Jump to content

Recommended Posts

Hello,

I started my request for help in the general forum but have been recommended to come here for help.

I wasn't able to complete mbam scan in normal, safe mode or chameleon.

With the help of the administrator in my previous post here's what we did:

Uninstalled all versions of mcafee and mbam. Installed MES.

Tried dds but pc froze and blue screen/reboot.

Ran mini toolbox & dds

Logs showed mcafee and java still on pc...

So administrator sent me here.

Can u help?

I just removed java update from add/remove programs and did new scan...

I uninstalled my McAfee w/firewall, and was told to install MSE, so now I have no firewall. I just want to be sure that is ok, while Im troubleshooting here??

Thank you

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6000.17117

Run by HP_Administrator at 21:56:43 on 2013-03-10

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2755 [GMT -7:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ================

.

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\Iconix\IconixService.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

C:\WINDOWS\system32\rundll32.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

C:\Program Files\DISC\DiscUpdateMgr.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\DISC\DISCover.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DISC\DiscGui.exe

C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

C:\Program Files\DISC\DiscStreamHub.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\System32\vssvc.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = hxxp://redirect.hp.com/svs/rdr?TYPE=3&tp=ebay&pf=desktop&locale=en_us&bd=all&c=q106

uProxyOverride = local;*.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll

BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: IconixBHOClass Class: {761233B6-F228-49E4-8F6B-668499D4E55A} - c:\program files\iconix\ieaddon\IconixBHO_46.dll

BHO: hpWebHelper Class: {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\webhelper.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>

uRun: [DIMDownloading your update...1300677038425] "c:\program files\corel\coreldraw graphics suite x5\draw\dim.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_907002\1300677038425\dim_params.xml" -launch=3 -uibase="c:\documents and settings\hp_administrator\application data\corel\messages\540215253_907002\en\messagecache2\workflow"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [bomgar Support Reconnect [1348348261]] "c:\documents and settings\all users\application data\apple-scc-505e2961\apple-scc.exe" -nomulti

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE

mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"

mRun: [KBD] c:\hp\kbd\KBD.EXE

mRun: [iconixOEAddOn] "c:\program files\iconix\oeaddon\OEdmn_6.exe"

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [DMAScheduler] c:\program files\sonic\digitalmedia plus\digitalmedia archive\DMAScheduler.exe

mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdateMgr.exe

mRun: [DISCover] c:\program files\disc\DISCover.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s

mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe

mRun: [ps2] c:\windows\system32\ps2.exe

mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\volumewatcher\SPUVolumeWatcher.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart16.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hdwrit~1.lnk - c:\program files\common files\panasonic\hd writer autostart\HDWriterAutoStart.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\imagem~1.lnk - c:\program files\pixela\imagemixer 3 se ver.6\transfer utility\CameraMonitor.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - {44E212AB-13EA-4CA4-BE65-197FBA170412} - c:\program files\iconix\ieaddon\IconixBHO_46.dll

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {BC3F6B6D-2E49-4603-B028-7411655713F3} - {0CC2F28D-D415-4FC6-A2E4-54B4D983609A} - c:\program files\iconix\ieaddon\IconixBHO_46.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab

DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB

DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361842039167

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx

DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/AutoCAD%202002/InstBanr.ocx

DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/InstFred.ocx

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} - hxxp://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx

DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} - hxxp://update.hpphoto.com/download/HPSWUpdate.ocx

DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{7B4804A9-C670-4DE5-BA3F-B74C68D60640} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DHCPNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned>

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\2au2xdzn.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=OCYTDF&PC=OCDY&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=OCYTDF&PC=OCDY&q=

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\documents and settings\hp_administrator\application data\move networks\plugins\npqmp071505000010.dll

FF - plugin: c:\documents and settings\hp_administrator\application data\move networks\plugins\npqmp071505000011.dll

FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\2au2xdzn.default\extensions\2020player@2020technologies.com\plugins\NP2020Player.dll

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdbplug.dll

FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll

FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll

FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_171.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - ExtSQL: !HIDDEN! 2009-08-03 23:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-1-16 161064]

R2 IconixService;Iconix Update Service;c:\program files\common files\iconix\IconixService.exe [2008-10-8 283992]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]

S2 0245821362944634mcinstcleanup;McAfee Application Installer Cleanup (0245821362944634);c:\windows\temp\024582~1.exe -cleanup -nolog --> c:\windows\temp\024582~1.EXE -cleanup -nolog [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 BEFCMU10V4XP;Linksys BEFCMU10 ver. 4 Cable Modem;c:\windows\system32\drivers\BEFCMU10V4XP.sys [2006-6-24 14336]

S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-3-9 146872]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"

.

=============== Created Last 30 ================

.

