc48e6410bbe C:\Program Files\Intuit\QuickBooks 2011\qblist32.dll

MD5: 12cd30b193a692dcfc895a91cfbf693e C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll

MD5: dcd8566e28e7e5be8976dd4881a38280 C:\Program Files\Intuit\QuickBooks 2011\QBMAS32.dll

MD5: 1984cd7f78f66688e9b96fd570ea5888 C:\Program Files\Intuit\QuickBooks 2011\QBMFCT32.dll

MD5: c6299ba47b15b696ed42cb141afa2800 C:\Program Files\Intuit\QuickBooks 2011\QBMSIntg.DLL

MD5: 7b69dd38c71612d6a266bcf01ae403df C:\Program Files\Intuit\QuickBooks 2011\QBOESD32.dll

MD5: 8d700722afaf2f2709bb1c36a2980949 C:\Program Files\Intuit\QuickBooks 2011\QBONLI32.dll

MD5: 7fccb6d7a1a03c47bebb1304785957ea C:\Program Files\Intuit\QuickBooks 2011\qbot.dll

MD5: 8c6f180ced16487ebb7b8997ab2d5bc0 C:\Program Files\Intuit\QuickBooks 2011\QBPrefs.dll

MD5: 852b5895e6d98cce8157613fcca09d7d C:\Program Files\Intuit\QuickBooks 2011\QBQWUT32.DLL

MD5: 9e64315fe08e89b9b6c37c53a892e756 C:\Program Files\Intuit\QuickBooks 2011\QBSDKNotify.dll

MD5: 9443062f3d064479844cfb1e9735114b C:\Program Files\Intuit\QuickBooks 2011\QBSendError20.dll

MD5: 90a6660f934dcd02ee54527476b5f616 C:\Program Files\Intuit\QuickBooks 2011\QBSTYL32.dll

MD5: 55b6065d9b94b9e0627cbbb40063b92b C:\Program Files\Intuit\QuickBooks 2011\qbtool32.dll

MD5: 9f76d01eeea2b757e2001fa34a447aa9 C:\Program Files\Intuit\QuickBooks 2011\qbtxn32.dll

MD5: 288e2bdb21d79555196444f404f9d475 C:\Program Files\Intuit\QuickBooks 2011\QBUtilities.dll

MD5: 0f60deab1c21980d7557cee936bb37ce C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

MD5: e8c3a335556edff8e6259dcad32190ae C:\Program Files\Intuit\QuickBooks 2011\qbwfls32.dll

MD5: 8cd42c28f36536f3ebf08494f03dcd27 C:\Program Files\Intuit\QuickBooks 2011\QBWIN32.dll

MD5: 9f68229fe11fa640189e45ce004121f1 C:\Program Files\Intuit\QuickBooks 2011\QBWMain.dll

MD5: c21fbc7177ff165ef9394ce17a813d36 C:\Program Files\Intuit\QuickBooks 2011\qbwpr32.dll

MD5: a7d5304afbc71ef73cbd9a57d7f0a985 C:\Program Files\Intuit\QuickBooks 2011\qbwpsrun.dll

MD5: 15f7dcc1e1e412a70b6dc200a0c71638 C:\Program Files\Intuit\QuickBooks 2011\QBWRPT32.dll

MD5: f5f89223674d5fd4dd0e6017397e17a7 C:\Program Files\Intuit\QuickBooks 2011\qbxladin.dll

MD5: b330a60d0592707c08efd6833aecc14b C:\Program Files\Intuit\QuickBooks 2011\ReportBridge.dll

MD5: 3bb9c53a577b0f707c43b06116278e84 C:\Program Files\Intuit\QuickBooks 2011\ReportCenter.dll

MD5: 4ee8c4889b68e038226c7e220c4af602 C:\Program Files\Intuit\QuickBooks 2011\ReportInterop.dll

MD5: 6ebb726bbd705a8b304f4580b854508f C:\Program Files\Intuit\QuickBooks 2011\sdkutil.dll

MD5: 321f2ffcbc080607f300ead05fcc7f5f C:\Program Files\Intuit\QuickBooks 2011\skucore.dll

MD5: 913c2a4f1c2cfe40869d2f44b43ba94f C:\Program Files\Intuit\QuickBooks 2011\SSCE5232.dll

MD5: fc2741a70b84d7e7ba5f51a352669ee8 C:\Program Files\Intuit\QuickBooks 2011\stlport_r50.dll

MD5: f9cdca327724c66ac62646e7c4d0b7d1 C:\Program Files\Intuit\QuickBooks 2011\TaxAlertsECL.dll

MD5: 776212b389c0d60dbc2358e0de334504 C:\Program Files\Intuit\QuickBooks 2011\TEJ32.dll

MD5: 4b6f5061b5baac342ea1944d91f12c85 C:\Program Files\Intuit\QuickBooks 2011\TRACKING.dll

MD5: 04d316de0481d5550712458fa878092e C:\Program Files\Intuit\QuickBooks 2011\txncore.dll

MD5: e4481d23c175a148d0afca95a85a5f95 C:\Program Files\Intuit\QuickBooks 2011\TXNFORM.dll

MD5: 15fbe2b1cea8e3cc8f8a8c0fa6ebbee5 C:\Program Files\Intuit\QuickBooks 2011\ui.dll

MD5: ae56e8e5ab9db2ce0208ee36327faeef C:\Program Files\Intuit\QuickBooks 2011\UM.dll

MD5: c34069531ef9d83f1df92ee1335d64c7 C:\Program Files\Intuit\QuickBooks 2011\Webification.dll

MD5: 195ed09e0b4f3b09ea4a3b67a0d3f396 C:\Program Files\Intuit\QuickBooks 2011\WPFToolkit.dll

MD5: eb47e405a9222ca595e5e763b4156529 c:\program files\java\jre7\bin\jp2ssv.dll

MD5: b591e761161d1ef547d76ef236eaa6a5 C:\Program Files\Java\jre7\bin\jqs.exe

MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\MSVCR100.dll

MD5: c04fcb7eebeb5097b30468828f20fb9e C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

MD5: a7a6954e500715117b64b414ab81cb44 C:\Program Files\Java\jre7\bin\ssv.dll

MD5: 22a7776c5d8eb5930edf9c8dd0884259 C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe

MD5: 8ac44f0e443974442b574e1de77c8877 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

MD5: 581a9fe27c17b1679085a066b069b65d c:\Program Files\McAfee.com\Agent\mcagent.exe

MD5: a727eaf1c956f05f51592d715e50f725 c:\Program Files\McAfee\MPF\MpfApi.dll

MD5: 355db4f5e585ca04c08519ce98cd5ca2 c:\Program Files\McAfee\MPF\MpfEvt.dll

MD5: a75338fabf3c24ebc4058faf8a7203d7 c:\Program Files\McAfee\MPF\MpfShm.dll

MD5: 8cd7f18d1ef09160fd201446ca70a2fd c:\Program Files\McAfee\MPF\MpfSvc.dll

MD5: e666404ad413cc1bb2bdaa441d285a52 C:\Program Files\McAfee\MPF\MPFSvcPS.dll

MD5: 5fb8031590222674792690fe7f7ae004 C:\Program Files\McAfee\MPF\Twerp.dll

MD5: 9fe5cc1913db45fa859c8584e240b32e c:\Program Files\McAfee\MPS\mps.dll

MD5: 2b6cb9e78f40b3a7b857548495a6d99d c:\Program Files\McAfee\MPS\mpscfg.dll

MD5: 44e59f0bbbb90bdac3304f023937ac19 c:\Program Files\McAfee\MPS\mpsevh.dll

MD5: f158180ace853c7c698c4b905b3e6cb5 c:\Program Files\McAfee\MPS\MPSMisp.dll

MD5: f891d113ae1488653db2c0fa34a6fbe9 c:\Program Files\McAfee\MQS\QCProgressIcon.dll