2013-03-10 23:42:18 6954968 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{838fd683-d908-4be1-b066-682f5646a028}\mpengine.dll

2013-03-10 20:36:04 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-03-10 20:30:35 -------- d-----w- c:\program files\Microsoft Security Client

2013-03-10 04:11:59 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll

2013-03-10 00:26:19 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2013-02-28 23:55:03 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Sun

2013-02-23 05:52:10 -------- d-----w- c:\program files\iPod

2013-02-23 05:52:07 -------- d-----w- c:\program files\iTunes

2013-02-23 05:52:07 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-02-15 22:04:52 208448 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M ====================

.

2013-03-09 22:08:37 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-09 22:08:37 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-02-28 18:50:28 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-28 18:50:28 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll

2013-01-20 22:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-07 01:19:45 2148864 ------w- c:\windows\system32\ntoskrnl.exe

2013-01-07 00:37:01 2027520 ------w- c:\windows\system32\ntkrnlpa.exe

2013-01-04 01:20:00 1867264 ------w- c:\windows\system32\win32k.sys

2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll

2012-12-26 20:43:21 832512 ----a-w- c:\windows\system32\wininet.dll

2012-12-26 20:43:21 1830912 ------w- c:\windows\system32\inetcpl.cpl

2012-12-26 20:43:20 78336 ------w- c:\windows\system32\ieencode.dll

2012-12-26 20:43:20 17408 ------w- c:\windows\system32\corpol.dll

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2009-01-14 19:11:06 163840 ----a-w- c:\program files\ShippingAssistant.exe

2009-01-14 19:09:54 53248 ----a-w- c:\program files\USPS.SmartClient.Presentation.Shell.Interface.dll

2009-01-14 19:09:50 65536 ----a-w- c:\program files\USPS.SmartClient.DomainModel.Workflow.dll

2009-01-14 19:09:38 176128 ----a-w- c:\program files\USPS.SmartClient.Proxy.WebTools.Http.dll

2009-01-14 19:09:36 36864 ----a-w- c:\program files\USPS.SmartClient.Proxy.WebTools.Agent.dll

2009-01-14 19:09:30 77824 ----a-w- c:\program files\USPS.SmartClient.Device.PBK700DeviceAdapter.dll

2009-01-14 19:09:28 15872 ----a-w- c:\program files\USPS.SmartClient.Device.dll

2009-01-14 19:09:22 274432 ----a-w- c:\program files\USPS.SmartClient.Common.Label.Print.dll

2009-01-14 19:09:20 374272 ----a-w- c:\program files\USPS.SmartClient.Common.eBay.Agent.dll

2009-01-14 19:09:14 356352 ----a-w- c:\program files\USPS.SmartClient.DomainModel.Repositories.dll

2009-01-14 19:09:10 20480 ----a-w- c:\program files\USPS.SmartClient.Proxy.WebTools.Provider.dll

2009-01-14 19:09:10 13312 ----a-w- c:\program files\USPS.SmartClient.Device.Common.dll

2009-01-14 19:09:08 2359296 ----a-w- c:\program files\USPS.SmartClient.Common.eBay.Provider.XmlSerializers.dll

2009-01-14 19:07:44 644160 ----a-w- c:\program files\sqlceqp35.dll

2008-08-12 17:26:42 271440 ----a-w- c:\program files\System.Data.SqlServerCe.dll

.

============= FINISH: 21:59:46.20 ===============

attach3.txt

Link to post
Share on other sites

Hello 5bears.

I will be helping you going forward. Follow my guidance, please, and do not do any fixes or changes on your own without first checking with me.

It is important that I am in-sync as to the current state of the system.

If you have questions, please stop and ask.

Read all my directions before diving in so that things are clear. Do as much as you can.

Again, if something is not clear, stop and ask.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites

Hi, thank you for your help.

Step 1. I tried to install ERUNT per your instructions, however, I was not given an option to say no to adding it to the tart folder. It states "setup will create the programs shortcuts in the following start menu shortcut" I cannot proceed without choosing accepting. Is that ok?

Also it will save in the programs folder by default.

I will wait for your instruction.

Thank you

Link to post
Share on other sites

I read down to Step 5. I am to disable my AV but not firewall. The problem is I no longer have a firewall. In the last forum I was asked to uninstall my McAfee which had my firewall, and replace it with MSE, which has no firewall.

Please advise

Link to post
Share on other sites

Please make sure the Windows firewall is on. Go to Control Panel and select Security Center.

Then be sure that the Windows firewall is on.

When I ask for antivirus to be off, that is all that we need to be off. Do not be concerned about the firewall.

As to ERUNT --- it provides a measure of a mini-safety belt for us in case something goes astray. It is a good backup.

PLEASE do the ERUNT as I outlined and allow it to create what it needs -- accept the defaults.

Please just do it and do the remaining steps ---- so we can move forward.

and advise me what "forum" you referred to ----if it is one other than here at Malwarebytes.