MD5: ff4b12cc3f0676b7dd945705339b8865 c:\Program Files\McAfee\MQS\ShrCore.dll

MD5: aa9b202222cb4870a523fb658188d976 c:\Program Files\McAfee\MQS\ShredExt.dll

MD5: 42b4b5f028b10cdede7829ce4de80d1e c:\Program Files\McAfee\MQS\ShredShm.dll

MD5: 3c7f5eede350c98723699d8afd4aa691 c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll

MD5: 45df6a66256026df51d719c87c16b2ce c:\Program Files\McAfee\MSC\McDBMgr.dll

MD5: 9aa3ee13e8cb7671db730015a23f5af5 c:\Program Files\McAfee\MSC\McGsShm.dll

MD5: 7c51822e2c94257f3c39551b2e4b8d6a c:\Program Files\McAfee\MSC\McIPTShm.dll

MD5: fd83993dbfec4eee7c13bc8fa74dfacc C:\Program Files\McAfee\MSC\mclwapi.dll

MD5: d390cda2d132c6d8cc27db7e007970fa c:\Program Files\McAfee\MSC\mcmispps.dll

MD5: c76be4b014d2fad9a3e38f2a773bd912 c:\Program Files\McAfee\MSC\mcmschlp.dll

MD5: b01860e256305c775c4678f66710aa60 c:\Program Files\McAfee\MSC\McMscShm.dll

MD5: cac6f6f206c978deea928b9302646a09 c:\Program Files\McAfee\MSC\mcmscsub.dll

MD5: 9f2a6d4198fb88e7fdf7cc487845a489 C:\Program Files\McAfee\MSC\McOemRes.dll

MD5: 2b07418ae23172777fe4ad68361f24df C:\Program Files\McAfee\MSC\mcprlalt.dll

MD5: 516f2ed421d9689696d38d5b5f825370 C:\Program Files\McAfee\MSC\mcprlres.dll

MD5: e6d44bf4a7a11bc06520b8ce54128f7b c:\Program Files\McAfee\MSC\mcsubmgr\11,6,434,0\mcsubmgr.dll

MD5: e7abc004978055616431654f63a3e5a7 c:\Program Files\McAfee\MSC\mcuicfg.dll

MD5: 354277d6e1b93f111351d523845b6257 c:\Program Files\McAfee\MSC\McUpdShm.dll

MD5: 4b06ba13e36358ddabb87b59abe16c3b C:\Program Files\McAfee\MSC\mscjsres.dll

MD5: 3234e4bb71dad2c13dc5c8cd85203e8b c:\Program Files\McAfee\MSC\mscuild.dll

MD5: a44bffa5d6cc1e909e6a3c16d9bb009b c:\Program Files\McAfee\MSC\npMcSnFFPl.dll

MD5: 051aba8438e45f5588a80d93f372f2e7 C:\Program Files\McAfee\MSC\OemUI.dll

MD5: 7f24fd14fba86d7672d01ae0b320323e c:\Program Files\McAfee\MSC\oemuild.dll

MD5: 33aa9832aa41fa73f44abc29e7cabe5a C:\Program Files\McAfee\MSK\masecore.dll

MD5: 6fab79b6d0eb1b31f6b11b0ef377563b c:\Program Files\McAfee\MSK\mskcshim.dll

MD5: 8c0aff34d1a0c55a8cb027304f9887fc c:\Program Files\McAfee\MSK\mskengn.dll

MD5: 2ce646e579a241d1143c3c858d31ed54 C:\Program Files\McAfee\MSK\MSKSet.dll

MD5: 22571be48a7aa4a3621d8a39fa51a56d c:\Program Files\McAfee\MSK\msksrvr.dll

MD5: 79aed0cebdb7ef4ea0569ce5d3f95a37 c:\Program Files\McAfee\MSK\mskupd.dll

MD5: 69210ed819ecd8c989295b1f183a2ba9 c:\Program Files\McAfee\MSK\mskwm.dll

MD5: b326d1ad6db689f62624083aadb23543 c:\Program Files\McAfee\MSK\mskxaif.dll

MD5: 5686edb3b234003c5e110f49c07a99b8 c:\Program Files\McAfee\SiteAdvisor\mcbrwctl.dll

MD5: 5c4ba8ef8fba80397c33cc33f7f3922f c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll

MD5: f9f003ecab0ac26e2aba43e672f15bd9 c:\Program Files\McAfee\SiteAdvisor\McSACorePS.dll

MD5: c6fd288c265157410a17ae0531d3af4c C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

MD5: 1d702a6e768510f2623171c963afae36 c:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll

MD5: cd64b78db77d443181a9e2e834796863 c:\Program Files\McAfee\SiteAdvisor\saUI.exe

MD5: 7ded7521eb8b8d56dadcd044d1b77709 c:\Program Files\McAfee\SiteAdvisor\saupkeep.dll

MD5: 80a617849b004d1c6c4beab7aa86f021 C:\Program Files\McAfee\VirusScan\Engine\5500.1093\mcscan32.dll

MD5: 22917d103c9c814ad6409c12b828fe4e c:\Program Files\McAfee\VirusScan\mcctxmnu.dll

MD5: 9bd0c29c5c78c74a8d177399f07bd194 c:\Program Files\McAfee\VirusScan\McOasShm.dll

MD5: c7da06c9a9aeefbe37aac281ea6385d5 C:\Program Files\McAfee\VirusScan\mcods.exe

MD5: 93624b1849df1f5ed709522a302a1db2 c:\Program Files\McAfee\VirusScan\mcodsax.dll

MD5: 512e8d19d800eaa67bed5e65e8579251 c:\Program Files\McAfee\VirusScan\mcodsps.dll

MD5: 57ccef1a8228d9386a474076edf3c5be c:\Program Files\McAfee\VirusScan\McOdsShm.dll

MD5: b8b742537bfa1ac4f742b36beb310bf6 c:\Program Files\McAfee\VirusScan\McVsPs.dll

MD5: 2e645c11aab7a7e5f607355f6cbdf068 c:\Program Files\McAfee\VirusScan\MVsCfg.dll

MD5: 2f25b52b0cf0f6f5be2d789181d61735 c:\Program Files\McAfee\VirusScan\mvslog.dll

MD5: 0b3abac9eae7aeabe5063c012ad306bb c:\Program Files\McAfee\VirusScan\MVsScan.dll

MD5: 7cc9484fbc922f7dc0b1d767a256c1e5 c:\Program Files\McAfee\VirusScan\NaiAnn.dll

MD5: 149da63ed179de9b46d5c38a867f3199 c:\Program Files\McAfee\VirusScan\NaiAnnPs.dll

MD5: 618b5e4d16dcba693b421c5062d84f9a c:\Program Files\McAfee\VirusScan\VSJsRes.dll

MD5: bfcce364e88a2cb9d64327f7ba7a77f5 C:\Program Files\McAfee\VirusScan\vsores.dll

MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe

MD5: 5d999bf519415d1c8ee0b97ff6a254db C:\Program Files\Microsoft Office\Office12\msohevi.dll

MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

MD5: 6163664c7e9cd110af70180c126c3fdc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

MD5: 1d89eb4e2a99cabd4e81225f4f4c4b25 c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe

MD5: 86ebd8b1f23e743aad21f4d5b4d40985 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

MD5: d89083c4eb02daca8f944b0e05e57f9d C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

MD5: d1e2786d29a34009a54868b6b0449296 c:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll

MD5: 837608240884733792ddae81e50b802a c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

MD5: f48feb7da35821da15e0b006dcb9a169 C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE

MD5: e7f15ac633256f4f472400041ff56b6d C:\Program Files\Microsoft\BingBar\7.1.391.0\BingApp.exe

MD5: 26f3927a3e593ed4503e53a2c189e243 C:\Program Files\Microsoft\BingBar\7.1.391.0\BingBar.exe

MD5: 0ee4008e662b0647310b696b62dc4a1b C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll

MD5: feff48fdd7a604e8ca96f543df045fcf C:\Program Files\Microsoft\BingBar\7.1.391.0\bingsurrogate.exe

MD5: e37469afaa254472f079f3a10843ffa2 C:\Program Files\Microsoft\BingBar\7.1.391.0\common.dll

MD5: 1aac4ed32ca948de4ae802d524fb72f4 C:\Program Files\Microsoft\BingBar\7.1.391.0\DefMgr.DLL

MD5: 9172e6bc1cbcf2ee2ee87a4184e0033c C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaNote.dll

MD5: 8e16f7a85441986fd2b9ce6c879524e4 C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE

MD5: c62d44164113cd26378382747fd3ce78 C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

MD5: 39c4fddc44de555514bd765b567939e3 C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

MD5: 4cd43010502a7e1337d72e2ad296b239 C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

MD5: 8c7336950f1e69cdfd811cbbd9cf00a2 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

MD5: 116aa2b169abd0b620961caff0aeac84 C:\Program Files\Outlook Express\msoeres.dll

MD5: 60f58070e56145b8b2ccb264d5e53136 C:\Program Files\Roxio\Roxio Burn\AS_Storage_w32.dll

MD5: 0ce025436a9b94d28eea7ec45bdd67b6 C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

MD5: e4e2e8a11ceb6095e84bfe54a1ee70dc c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll

MD5: 0bc7957dbc5f368cf5c21df2aa5fc319 C:\Program Files\Synology\Assistant\DSAssistant.exe

MD5: 2afb0b621427c93bf077a70d177f4671 C:\Program Files\Synology\Assistant\imageformats\qgif4.dll

MD5: 5f06bc11d322fded73e4a779fdd4137e C:\Program Files\Synology\Assistant\imageformats\qico4.dll

MD5: d354b14dd3e86e8198a447159737aadf C:\Program Files\Synology\Assistant\imageformats\qjpeg4.dll

MD5: 35fbc23ed5dee1298f8563ea929e4a80 C:\Program Files\Synology\Assistant\imageformats\qmng4.dll

MD5: 17d980c7f2fedfc41b2d129961cb0078 C:\Program Files\Synology\Assistant\imageformats\qtiff4.dll

MD5: c331dcde2fa9972e24f9a1a65c361717 C:\Program Files\Synology\Assistant\QtCore4.dll

MD5: 1e4942146c6a9e722b94cb95d1f9df9a C:\Program Files\Synology\Assistant\QtGui4.dll

MD5: c9a8cbe7f345aee7dad2bb75cd2878c9 C:\Program Files\Synology\Assistant\QtNetwork4.dll

MD5: 98bc512887de6daf8a373a035a980a12 C:\Program Files\Synology\Assistant\qwt5.dll

MD5: 6af12011c88c80920d0543616e107cff C:\Program Files\Synology\Assistant\UsbClientService.exe

MD5: f2ece68acf2c051effb305708c3aefa9 C:\Program Files\Windows Desktop Search\dbres.dll

MD5: e8a3670314b3ddfe6dd18c4b501a9476 C:\Program Files\Windows Desktop Search\deskbar.dll

MD5: 2a0b76fcc5138ac0321a01766c980387 C:\Program Files\Windows Desktop Search\en-us\dbres.dll.mui

MD5: 0e28e671281ebf1f1f8fe093d2bd4a7b C:\Program Files\Windows Desktop Search\en-us\msnlExtRes.dll.mui

MD5: 56183fb6413b7c5cb42b8ac1541a4ee8 C:\Program Files\Windows Desktop Search\en-us\WindowsSearchRes.dll.mui

MD5: 2996faeca864ee4938aa247b2386a69b C:\Program Files\Windows Desktop Search\msnlExtRes.dll

MD5: 994ad0d8550b8b26990a6e3aa0791502 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

MD5: f23a5d407b753f2e5e2bb6a95ab6d12b C:\Program Files\Windows Desktop Search\WdsMktTools.dll

MD5: b5c9f63c01fcfec3f64ec6a0940a1825 C:\Program Files\Windows Desktop Search\WindowsSearch.exe

MD5: cbfd0fb0a9491ed3f1bab4c64a04d2f1 C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll

MD5: b5b27b057b97a947c31b41f0ef3b4d44 C:\Program Files\Windows Desktop Search\wordwheel.dll

MD5: 581a9fe27c17b1679085a066b069b65d C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

MD5: cd64b78db77d443181a9e2e834796863 C:\PROGRA~1\McAfee\SITEAD~1\saUI.exe

MD5: c7da06c9a9aeefbe37aac281ea6385d5 C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

MD5: ea31039e691c6f8f5469649526eea5fb C:\WINDOWS\ALCMTR.EXE

MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL

MD5: 486e625601ede9a2b51ad7b4cc0b1861 C:\WINDOWS\assembly\GAC_MSIL\Intuit.QuickBooks.XmlDigitalSignature\1.2.0.0__5b3f47ba29970ccb\Intuit.QuickBooks.XmlDigitalSignature.dll

MD5: a5b646ca8b89060e01873df41f8a4369 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\b5af2249e2d550f2752176a75c7a7656\Accessibility.ni.dll

MD5: d6adf4834abef49e715153d612444060 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\DellDock\c0500377f64db8373d998a5f85890df5\DellDock.ni.exe

MD5: 6a1f974b02ce7b6cfa08eb771d9426c8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MenuSkinning\3dee9e6a1851625c72078d739b237635\MenuSkinning.ni.dll

MD5: 7a4d7b91bc815ed33e63122ca7078fd0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll

MD5: 2d957ea508f0e9d4e3c33c194829c09a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MyDock.Util\3cf15041c72a9931d913d0e4b195bed6\MyDock.Util.ni.dll

MD5: cba9fcb0c3f24f787c28d3633c4990cd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\1ce67382fb5f6eff28ec02c1d5f9d692\PresentationCore.ni.dll

MD5: 1c06208aa9f11af32dd8ca0dda03b3fd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\a8884cf6a7985974e7b80c2ae6978cfb\PresentationFontCache.ni.exe

MD5: 3e6169a2bd50f2b07a01636cad43ecf2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3524383abc7d257cdb5d3f6f22ee8068\PresentationFramework.Luna.ni.dll

MD5: a025c34ddffe817a8160e25cc95135a1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\607521f6878e37764b6a2272f89996f6\PresentationFramework.ni.dll

MD5: fc311345223c68abc9c897a204cff1a1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c14cec63fc2a347b26e146d390e6e4e\PresentationFramework.Classic.ni.dll

MD5: 6f0cba0b23e4a6a2101bf9e8e3956e0d C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9bd44fadf9b7854e5b565cb3223193bc\PresentationFramework.Aero.ni.dll

MD5: 878f6183cef9bef0019fe03ee10ad269 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll

MD5: 9484c25664af5d5e44d68e6d36bdd00a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\3710da7b61c2c4ed10903487dbde1c35\System.Core.ni.dll

MD5: c1a1f10bd3839c6c583ae84c9d6d0b22 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll

MD5: aca57ba96a51229cc4574fde502d03dd C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll

MD5: 5d94897515e29aed850352803a3a9450 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\e564bacf8526a85451e0eaaf5b1137bb\System.Security.ni.dll

MD5: 7dd59b0ff41ea39d320ffcd825d61b4f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll

MD5: f0860d6e7cdd4ca9247be1f3df037b20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7fba5762199fc6763c8aaddc16abebcd\System.Web.Services.ni.dll

MD5: bb5b7e95212d816aff7a329f248a1adf C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll

MD5: 89be7f1e47ade757e0460027ec5cd998 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll

MD5: c2b9b86d3037ad3902058939954d6109 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll

MD5: a2f60d2f57b7b9f429bf319859322b49 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f3f0a408362eaceda1b3493d2798cd97\UIAutomationProvider.ni.dll

MD5: 86a69f4c05b622aeb11a8319c7faf37c C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\31368559b4afa9eb6085e6f599982b88\VistaBridgeLibrary.ni.dll