Link to post
Share on other sites

Ther forum I was refering to was the malwarebytes forum -general-. The Admin. recommended I start a new thread here.

Here the Logs from step 3:

Logfile of random's system information tool 1.09 (written by random/random)

Run by HP_Administrator at 2013-03-12 12:02:14

Microsoft Windows XP Professional Service Pack 3

System drive C: has 43 GB (19%) free of 230 GB

Total RAM: 3582 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:02:50 PM, on 3/12/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17117)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\Iconix\IconixService.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

C:\Program Files\DISC\DiscUpdateMgr.exe

C:\Program Files\DISC\DISCover.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

C:\Program Files\DISC\DiscGui.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\DISC\DiscStreamHub.exe

C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\vssvc.exe

C:\WINDOWS\system32\dllhost.exe

C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe

C:\Program Files\trend micro\HP_Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://redirect.hp.com/svs/rdr?TYPE=3&tp=ebay&pf=desktop&locale=en_us&bd=all&c=q106

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll

O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll

O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [iconixOEAddOn] "C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe"

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe

O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s

O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

O4 - HKLM\..\Run: [ps2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [DIMDownloading your update...1300677038425] "c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_907002\1300677038425\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\hp_administrator\application data\corel\messages\540215253_907002\en\messagecache2\workflow"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [bomgar Support Reconnect [1348348261]] "C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe" -nomulti

O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')

O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe

O4 - Global Startup: HD Writer.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.6.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll

O9 - Extra 'Tools' menuitem: Email ID Preferences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll

O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll

O9 - Extra 'Tools' menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB

O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} (Auctiva Image Uploader Control) - http://www.auctiva.com/Aurigma/ImageUploader57.cab

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361842039167

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx

O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files/AutoCAD%202002/InstBanr.ocx

O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file:///C:/Program%20Files/AutoCAD%202002/InstFred.ocx

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: McAfee Application Installer Cleanup (0245821362944634) (0245821362944634mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\024582~1.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files\Common Files\Iconix\IconixService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

--

End of file - 15162 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

C:\WINDOWS\tasks\MpIdleTask.job

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4117639358-2012749475-3948883146-1008.job

C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4117639358-2012749475-3948883146-1008.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.bing.com"

prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, {20a82645-c095-46ed-80e3-08825760534b}:1.1, moveplayer@movenetworks.com:7, 2020Player@2020Technologies.com:3.0.31.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=OCYTDF&PC=OCDY&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.6.602.171 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]

"Description"=McAfee Total Protection MIME Plugin

"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]

"Description"=

"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@movenetworks.com/Quantum Media Player]

"Description"=npmnqmp

"Path"=C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071505000011.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]

"Description"=RealPlayer LiveConnect-Enabled Plug-In

"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]

"Description"=RealJukebox Netscape Plugin

"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]

"Description"=RealNetworks RealPlayer Chrome Background Extension Plug-In

"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]

"Description"=RealPlayer HTML5VideoShim Plug-In

"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]

"Description"=RealPlayer Download Plugin

"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer]

"Description"=Unity Player 2.1.0f5

"Path"=C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

npdbplug.dll

npdbplug.xpt

nppdf32.dll

nppl3260.dll

nppl3260.xpt

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

nprjplug.dll

nprpplugin.dll

QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

answers.xml

bing.xml

creativecommons.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default\extensions\

2020Player@2020Technologies.com

{77b819fa-95ad-4f2c-ac7c-486b356188a9}

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default\searchplugins\

bing.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]

HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-15 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761233B6-F228-49E4-8F6B-668499D4E55A}]

IconixBHOClass Class - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll [2011-04-06 719192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]

hpWebHelper Class - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll [2006-05-30 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-01-11 15961088]

"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]

"nwiz"=nwiz.exe /installquiet /keeploaded /nodetect []

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]

"MaxMenuMgr"=C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [2009-01-16 181544]

"KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]

"IconixOEAddOn"=C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe [2010-03-03 342872]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-02-21 143360]

"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]

"HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-01 49152]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

"DMAScheduler"=c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe [2005-11-01 90112]

"DiscUpdateManager"=C:\Program Files\DISC\DiscUpdateMgr.exe [2005-11-11 61440]

"DISCover"=C:\Program Files\DISC\DISCover.exe [2005-11-11 1064960]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]

"Carbonite Backup"=C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [2012-03-16 1059984]

"ps2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 90112]

"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18 946352]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DIMDownloading your update...1300677038425"=c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe [2010-05-21 95592]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

"Bomgar Support Reconnect [1348348261]"=C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe -nomulti []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]

C:\PROGRA~1\UPDATE~1\9972322\Program\UPDATE~1.EXE [2006-03-18 36903]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Seagate 2GEVSHP6 Product Registration.lnk]

C:\DOCUME~1\HP_ADM~1\APPLIC~1\LEADER~1\POWERR~1\SEAGAT~1.EXE [2009-01-16 1731736]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe

HD Writer.lnk - C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

ImageMixer 3 SE Camera Monitor Ver.6.lnk - C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup

ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0

"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\DISC\DISCover.exe"="C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System"

"C:\Program Files\DISC\DiscStreamHub.exe"="C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub"

"C:\Program Files\DISC\myFTP.exe"="C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP"

"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe"="C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"

"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe"="C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"vidc.LEAD"=LCODCCMP.DLL

"aux"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave"=wdmaud.drv

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 month======

2013-03-12 12:02:14 ----D---- C:\rsit

2013-03-12 11:30:13 ----D---- C:\Program Files\ERUNT

2013-03-10 13:36:04 ----N---- C:\WINDOWS\system32\MpSigStub.exe

2013-03-10 13:30:35 ----D---- C:\Program Files\Microsoft Security Client

2013-03-09 21:11:47 ----D---- C:\Program Files\Mozilla Firefox

2013-03-09 17:26:19 ----A---- C:\WINDOWS\system32\drivers\HipShieldK.sys

2013-02-25 22:38:20 ----D---- C:\Program Files\Common Files\Adobe

2013-02-23 12:22:44 ----A---- C:\WINDOWS\IE4 Error Log.txt

2013-02-22 22:52:10 ----D---- C:\Program Files\iPod

2013-02-22 22:52:07 ----D---- C:\Program Files\iTunes

2013-02-22 22:52:07 ----D---- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-02-13 04:15:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$

2013-02-13 04:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$

2013-02-13 04:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$

2013-02-13 04:13:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$

======List of files/folders modified in the last 1 month======

2013-03-12 12:02:50 ----D---- C:\Program Files\Trend Micro

2013-03-12 12:02:20 ----D---- C:\WINDOWS\Prefetch

2013-03-12 11:32:28 ----D---- C:\WINDOWS\ERDNT

2013-03-12 11:30:13 ----RD---- C:\Program Files

2013-03-12 11:29:56 ----SD---- C:\WINDOWS\Tasks

2013-03-12 11:23:49 ----AD---- C:\WINDOWS

2013-03-12 11:23:47 ----D---- C:\WINDOWS\temp

2013-03-12 11:21:23 ----D---- C:\WINDOWS\system32\Lang

2013-03-12 11:20:23 ----D---- C:\WINDOWS\Registration

2013-03-12 11:20:09 ----D---- C:\WINDOWS\system32\CatRoot2

2013-03-12 00:02:21 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-03-12 00:02:12 ----D---- C:\Config.Msi

2013-03-12 00:02:10 ----SHD---- C:\WINDOWS\Installer

2013-03-11 23:00:39 ----SHD---- C:\System Volume Information

2013-03-10 20:02:33 ----RD---- C:\Program Files\Common Files

2013-03-10 20:02:24 ----D---- C:\Program Files\Java

2013-03-10 20:02:09 ----D---- C:\WINDOWS\system32

2013-03-10 15:30:36 ----A---- C:\WINDOWS\ntbtlog.txt

2013-03-10 14:42:14 ----SHD---- C:\WINDOWS\CSC

2013-03-10 13:52:53 ----D---- C:\WINDOWS\Minidump

2013-03-10 13:32:26 ----D---- C:\WINDOWS\system32\drivers

2013-03-10 13:32:25 ----HD---- C:\WINDOWS\inf

2013-03-10 13:31:44 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2013-03-10 13:12:33 ----RSHD---- C:\WINDOWS\system32\dllcache

2013-03-10 13:12:29 ----D---- C:\WINDOWS\system32\NtmsData

2013-03-10 12:38:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-03-10 12:32:48 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-03-09 15:08:37 ----A---- C:\WINDOWS\system32\npdeployJava1.dll

2013-03-09 15:08:37 ----A---- C:\WINDOWS\system32\deployJava1.dll

2013-03-07 16:42:25 ----A---- C:\WINDOWS\ka.ini

2013-03-02 17:39:16 ----D---- C:\WINDOWS\system32\CatRoot

2013-02-28 11:50:28 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-02-25 22:38:24 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2013-02-25 22:38:20 ----D---- C:\Program Files\Adobe