MD5: e37aa27a26d7186d02dca016285f25b1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\e42848e8620740a16ef83db124a05803\WindowsBase.ni.dll

MD5: 352ab6c3942e509332dec566aabcfd62 C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.ocx

MD5: d715a946e66028cdb04c9e9f8c7137f5 C:\WINDOWS\Downloaded Program Files\dwusplay.exe

MD5: 2d54daecba60eb03f9e63dd50669f634 C:\WINDOWS\Downloaded Program Files\isusweb.dll

MD5: 455ca248a92816766fad91b5ce258773 C:\WINDOWS\Downloaded Program Files\Manager.exe

MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll

MD5: 860fad57b4668a9f5f350a9d5444ae89 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

MD5: ea3af33a9341b88d23fdc20d6ec826fe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

MD5: b560a085eed4d5d72b039929f9ae4991 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

MD5: f282d4edd85d53e20d902cc92190c5f5 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

MD5: fb53a700132d9a97d1e10e9f80bd6174 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

MD5: 35a936c7c029a5b705d3ffd40518d660 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: 2c53b6e2e2c6a80b2d3d56b3219c448d C:\WINDOWS\RTHDCPL.EXE

MD5: 77abfeb4ecb42824aaa975621e93ee0e C:\WINDOWS\system32\advpack.dll

MD5: 00d2c06a552f782c1f16acf77db765a5 C:\WINDOWS\system32\ATL100.DLL

MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll

MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll

MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll

MD5: 46ae5ab9b5083bb94a46dae00e203d3b C:\WINDOWS\system32\corpol.dll

MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll

MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll

MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll

MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll

MD5: 78e862846112347eee8214b649ae563f C:\WINDOWS\system32\dispex.dll

MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll

MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: cec1dbed5ea31801cdeb12833234f139 C:\WINDOWS\system32\DRIVERS\busenum.sys

MD5: 67b20da4727f54aea29fddad810c898d C:\WINDOWS\system32\drivers\cfwids.sys

MD5: d61e53e3fec0c92bc8dd3969fad63f87 C:\WINDOWS\system32\drivers\HipShieldK.sys

MD5: 66a685b05066683621920bc14a45cfe8 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

MD5: ba3004f4c0a0cd19db9c2c0ab3a84efe C:\WINDOWS\system32\drivers\mfeapfk.sys

MD5: 39c20b7d9ac19bfe616ca09dd3a240af C:\WINDOWS\system32\drivers\mfeavfk.sys

MD5: e3470decda0a4015a0ca00ed645f2ebe C:\WINDOWS\system32\drivers\mfebopk.sys

MD5: c8ac8147e02ed8795e1fd946165baccf C:\WINDOWS\system32\drivers\mfefirek.sys

MD5: 7aaf92954d8d2801b17a1163c60abfe9 C:\WINDOWS\system32\drivers\mfehidk.sys

MD5: 3474b9391903c0ab2e9987cb4de943d8 C:\WINDOWS\system32\DRIVERS\mfendisk.sys

MD5: 62d55d882d58a1250348f324bc0afc06 C:\WINDOWS\system32\drivers\mferkdet.sys

MD5: fcfab391e3736769fe5865f3acb3dccb C:\WINDOWS\system32\drivers\mfetdi2k.sys

MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys

MD5: 2feb5bf0312e1cb76cd2caa875cbaa5d C:\WINDOWS\system32\drivers\RtkHDAud.sys

MD5: aabb1d240862349181f5350dd62faae7 C:\WINDOWS\system32\DRIVERS\RxFilter.sys

MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys

MD5: 4bac8df07f1d8434fc640e677a62204e C:\WINDOWS\system32\DRIVERS\usbehci.sys

MD5: 1385e5aa9c9821790d33a9563b8d2dd0 C:\WINDOWS\System32\Drivers\wpdusb.sys

MD5: 613570c245cbfbf40972b825c1ea6784 C:\WINDOWS\system32\Dxtmsft.dll

MD5: 8607b97b59c3364d201014b5a365215a C:\WINDOWS\system32\Dxtrans.dll

MD5: ffb3115aa757abefba7fba90bad5dd0a C:\WINDOWS\system32\en-us\tQuery.dll.mui

MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll

MD5: 4f1c45f1f0fd7d9a8940a285d44e7b8b C:\WINDOWS\system32\hccutils.DLL

MD5: 1760f39b51a1cadabaf8d763c271ac52 C:\WINDOWS\system32\hkcmd.exe

MD5: e185f45c2cad36de9e7cb9677c625dc5 C:\WINDOWS\system32\ieapfltr.dll

MD5: e8e70fe0a1357342503af4c8976f0965 C:\WINDOWS\system32\ieframe.dll

MD5: 5dd6cea06d9398b6f9379e969741cd0f C:\WINDOWS\system32\iepeers.dll

MD5: 1ff73b39179b05b320404a2b0717a286 C:\WINDOWS\system32\iertutil.dll

MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll

MD5: 3f2c683f25ef6f397f6638f3e0c521ff C:\WINDOWS\system32\igfxdev.dll

MD5: 0e153ba8123c525ff2b6771138d710a0 C:\WINDOWS\system32\igfxpers.exe

MD5: c8f9114280feb509f413742dd342b18a C:\WINDOWS\system32\igfxpph.dll

MD5: cd39737952134241fcac0ca9fff93586 C:\WINDOWS\system32\igfxrENU.lrc

MD5: 5d14d913dff72a84650a8b4263903f95 C:\WINDOWS\system32\igfxress.dll

MD5: 2c5918420a2fc3245629d7a1ec29ed25 C:\WINDOWS\system32\igfxsrvc.dll

MD5: c6dba50f46176398d07dafb34e440e95 C:\WINDOWS\system32\igfxsrvc.exe

MD5: b729360204dcd8d1d0e5b8516ab6b6ba C:\WINDOWS\system32\igfxtray.exe

MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll

MD5: a77f650fe3c5ac3b5d26dbd86d7e18e0 C:\WINDOWS\system32\InetClnt.dll

MD5: 57aa18b2896055e8cb269b19dd85e7f3 C:\WINDOWS\system32\INETCOMM.dll

MD5: b6932761058dc21beaa7a1245b1b20e6 C:\WINDOWS\system32\infosoft.dll

MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\system32\JScript.dll

MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll

MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll

MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll

MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll

MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr

MD5: 7bd2d27143f94b2103ac694ebbb7ce10 C:\WINDOWS\system32\LPRHELP.dll

MD5: ecff42413e9744a6f80ba8f2a77704af C:\WINDOWS\system32\lprmon.dll

MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll

MD5: 25def2ef843275862ffbf55487cefddd C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx

MD5: 95ce557d16a75606ccc2d7f3b0b0bccb C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

MD5: 54fc590185d7d00d65e53b9a5990dc14 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