2013-02-25 22:16:12 ----D---- C:\WINDOWS\system32\Adobe

2013-02-25 18:28:12 ----SD---- C:\WINDOWS\Downloaded Program Files

2013-02-24 18:02:43 ----D---- C:\WINDOWS\system32\FxsTmp

2013-02-22 22:52:09 ----D---- C:\Program Files\Common Files\Apple

2013-02-22 22:46:47 ----DC---- C:\WINDOWS\system32\DRVSTORE

2013-02-13 05:06:21 ----D---- C:\WINDOWS\Microsoft.NET

2013-02-13 05:06:18 ----RSD---- C:\WINDOWS\assembly

2013-02-13 04:15:58 ----A---- C:\WINDOWS\system32\MRT.exe

2013-02-13 04:15:52 ----A---- C:\WINDOWS\imsins.BAK

2013-02-13 04:15:31 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-02-13 04:14:56 ----D---- C:\WINDOWS\ie7updates

2013-02-13 04:14:50 ----HD---- C:\WINDOWS\$hf_mig$

2013-02-13 04:08:15 ----D---- C:\WINDOWS\system32\en-US

2013-02-13 04:08:15 ----D---- C:\Program Files\Internet Explorer

2013-02-13 04:03:43 ----D---- C:\WINDOWS\WinSxS

2013-02-13 02:10:24 ----D---- C:\HDWLE10_TMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2006-02-21 250368]

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]

R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-19 45648]

R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2011-08-09 3840]

R1 ELhid;ELhid; C:\WINDOWS\System32\DRIVERS\ELhid.sys [2005-11-08 10112]

R1 ELkbd;ELkbd; C:\WINDOWS\System32\DRIVERS\ELkbd.sys [2005-11-08 6912]

R1 ELmon;ELmon; C:\WINDOWS\System32\DRIVERS\ELmon.sys [2005-11-08 7040]

R1 ELmou;ELmou; C:\WINDOWS\System32\DRIVERS\ELmou.sys [2005-11-08 6400]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-09 12032]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-10-20 1095009]

R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648]

R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2005-11-08 7808]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2012-08-21 26840]

R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2005-07-28 156800]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-01-13 4137984]

R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]

R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]

R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S0 ftsata2;ftsata2; C:\WINDOWS\system32\DRIVERS\ftsata2.sys []

S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []

S3 BEFCMU10V4XP;Linksys BEFCMU10 ver. 4 Cable Modem; C:\WINDOWS\system32\DRIVERS\BEFCMU10V4XP.sys [2004-07-05 14336]

S3 catchme;catchme; \??\C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-04-20 146872]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-07 49920]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-07 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-07 21568]

S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []

S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-09 11008]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-09-28 45056]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CarboniteService;CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [2012-03-16 4608656]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]

R2 ELService;Intel® Quick Resume Technology Drivers; C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe [2005-11-08 180224]

R2 FreeAgentGoNext Service;Seagate Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-01-16 161064]

R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-02-21 81920]

R2 IconixService;Iconix Update Service; C:\Program Files\Common Files\Iconix\IconixService.exe [2010-03-03 283992]

R2 IntuitUpdateService;Intuit Update Service; C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2010-08-23 13672]

R2 IntuitUpdateServiceV4;Intuit Update Service v4; C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-12-18 73728]

R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]

S2 0245821362944634mcinstcleanup;McAfee Application Installer Cleanup (0245821362944634); C:\WINDOWS\TEMP\024582~1.EXE [2012-01-09 827456]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 251248]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-02-23 74360]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-09 115608]

S3 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Link to post
Share on other sites

info.txt logfile of random's system information tool 1.09 2013-03-12 12:02:53

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02FB2C63-5763-4CDD-99E6-566C57189742}\setup.exe" -l0x9 -removeonly

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x9 /cont -removeonly

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

5 Card Slingo from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\AF012B1F-AFCE-45DB-8D6C-8AB06ADC1D6F\Uninstall.exe"

Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_171_Plugin.exe -maintain plugin

Adobe Shockwave Player 12.0-->"C:\WINDOWS\system32\Adobe\Shockwave 12\uninstaller.exe"

Agere Systems PCI Soft Modem-->agrsmdel

AnswerWorks Runtime-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu"

AstroPop Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\E44A47AF-C94B-4E3F-81A0-979FBA9DAC57\Uninstall.exe"

Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove

Barnyard Invasion from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\049D60AF-B425-4F8A-BD66-9D8C1B519D59\Uninstall.exe"

Bejeweled 2 Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\47D5A62B-1B41-4DB1-8267-ADA434FA782B\Uninstall.exe"

Belarc Advisor 8.2-->"C:\PROGRA~1\Belarc\Advisor\Uninstall.exe" "C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG"

Blackhawk Striker 2 from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\758619C0-7C97-42BB-B1E9-775F72FDAD1E\Uninstall.exe"

Blasterball 2 from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\D2DACBCD-E1FE-4C32-A49B-1EB0743D1E79\Uninstall.exe"

Blasterball 2 Remix from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\0C84A7C5-2762-4932-96BF-44A77202DCC3\Uninstall.exe"

Boggle Supreme from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\90EA5584-4290-407B-B8F2-D6E6D65A4796\Uninstall.exe"