MD5: 1e744353bd534405187a404667da3dc3 C:\WINDOWS\system32\mgmtapi.dll

MD5: 69a5adf546505f4c69ef3046bf798b49 C:\WINDOWS\system32\MPRUI.dll

MD5: 3f790874a85819e94574f3e7af9c5806 C:\WINDOWS\system32\msctfime.ime

MD5: 75450799db55482cbdc7a54c51a0f238 C:\WINDOWS\system32\mshtml.dll

MD5: 40dbbd3c11217ac666b0f8a0744ef1ab C:\WINDOWS\system32\mshtmled.dll

MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll

MD5: 85ac5f11d4759d13674b3e92eac3f140 C:\WINDOWS\system32\msident.dll

MD5: 7ed041c7f82a381417aa3f43ab55f95a C:\WINDOWS\system32\msidntld.dll

MD5: 140ef97b64f560fd78643cae2cdad838 C:\WINDOWS\system32\MsPMSNSv.dll

MD5: 6e914eedd145c5acce56f4d5f3d606fc C:\WINDOWS\system32\mssph.dll

MD5: 64b33cc5bf131def2721394cf9b3f8ed C:\WINDOWS\system32\MSVBVM60.DLL

MD5: e3c817f7fe44cc870ecdbcbc3ea36132 C:\WINDOWS\system32\MSVCP100.dll

MD5: bf38660a9125935658cfa3e53fdc7d65 C:\WINDOWS\system32\MSVCR100.dll

MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll

MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll

MD5: a0ae7f043497c9971e9d7fe291099d40 C:\WINDOWS\system32\msxml6.dll

MD5: bbdfdbead1b7a1cfd44bfffd177fb627 C:\WINDOWS\system32\mucltui.dll

MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\NETAPI32.dll

MD5: 20fd44370267ccd0a64a1b31861c21d2 C:\WINDOWS\system32\netmsg.dll

MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll

MD5: 1414e666316ca7d9823dbd2d4ada5971 C:\WINDOWS\system32\NETUI2.dll

MD5: ab87c54ca19675880b0cae65b8af140c C:\WINDOWS\system32\npDeployJava1.dll

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll

MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll

MD5: d59a7119054d70fc745a1bf9c06dcc65 C:\WINDOWS\system32\oeph.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll

MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll

MD5: 9a257b90323470ab065e9544bec5c01c C:\WINDOWS\system32\pngfilt.dll

MD5: 77de1f81666a4766bfed712dc7232f4e C:\WINDOWS\system32\PresentationNative_v0300.dll

MD5: b2cf9f1f606dec23f70a40b01df3c396 C:\WINDOWS\system32\printui.dll

MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll

MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll

MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll

MD5: f0a0ebf086597e645bc14b0d98f8ba58 C:\WINDOWS\system32\scrrun.dll

MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\security.dll

MD5: 62bdf8e945f23bee485bb3cb4ed19cb7 C:\WINDOWS\system32\SHDOCVW.dll

MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll

MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll

MD5: adc086a90695945b2a0544ac2397b114 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PS5UI.DLL

MD5: 8365b78c019d145b705cc0819fe35693 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL

MD5: 4dd6e923d831257531ba564c7860038c C:\WINDOWS\System32\spool\PRTPROCS\W32X86\x5print.dll

MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe

MD5: 77a54bdfbad4604e6131ae68e3cf76d6 C:\WINDOWS\system32\srclient.dll

MD5: 92e2a2574186bcbb7027a6048e1b8b1b C:\WINDOWS\system32\srrstr.dll

MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll

MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll

MD5: 8357809e111e09393633039769d96281 C:\WINDOWS\system32\tcpmib.dll

MD5: 32933b07fc16d9f778bee12545fa1b1a C:\WINDOWS\system32\tcpsvcs.exe

MD5: 4763ce0b8cf4ca355db2fe6c74675db8 C:\WINDOWS\system32\twext.dll

MD5: ba8fdf82d0b1316d5eaf60f5a0498de1 C:\WINDOWS\system32\uncdms.dll

MD5: 11220e8430101cc5d47521a9515d173f C:\WINDOWS\system32\urlmon.dll

MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe

MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll

MD5: 142e08e570d8fcd87e845f1463c1aece C:\WINDOWS\system32\VBScript.dll

MD5: d37f42709d6ecc7642eec8843a676a7b C:\WINDOWS\system32\VXBLOCK.dll

MD5: 4306fa2f1099d7c606139255fdb62b19 C:\WINDOWS\system32\wbem\framedyn.dll

MD5: 116c7a47401a06ffc8e08c7e6d9a6daa C:\WINDOWS\system32\webcheck.dll

MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll

MD5: 8381b36d077d043d0d4fe6ac94c44a1f C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll

MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll

MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll

MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll

MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll

MD5: 277f3e3333f1d10ca428568197fcce70 C:\WINDOWS\system32\wsnmp32.dll

MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\WINDOWS\system32\wuauclt.exe

MD5: c31dd4cec06d2908ae5f212a0b13805b C:\WINDOWS\system32\wuaucpl.cpl

MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll

MD5: c88c65df1ed4dfd34cfbd11cdfe519a3 C:\WINDOWS\system32\wucltui.dll

MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll

MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\XmlLite.dll

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll

MD5: ccdb8749499ba6568b085e4511485d92 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_35349982\ATL90.DLL

MD5: 5af224814de97058de7622bb8276770c C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcm90.dll

MD5: 0d94140fc0c701d8e93d2eceb0b44057 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\MSVCP90.dll

MD5: fa093f6a65507f7c2ae9697ce2a904cc C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\MSVCR90.dll

MD5: 465e465d3346af882a066a660c1d3c69 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90.dll

MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll

No file uploaded.

Scan finished - communication took 2 sec

Total traffic - 0.04 MB sent, 1.15 KB recvd

Scanned 998 files and modules - 283 seconds

==============================================================================

Link to post
Share on other sites

RogueKiller V8.4.2 [Dec 31 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Mark [Admin rights]

Mode : Scan -- Date : 01/05/2013 15:07:45

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤

[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND

[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD6400AAKS-75A7B2 +++++

--- User ---

[MBR] 254954227fc8d2426f64ca64d9f0da3a

[bSP] 3b83ad77660a0b1dca762ed603421109 : Dell MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 600439 Mo

2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 1229791815 | Size: 9993 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_01052013_02d1507.txt >>

RKreport[1]_S_01052013_02d1507.txt

Link to post
Share on other sites

The Bitdefender scan is good.

Continue with the following:

Download to your Desktop FixPolicies.exe, by Bill Castner, MS-MVP, a self-extracting ZIP archive from

>>> here <<<

  • Double-click FixPolicies.exe.
  • Click the "Install" button on the bottom toolbar of the box that will open.
  • The program will create a new Folder called FixPolicies.
  • Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
  • A black box will briefly appear and then close.
  • This fix may prove temporary. Active malware may revert these changes at your next startup. You can safely run the utility again.

Step 2

Please download the following program to your Desktop >> Unhide <<

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives.

When Unhide is complete, it will create a logfile on the Windows Desktop called Unhide.txt.

Copy & Paste contents of that log for review.

Step 3

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your antivirus program

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Full Scan. i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.

Tell me, How is the system ?

Re-enable your antivirus program.

Link to post
Share on other sites

Unhide by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Unhide.exe can be found at this link:

http://www.bleepingc...opic405109.html

Program started at: 01/09/2013 12:52:19 PM

Windows Version: Windows XP

Please be patient while your files are made visible again.

Processing the C:\ drive

Finished processing the C:\ drive. 383911 files processed.

Processing the E:\ drive

Finished processing the E:\ drive. 36 files processed.

Processing the F:\ drive

Finished processing the F:\ drive. 0 files processed.

Processing the G:\ drive

Finished processing the G:\ drive. 0 files processed.

Processing the H:\ drive

Finished processing the H:\ drive. 0 files processed.

The C:\DOCUME~1\Mark\LOCALS~1\Temp\smtmp\ folder does not exist!!

Unhide cannot restore your missing shortcuts!!

Please see this topic in order to learn how to restore default

Start Menu shortcuts: http://www.bleepingc...opic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.

- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

No registry changes detected.

Program finished at: 01/09/2013 01:14:19 PM

Execution time: 0 hours(s), 22 minute(s), and 0 seconds(s)

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.09.07

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

Mark :: PRINTER [administrator]

Protection: Enabled

1/9/2013 1:24:02 PM

mbam-log-2013-01-09 (13-24-02).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 367486

Time elapsed: 24 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 2

HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Are you the only or main user of this system? or is it another user-account that has "no files" on the Desktop?

Are you logged in with an administrator-rights account ?

The Unhide utility did not find a %Temp%\smtmp\ folder where the malware would have been expected to hide them.

What was on the desktop and to which account did they belong.