Bookworm Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\E59F75D0-A38B-40F4-ABA2-CA35A7735473\Uninstall.exe"

Bounce Symphony from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\5DAA9E44-1B31-41CD-88A8-228EDED6E36E\Uninstall.exe"

Carbonite-->C:\Program Files\Carbonite\Carbonite Backup\CarboniteSetup.exe /remove

Chuzzle Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\BA42B721-D70B-4412-ABA6-057B5823FDE9\Uninstall.exe"

Corel Graphics - Windows Shell Extension-->c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellUninst.exe -ProductCode {72DB27D3-FE05-4227-AF5A-11CD101ECF09} -arp

CorelDRAW Graphics Suite X5 - IPM HSE-->MsiExec.exe /I{031340C8-1733-40FE-BF52-83B599021BA9}

CorelDRAW® Home & Student Suite X5-->C:\Program Files\Corel\CorelDRAW Graphics Suite X5\Setup\SetupARP.exe /arp

Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"

Crystal Maze from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\3D61540E-C88C-4358-B6A1-DC26648F2A3D\Uninstall.exe"

DISCover-->"C:\Program Files\DISC\uninstall.exe"

Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

Family Feud-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\413773DA-62DE-4C4C-A0F9-10EFB9317DE5\Uninstall.exe"

FATE from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\3320769C-062B-4670-BD6B-AA4B3D0E9903\Uninstall.exe"

Freemake Video Converter version 3.2.1-->"C:\Program Files\Freemake\Freemake Video Converter\Uninstall\unins000.exe"

GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"

High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat

HP Game Console and games-->C:\Program Files\WildTangent\Apps\hpuninstall.exe

HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat

HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat

HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u

HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat

HP Rhapsody-->C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log

HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

Iconix® eMail ID-->"C:\Program Files\Iconix\Uninstaller.exe"

ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"

Insaniquarium Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\A09026AE-8F16-4929-B4E6-1825535844DB\Uninstall.exe"

Intel® PRO Network Connections Drivers-->Prounstl.exe

Intel® Quick Resume Technology Drivers-->MsiExec.exe /X{8C22F265-DE76-44D1-8A79-A71D819137DA} /qb!

Intel® Viiv™ Software-->MsiExec.exe /X{27E395E5-EB04-4BFD-96C3-C9A102E97E1B}

iTunes-->MsiExec.exe /I{268278CF-FB69-4D98-B70E-BFEC1CDCA225}

Lemonade Tycoon 2 from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\F38688AF-57C2-4A9C-BFEF-25F3AEC11F1E\Uninstall.exe"

Lexibox Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\9844050E-4CA4-4901-A53D-A5D14C63789B\Uninstall.exe"

Mah Jong Quest from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\538B9061-0C77-4FB2-903F-EC42A1FF5DD8\Uninstall.exe"

Microsoft .NET Framework 1.0 Hotfix (KB2572066)-->"C:\WINDOWS\$NtUninstallKB2572066$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.0 Hotfix (KB2604042)-->"C:\WINDOWS\$NtUninstallKB2604042$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.0 Hotfix (KB2656378)-->"C:\WINDOWS\$NtUninstallKB2656378$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.0 Hotfix (KB979904)-->"C:\WINDOWS\$NtUninstallKB979904$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.0 Security Update (KB2698035)-->"C:\WINDOWS\$NtUninstallKB2698035$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.0 Security Update (KB2742607)-->"C:\WINDOWS\$NtUninstallKB2742607$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL

Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}

Mozilla Firefox 19.0.2 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"

NoAd HOSTS file (remove only)-->"C:\Program Files\NoAd HOSTS file\uninst.exe"

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"

Polar Bowler from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\1FFA88DF-0AC3-4D9E-9139-5FF98813C12C\Uninstall.exe"

Polar Golfer from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\55275778-F7D9-4BA0-95F4-DEFD71ADDFD9\Uninstall.exe"

PrimoPDF -- brought to you by Nitro PDF Software-->"C:\Program Files\Nitro PDF\PrimoPDF\uninstaller.exe"

PS2-->C:\WINDOWS\system32\ps2.exe uninstall

Puzzle Express from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\0814ADC6-5B36-4144-A8EA-439C36B1BB11\Uninstall.exe"

Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"

Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG

RealPlayer-->c:\program files\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0

RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}

Remove IntelliMover Demo-->c:\hp\bin\cloaker.exe c:\hp\bin\commands.exe /c "C:\Program Files\IntelliMoverDemo\clean.bat"

Ricochet Lost Worlds from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\0AA27562-3C4E-4860-8742-7ADEBE2EFC43\Uninstall.exe"

Scholastic's I SPY Mystery-->C:\PROGRA~1\SCHOLA~1\ISPYMY~1\UNWISE.EXE C:\PROGRA~1\SCHOLA~1\ISPYMY~1\INSTALL.LOG