Also, while using Windows Explorer, take a look at the contents of this folder =>

C:\Documents and Settings\All Users\Desktop

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Then copy/paste the following into your post (in order):

  • the contents of OTL.txt;
  • the contents of Extras.txt ; and
  • the contents of checkup.txt

Be sure to do a Preview prior to pressing Add Reply because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

I'll run that other stuff in a little bit. I am not the only user, but the only user whose desktop icons are gone. The desktop had program icons, and they are easy to replace. But, it also had folders with data in them. The All Users desktop has nothing in it, and the Administrator Desktop has nothing in it.

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.56

Windows XP Service Pack 3 x86

Internet Explorer 7 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

McAfee Anti-Virus and Anti-Spyware

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Java 6 Update 16

Java 7 Update 9

Adobe Flash Player 11.5.502.146

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox (17.0.1)

````````Process Check: objlist.exe by Laurent````````

McAfee VirusScan mcods.exe

Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link to post
Share on other sites

OTL logfile created on: 1/12/2013 3:03:54 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mark\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.97 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 69.96% Memory free

4.81 Gb Paging File | 3.83 Gb Available in Paging File | 79.60% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 586.37 Gb Total Space | 523.61 Gb Free Space | 89.30% Space Free | Partition Type: NTFS

Drive L: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Drive P: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Drive U: | 912.46 Gb Total Space | 13.54 Gb Free Space | 1.48% Space Free | Partition Type: NTFS

Drive V: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Drive X: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Computer Name: PRINTER | User Name: Mark | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/12 15:03:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mark\My Documents\Downloads\OTL.exe

PRC - [2012/11/16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe

PRC - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

PRC - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

PRC - [2012/11/09 06:48:10 | 000,203,400 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

PRC - [2012/10/24 12:57:52 | 001,157,008 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

PRC - [2012/10/24 12:57:04 | 001,179,024 | ---- | M] (Intuit Inc.) -- C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE

PRC - [2012/10/24 12:06:54 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

PRC - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012/09/15 21:53:21 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

PRC - [2012/09/12 11:21:04 | 001,278,648 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe

PRC - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

PRC - [2012/04/11 07:00:36 | 004,706,304 | ---- | M] () -- C:\Program Files\Synology\Assistant\DSAssistant.exe

PRC - [2012/03/09 15:10:16 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

PRC - [2011/06/17 12:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

PRC - [2011/02/18 01:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe

PRC - [2010/03/06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

PRC - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009/10/15 14:19:22 | 001,897,952 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

PRC - [2009/07/07 11:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

PRC - [2009/06/30 12:22:54 | 001,316,192 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe

PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe

PRC - [2008/07/11 08:22:56 | 000,251,184 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

PRC - [2008/05/27 08:36:20 | 000,206,128 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\nassche.exe

PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/10 03:16:23 | 015,880,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MenuSkinning\d0cb1071246f1705804bd053f738fab7\MenuSkinning.ni.dll

MOD - [2013/01/10 03:16:13 | 000,284,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\562b1c946399aeedaa8178ebe6621f09\VistaBridgeLibrary.ni.dll

MOD - [2013/01/10 03:16:10 | 002,571,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\DellDock\a9c0601a9857e118c45b6fbaac1e6d8b\DellDock.ni.exe

MOD - [2013/01/10 03:16:10 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll

MOD - [2013/01/10 03:16:08 | 000,286,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MyDock.Util\6abaf0283201a9f41a37dfcf2b1c94e1\MyDock.Util.ni.dll

MOD - [2013/01/10 03:14:05 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\edbf4e4a55e63b9fbf0b0b40cba13063\System.Core.ni.dll

MOD - [2013/01/10 03:14:00 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a351cdca2d71ee68ae3a581e13553b19\PresentationFramework.Luna.ni.dll

MOD - [2013/01/10 03:13:58 | 000,368,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbfa6bdbfea6f90f3b604c3efce24047\PresentationFramework.Aero.ni.dll

MOD - [2013/01/10 03:13:57 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll

MOD - [2013/01/10 03:13:47 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7376da3c5dca2b5fadfad0b1eaf76da7\System.Web.Services.ni.dll

MOD - [2013/01/10 03:13:23 | 014,329,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2abe0b9f0e996273614f4cf1f6808eed\PresentationFramework.ni.dll

MOD - [2013/01/10 03:13:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll

MOD - [2013/01/10 03:13:05 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll

MOD - [2013/01/10 03:12:56 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll

MOD - [2013/01/10 03:12:50 | 000,060,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\0b5c7d832d0a10ddcfa764d3e4adce14\UIAutomationProvider.ni.dll

MOD - [2013/01/10 03:12:44 | 012,218,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2e26794770e6d33cf79a7f8daa4a48c3\PresentationCore.ni.dll

MOD - [2013/01/10 03:12:28 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll

MOD - [2013/01/10 03:12:16 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll

MOD - [2013/01/10 03:12:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/10 03:12:06 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/10 03:11:56 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2012/11/29 16:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll

MOD - [2012/10/24 12:57:38 | 000,101,264 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\ReportBridge.DLL

MOD - [2012/10/24 12:57:32 | 000,126,352 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QBMAPILibrary.dll

MOD - [2012/10/24 12:57:30 | 000,020,880 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QBCompressor.DLL

MOD - [2012/10/24 12:57:28 | 000,070,032 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\QB2WPFBridge.dll

MOD - [2012/10/24 12:57:22 | 000,093,072 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetInterop.dll

MOD - [2012/10/24 12:57:22 | 000,070,544 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\IPDWidgetBridge.DLL

MOD - [2012/10/24 12:57:22 | 000,042,384 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\mbpopup.dll

MOD - [2012/10/24 12:57:18 | 000,057,744 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\htmlhelper.dll

MOD - [2012/10/24 12:57:10 | 000,268,688 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\boost_regex-vc90-mt-p-1_33.dll

MOD - [2012/10/24 12:57:10 | 000,176,528 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\boost_serialization-vc90-mt-p-1_33.dll

MOD - [2012/10/24 12:57:08 | 000,348,048 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\BackupLib.dll

MOD - [2012/10/24 09:57:44 | 000,098,192 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\Webification.DLL

MOD - [2012/04/11 07:00:36 | 004,706,304 | ---- | M] () -- C:\Program Files\Synology\Assistant\DSAssistant.exe

MOD - [2011/02/18 01:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe

MOD - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2009/12/05 05:31:12 | 000,027,648 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qico4.dll

MOD - [2009/12/05 05:31:02 | 000,290,816 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qtiff4.dll

MOD - [2009/12/05 05:29:44 | 000,233,472 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qmng4.dll

MOD - [2009/12/05 05:29:18 | 000,022,016 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qgif4.dll

MOD - [2009/12/05 05:29:06 | 000,135,168 | ---- | M] () -- C:\Program Files\Synology\Assistant\imageformats\qjpeg4.dll

MOD - [2009/12/05 02:50:10 | 007,819,264 | ---- | M] () -- C:\Program Files\Synology\Assistant\QtGui4.dll

MOD - [2009/12/05 02:06:28 | 000,712,704 | ---- | M] () -- C:\Program Files\Synology\Assistant\QtNetwork4.dll

MOD - [2009/12/05 02:02:22 | 002,195,456 | ---- | M] () -- C:\Program Files\Synology\Assistant\QtCore4.dll

MOD - [2009/07/07 11:24:00 | 000,268,528 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll

MOD - [2009/07/07 11:24:00 | 000,140,528 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll

MOD - [2009/07/07 11:24:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll

MOD - [2009/07/07 11:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

MOD - [2009/07/07 11:23:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll

MOD - [2009/07/07 11:23:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll

MOD - [2009/06/05 03:23:52 | 000,745,472 | ---- | M] () -- C:\Program Files\Synology\Assistant\qwt5.dll

MOD - [2005/07/19 22:18:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2011\zlib1.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- c:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe -- (SessionLauncher)

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\015145~1.EXE -- (0151451356539822mcinstcleanup)

SRV - [2013/01/09 13:55:56 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/11/16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV - [2012/11/09 06:53:22 | 000,167,344 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)

SRV - [2012/11/09 06:50:10 | 000,168,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV - [2012/11/09 06:48:10 | 000,203,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV - [2012/10/30 10:17:48 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/10/24 12:06:54 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)

SRV - [2012/09/24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV - [2012/08/31 12:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)

SRV - [2012/03/09 15:10:16 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)

SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)

SRV - [2011/02/18 01:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Synology\Assistant\UsbClientService.exe -- (UsbClientService)