SCRABBLE from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\B7217206-A362-446B-A0F7-A2622B82F821\Uninstall.exe"

Seagate Manager Installer-->"C:\Program Files\InstallShield Installation Information\{6693E024-E2D3-477C-8EF9-4D484F3B3071}\setup.exe" -runfromtemp -l0x0409 -removeonly

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"

Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2722913)-->"C:\WINDOWS\ie7updates\KB2722913-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2744842)-->"C:\WINDOWS\ie7updates\KB2744842-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2761465)-->"C:\WINDOWS\ie7updates\KB2761465-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2792100)-->"C:\WINDOWS\ie7updates\KB2792100-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2797052)-->"C:\WINDOWS\ie7updates\KB2797052-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2799329)-->"C:\WINDOWS\ie7updates\KB2799329-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2757638)-->"C:\WINDOWS\$NtUninstallKB2757638$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2778344)-->"C:\WINDOWS\$NtUninstallKB2778344$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2780091)-->"C:\WINDOWS\$NtUninstallKB2780091$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2799494)-->"C:\WINDOWS\$NtUninstallKB2799494$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2802968)-->"C:\WINDOWS\$NtUninstallKB2802968$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"

Shared C Run-time for x86-->MsiExec.exe /I{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}

Shipping Assistant 3.5-->MsiExec.exe /X{15C77FC3-8137-4A5E-8F81-F559045DD6B0}

Shooting Stars Pool from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\B2AA88B1-4920-462B-9F7C-019782B3C4DB\Uninstall.exe"

Shrek 2 Ogre Bowler from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\581538B9-2ED3-45E2-96CB-22AD8F811D2A\Uninstall.exe"

Slingo Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\E0998E52-9D08-4AEE-A4F5-0BB1D8537F6E\Uninstall.exe"

Snowboard SuperJam from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\038D56DF-B15D-47F7-959F-59FA1FBB63FC\Uninstall.exe"

Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}

Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}

Spell Checker For OE 2.1-->C:\Program Files\Common Files\Microsoft Shared\proof\Uninstal.exe

Super Granny from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\0C20CAB1-F8BC-4AC1-A796-535B005C1B83\Uninstall.exe"

Tradewinds from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\B3FF79F4-CDA8-4845-A7C0-9CE017719F36\Uninstall.exe"

Turbo Lister 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}

TurboTax 2010 WinPerTaxSupport-->MsiExec.exe /I{05BDC796-3451-4F81-B91D-E98F7ADA76C2}

TurboTax 2011-->C:\Program Files\TurboTax\Deluxe 2011\Installer\TurboTax 2011 Installer.exe /u /t /a

TurboTax 2012-->C:\Program Files\TurboTax\Deluxe 2012\Installer\TurboTax 2012 Installer.exe /u /t /a

Unity Web Player-->C:\Program Files\Unity\WebPlayer\Uninstall.exe

Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"

Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"

Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"

Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"

Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"

Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"

Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall

Volo View Express-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Volo View Express\DeIsL1.isu"

WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB2502898-->"C:\WINDOWS\$NtUninstallKB2502898$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB2619340-->"C:\WINDOWS\$NtUninstallKB2619340$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB2628259-->"C:\WINDOWS\$NtUninstallKB2628259$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

Zuma Deluxe from HP Media Center (remove only)-->"C:\Program Files\WildTangent\Apps\GameChannel\Games\901E0096-B2AC-469E-A99E-2725A39C0B47\Uninstall.exe"

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: WIEBKECOMPUTER

Event Code: 7011

Message: Timeout (30000 milliseconds) waiting for a transaction response from the McAfee SiteAdvisor Service service.

Record Number: 2639

Source Name: Service Control Manager

Time Written: 20130304201214.000000-480

Event Type: error

User:

Computer Name: WIEBKECOMPUTER

Event Code: 7026

Message: The following boot-start or system-start driver(s) failed to load:

ftsata2

Lbd

Record Number: 2628

Source Name: Service Control Manager

Time Written: 20130304201143.000000-480

Event Type: error

User:

Computer Name: WIEBKECOMPUTER

Event Code: 516

Message:

Record Number: 2627

Source Name: mfehidk

Time Written: 20130304201138.000000-480

Event Type: warning

User:

Computer Name: WIEBKECOMPUTER

Event Code: 10010

Message: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.

Record Number: 2622

Source Name: DCOM

Time Written: 20130304194132.000000-480

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: WIEBKECOMPUTER

Event Code: 1007

Message: Your computer has automatically configured the IP address for the Network

Card with network address 001310BDB9C1. The IP address being used is 169.254.237.52.