SRV - [2010/02/04 13:59:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)

SRV - [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe -- (RoxMediaDB10)

SRV - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV - [2008/07/11 08:22:56 | 000,251,184 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)

SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mark\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - [2012/11/09 06:56:16 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)

DRV - [2012/11/09 06:53:02 | 000,091,168 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)

DRV - [2012/11/09 06:52:12 | 000,092,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)

DRV - [2012/11/09 06:51:12 | 000,565,352 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)

DRV - [2012/11/09 06:50:30 | 000,084,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)

DRV - [2012/11/09 06:50:30 | 000,084,432 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)

DRV - [2012/11/09 06:50:20 | 000,362,640 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)

DRV - [2012/11/09 06:50:00 | 000,065,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)

DRV - [2012/11/09 06:49:40 | 000,234,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)

DRV - [2012/11/09 06:49:10 | 000,132,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)

DRV - [2012/04/20 15:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HipShieldK.sys -- (HipShieldK)

DRV - [2011/02/18 01:20:08 | 000,046,304 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\busenum.sys -- (busenum)

DRV - [2009/06/26 11:27:40 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)

DRV - [2009/03/04 17:14:22 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2009/03/04 16:59:56 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/1

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/sphome.aspx

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110801&tt=090113_new_0213_8&babsrc=SP_ss&mntrId=bc9457de000000000000002564056cc8

IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=110801&tt=090113_new_0213_8&babsrc=HP_ss&mntrId=bc9457de000000000000002564056cc8"

FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10

FF - prefs.js..extensions.enabledAddons: pricepeep%40getpricepeep.com:2.1.322.0

FF - prefs.js..extensions.enabledAddons: %7BD19CA586-DD6C-4a0a-96F8-14644F340D60%7D:14.4.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/11/23 13:04:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/12/20 15:57:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013/01/11 23:11:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/09 14:01:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/09 14:01:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/12/26 11:37:02 | 000,000,000 | ---D | M]

[2010/02/11 17:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Extensions

[2013/01/09 14:01:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions

[2010/07/20 17:13:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012/12/06 12:45:52 | 000,243,287 | ---- | M] () (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\amznUWL2@amazon.com.xpi

[2012/09/25 13:20:28 | 000,054,396 | ---- | M] () (No name found) -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\extensions\pricepeep@getpricepeep.com.xpi

[2013/01/09 12:44:06 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\g3lri5gy.default\searchplugins\babylon1.xml

[2011/12/14 10:13:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/01/11 23:11:00 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE

[2012/10/30 10:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll

[2013/01/09 12:43:49 | 000,002,360 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012/08/30 09:08:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/07/02 12:53:04 | 000,001,949 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2012/10/19 11:35:52 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Susan\Local Settings\Application Data\Google\Chrome\Application\23.0.1271.95\pdf.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Mark\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: SiteAdvisor = C:\Documents and Settings\Mark\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\

O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627111946.dll (McAfee, Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)

O4 - Startup: C:\Documents and Settings\Mark\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)

O4 - Startup: C:\Documents and Settings\Mark\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

O4 - Startup: C:\Documents and Settings\Mark\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7522808-F9B6-49CD-85A3-814533D3A0A4}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mark\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/04/25 16:29:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{40392688-086b-11e0-86aa-002564056cc8}\Shell - "" = AutoRun

O33 - MountPoints2\{40392688-086b-11e0-86aa-002564056cc8}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{40392688-086b-11e0-86aa-002564056cc8}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{6929288b-6916-11df-869d-002564056cc8}\Shell\AutoRun\command - "" = I:\Setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/12 05:34:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee

[2013/01/11 03:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2013/01/10 03:10:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2013/01/09 13:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\Malwarebytes

[2013/01/09 13:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2013/01/09 12:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\MiponyDownloadManagerPackages

[2013/01/09 12:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2013/01/09 12:43:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\Babylon

[2013/01/05 15:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Application Data\QuickScan

[2013/01/05 14:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro

[2013/01/05 14:52:59 | 000,000,000 | ---D | C] -- C:\rsit

[2013/01/05 14:52:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2013/01/04 15:37:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mark\Desktop\Mario

[2012/12/13 18:19:07 | 000,084,432 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys

[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/12 14:58:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/01/12 14:54:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/01/12 14:27:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012UA.job

[2013/01/12 14:27:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1012Core.job

[2013/01/12 14:16:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011UA.job

[2013/01/12 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Blanca.job

[2013/01/12 02:00:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRINTER-Mark.job

[2013/01/11 22:58:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/01/11 15:16:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-338851956-1154243851-3568214133-1011Core.job

[2013/01/11 14:10:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/10 16:53:23 | 000,000,359 | ---- | M] () -- C:\Documents and Settings\Mark\.DP4WEB_BAPHARI6MARKM.sdv

[2013/01/10 11:37:49 | 002,207,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/10 11:37:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/10 11:37:35 | 3184,578,560 | -HS- | M] () -- C:\hiberfil.sys

[2013/01/10 03:11:29 | 000,514,572 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/10 03:11:29 | 000,098,476 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/09 13:56:38 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/09 13:55:54 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/01/09 13:55:54 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/01/09 12:43:37 | 000,000,000 | ---- | M] () -- C:\end

[2013/01/05 15:06:54 | 000,761,856 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\RogueKiller.exe

[2013/01/05 14:55:20 | 000,856,731 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\SecurityCheck.exe

[2013/01/05 14:51:49 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\RSIT.exe

[2013/01/04 12:51:52 | 084,754,432 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\Harisch Inc. (Herb Version) (Backup Jan 04,2013 12 49 PM).QBB

[2013/01/03 15:09:17 | 000,000,922 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\lightroom.lnk

[2013/01/03 15:08:48 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\Photoshop.lnk

[2013/01/03 15:08:21 | 000,000,726 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\firefox.lnk

[2013/01/03 15:07:35 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Mark\Desktop\filezilla.lnk

[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll

[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll

[2012/12/14 00:20:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/09 12:43:25 | 000,000,000 | ---- | C] () -- C:\end

[2013/01/05 15:06:52 | 000,761,856 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\RogueKiller.exe

[2013/01/05 14:55:16 | 000,856,731 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\SecurityCheck.exe

[2013/01/05 14:51:44 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\RSIT.exe

[2013/01/04 12:50:48 | 084,754,432 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\Harisch Inc. (Herb Version) (Backup Jan 04,2013 12 49 PM).QBB

[2013/01/03 15:07:57 | 000,000,922 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\lightroom.lnk

[2013/01/03 15:07:57 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\Photoshop.lnk

[2013/01/03 15:07:57 | 000,000,726 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\firefox.lnk

[2013/01/03 15:07:21 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Mark\Desktop\filezilla.lnk

[2012/07/03 15:12:11 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini

[2012/03/03 14:50:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Mark\Local Settings\Application Data\PUTTY.RND

[2012/02/16 02:08:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011/01/18 11:50:14 | 000,069,872 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2010/11/24 16:47:59 | 000,000,359 | ---- | C] () -- C:\Documents and Settings\Mark\.DP4WEB_BAPHARI6MARKM.sdv

[2010/11/17 14:32:57 | 000,000,029 | ---- | C] () -- C:\Documents and Settings\Mark\FullColor.config

========== ZeroAccess Check ==========

[2008/04/25 16:34:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2009/12/22 00:21:02 | 001,509,888 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/09 12:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2012/07/03 15:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES

[2012/07/03 15:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance

[2011/01/17 13:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[2012/07/03 15:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11

[2011/03/04 11:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall

[2012/07/06 13:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xerox

[2013/01/09 12:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Babylon

[2011/01/17 14:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011/02/25 12:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\com.redcart.RedCartDesktop.3483DAB2E0A4C2F8F40D1ABD90B7D187155E6A71.1

[2013/01/09 15:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\FileZilla

[2010/05/26 17:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Leadertech

[2013/01/09 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\MiponyDownloadManagerPackages

[2010/05/10 12:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\NASNaviator2

[2013/01/05 15:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\QuickScan

[2009/11/18 11:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Windows Desktop Search

[2010/03/20 11:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Windows Live Writer

[2009/12/22 12:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Windows Search

[2010/01/28 16:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mark\Application Data\Xerox

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 1/12/2013 3:03:58 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mark\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.97 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 69.96% Memory free

4.81 Gb Paging File | 3.83 Gb Available in Paging File | 79.60% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 586.37 Gb Total Space | 523.61 Gb Free Space | 89.30% Space Free | Partition Type: NTFS

Drive L: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Drive P: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Drive U: | 912.46 Gb Total Space | 13.54 Gb Free Space | 1.48% Space Free | Partition Type: NTFS

Drive V: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Drive X: | 1382.73 Gb Total Space | 113.58 Gb Free Space | 8.21% Space Free | Partition Type: NTFS

Computer Name: PRINTER | User Name: Mark | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent

"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)

"C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe" = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2 -- (BUFFALO INC.)

"C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager -- (Intuit, Inc.)

"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)

"C:\Program Files\Synology\Assistant\DSAssistant.exe" = C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{057A0C9D-5543-581B-612E-D87288AC113C}" = RedCart Desktop 1.3.4

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data

"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{11E0AC7D-6822-4F67-865F-EE1C13D28C38}" = QuickBooks Pro 2011

"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86

"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16

"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9

"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies

"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning

"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio

"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore

"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007

"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components

"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2

"{B0513493-04B9-4F21-B4AB-83E750D54256}" = Adobe Photoshop Lightroom 2.7

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn

"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery

"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer

"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module

"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"Allied Color Labs' Digital Studio v5 5" = Allied Color Labs' Digital Studio v5 5

"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"com.redcart.RedCartDesktop.3483DAB2E0A4C2F8F40D1ABD90B7D187155E6A71.1" = RedCart Desktop 1.3.4

"FileZilla Client" = FileZilla Client 3.6.0.2

"Full Color's Digital Studio v5 5" = Full Color's Digital Studio v5 5

"HDMI" = Intel® Graphics Media Accelerator Driver

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"McAfee Security Scan" = McAfee Security Scan Plus

"MCL-Modern Image's Digital Studio v5 5" = MCL-Modern Image's Digital Studio v5 5

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime

"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSC" = McAfee SecurityCenter

"MSNINST" = MSN

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Production Studio v5 5.0" = Production Studio v5 5.0

"SMALLBUSINESSR" = Microsoft Office Small Business 2007

"Synology Assistant" = Synology Assistant (remove only)

"UN060501" = BUFFALO NAS Navigator2

"UN090928" = BUFFALO LinkStation(LX-WXL) Setup Guide

"Windows Media Format Runtime" = Windows Media Format Runtime

"WinLiveSuite_Wave3" = Windows Live Essentials

"Xerox_Support_Centre" = Xerox Support Centre

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Allied Color ROES" = Allied Color ROES

"Full Color Ordering System" = Full Color Ordering System

"Full Color ROES" = Full Color ROES

"Printmakers ProDesign" = Printmakers ProDesign

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 1/10/2013 12:50:53 PM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3024

Description = The update cannot be started because the content sources cannot be

accessed. Fix the errors and try the update again. Context: Application, SystemIndex

Catalog

Error - 1/10/2013 9:05:39 PM | Computer Name = PRINTER | Source = Application Error | ID = 1000

Description = Faulting application mcupdmgr.exe, version 11.6.434.0, faulting module

saupkeep.dll, version 3.5.0.229, fault address 0x0006132e.

Error - 1/11/2013 3:12:23 PM | Computer Name = PRINTER | Source = QuickBooks | ID = 4

Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance

Hand

Error - 1/11/2013 3:12:23 PM | Computer Name = PRINTER | Source = QuickBooks | ID = 4

Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance

Hand

Error - 1/11/2013 3:12:23 PM | Computer Name = PRINTER | Source = QuickBooks | ID = 4

Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance

Hand

Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013

Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE

SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex

Catalog Details: A device attached to the system is not functioning. (0x8007001f)

Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013

Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE

SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex

Catalog Details: A device attached to the system is not functioning. (0x8007001f)

Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013

Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE

SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex

Catalog Details: A device attached to the system is not functioning. (0x8007001f)

Error - 1/12/2013 12:13:41 AM | Computer Name = PRINTER | Source = Windows Search Service | ID = 3013

Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE

SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex

Catalog Details: A device attached to the system is not functioning. (0x8007001f)

Error - 1/12/2013 11:45:21 AM | Computer Name = PRINTER | Source = Application Hang | ID = 1002

Description = Hanging application DSAssistant.exe, version 0.0.0.0, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]

Error - 7/13/2012 3:03:04 PM | Computer Name = PRINTER | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:

12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14120

seconds with 1380 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031

Description = The McAfee Services service terminated unexpectedly. It has done

this 1 time(s). The following corrective action will be taken in 60000 milliseconds:

Restart the service.

Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031

Description = The McAfee VirusScan Announcer service terminated unexpectedly. It

has done this 1 time(s). The following corrective action will be taken in 60000

milliseconds: Restart the service.

Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031

Description = The McAfee Network Agent service terminated unexpectedly. It has

done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:

Restart the service.

Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031

Description = The McAfee Proxy Service service terminated unexpectedly. It has

done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:

Restart the service.

Error - 1/7/2013 11:00:15 AM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7031

Description = The McAfee Anti-Spam Service service terminated unexpectedly. It

has done this 1 time(s). The following corrective action will be taken in 60000

milliseconds: Restart the service.

Error - 1/7/2013 11:05:57 AM | Computer Name = PRINTER | Source = DCOM | ID = 10010

Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register

with DCOM within the required timeout.

Error - 1/9/2013 12:37:30 PM | Computer Name = PRINTER | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.1.4 on

the Network Card with network address 002564056CC8.

Error - 1/10/2013 12:37:59 PM | Computer Name = PRINTER | Source = Service Control Manager | ID = 7000

Description = The SessionLauncher service failed to start due to the following error:

%%3

Error - 1/10/2013 12:41:43 PM | Computer Name = PRINTER | Source = DCOM | ID = 10010

Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register

with DCOM within the required timeout.

Error - 1/11/2013 3:12:49 PM | Computer Name = PRINTER | Source = DCOM | ID = 10010

Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register

with DCOM within the required timeout.

< End of report >

Link to post
Share on other sites

Whichever files you had on your dekstop, would have been under C:\Users\<your-login>\desktop

If you cannot see them, they are gone. Not much can be done about it. Did you have system backups from before this "stuff happened"??

To get going on removing & hunting for malware &/or undesirable stuff....

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

NEXT

You need to reset Firefox to standard defaults. It appears to have a rogue search setting.

To Reset Firefox to its default state:

Start Firefox

in the address bar, type in

about:support

Click on the Reset Firefox button at top right of screen.

Also see http://support.mozilla.org/en-US/kb/reset-preferences-fix-problems?s=reset+search+options&r=2&as=s

Logoff and Restart the system fresh.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

CF_download_FF.gif

CF_download_rename.gif

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on Combo-Fix.exe cf-icon.jpg accept the EULA & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

-------------------------------------------------------

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh !

Reply & Copy / Paste the contents of C:\Combofix.txt log and tell me, How is the system now ?

RE-Enable your AntiVirus and AntiSpyware applications.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.