Record Number: 2618

Source Name: Dhcp

Time Written: 20130304194025.000000-480

Event Type: warning

User:

=====Application event log=====

Computer Name: WIEBKECOMPUTER

Event Code: 1041

Message: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Record Number: 21454

Source Name: Userenv

Time Written: 20130206171907.000000-480

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: WIEBKECOMPUTER

Event Code: 1041

Message: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Record Number: 21453

Source Name: Userenv

Time Written: 20130206171008.000000-480

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: WIEBKECOMPUTER

Event Code: 1041

Message: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Record Number: 21452

Source Name: Userenv

Time Written: 20130206171008.000000-480

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: WIEBKECOMPUTER

Event Code: 1041

Message: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Record Number: 21451

Source Name: Userenv

Time Written: 20130206154807.000000-480

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: WIEBKECOMPUTER

Event Code: 1041

Message: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Record Number: 21450

Source Name: Userenv

Time Written: 20130206154807.000000-480

Event Type: error

User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;c:\Python22;C:\Program Files\Common Files\Autodesk Shared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel

"PROCESSOR_REVISION"=0602

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\

"asl.log"=Destination=file

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.61

Windows XP Service Pack 3 x86

Internet Explorer 7 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Scholastic's I SPY Mystery

NoAd HOSTS file (remove only)

Adobe Flash Player 11.6.602.171

Adobe Reader XI

Mozilla Firefox (19.0.2)

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Bitdefender Quickscan

QuickScan 32-bit v0.9.9.118

---------------------------

Scan date: Tue Mar 12 13:08:58 2013

Machine ID: FBE01EA

No infection found.

-------------------

Processes

---------

3148 C:\Program Files\DISC\DiscStreamHub.exe

3592 C:\Program Files\DISC\DISCUpdateMgr.exe

Bonjour 276 C:\Program Files\Bonjour\mDNSResponder.exe

CameraMonitor.exe 3232 C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

Carbonite InfoCenter 3828 C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

Carbonite Secure Backup Engine 316 C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

DiscGui 1140 C:\Program Files\DISC\DiscGui.exe

DISCover Drop & Play System 3628 C:\Program Files\DISC\DISCover.exe

DMAScheduler 3584 C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

eMail ID 1584 C:\Program Files\Common Files\Iconix\IconixService.exe

eMail ID 3508 C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe

GrooveMonitor Utility 3676 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

HD Writer 2868 C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

Hewlett-Packard Company KBD EXE 908 C:\hp\KBD\kbd.exe

hp digital imaging - hp all-in-one seri 3700 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe

hp digital imaging - hp all-in-one seri 224 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

hp digital imaging - hp all-in-one seri 3556 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

hpsysdrv 1520 C:\WINDOWS\system\hpsysdrv.exe

Intel® Quick Resume Technology 2832 C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

Intuit Update Service 552 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

Intuit Update Service 524 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

iTunes 2132 C:\Program Files\iPod\bin\iPodService.exe

iTunes 3892 C:\Program Files\iTunes\iTunesHelper.exe

LightScribe 1304 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

Messenger 2204 C:\Program Files\Messenger\msmsgs.exe

Microsoft Malware Protection 1192 C:\Program Files\Microsoft Security Client\MsMpEng.exe

Microsoft Security Client 4076 C:\Program Files\Microsoft Security Client\msseces.exe

Microsoft® Windows® Operating System 3672 C:\WINDOWS\ehome\ehmsas.exe

Microsoft® Windows® Operating System 1176 C:\WINDOWS\ehome\ehrecvr.exe

Microsoft® Windows® Operating System 1288 C:\WINDOWS\ehome\ehSched.exe

Microsoft® Windows® Operating System 3564 C:\WINDOWS\ehome\ehtray.exe

Microsoft® Windows® Operating System 2732 C:\WINDOWS\ehome\mcrdsvc.exe

Microsoft® Windows® Operating System 1636 C:\WINDOWS\system32\spoolsv.exe

Microsoft® Windows® Operating System 3100 C:\WINDOWS\system32\wuauclt.exe

MobileDeviceService 240 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Picture Motion Browser 3840 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

PsiService System Service 2488 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

RAID Event Monitor 3520 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

RAID Monitor 1752 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

Realtek HD Audio Sound Effect Manager 2076 C:\WINDOWS\RTHDCPL.EXE

Seagate FreeAgent™ Application 1132 C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

Sync 1464 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

Windows® Internet Explorer 500 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Microsoft® Visual Studio .NET 2308 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

(verified) Microsoft® Windows® Operating System 1928 C:\WINDOWS\explorer.exe

(verified) Microsoft® Windows® Operating System 3348 C:\WINDOWS\system32\alg.exe

(verified) Microsoft® Windows® Operating System 776 C:\WINDOWS\system32\csrss.exe

(verified) Microsoft® Windows® Operating System 488 C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System 3112 C:\WINDOWS\system32\dllhost.exe

(verified) Microsoft® Windows® Operating System 856 C:\WINDOWS\system32\lsass.exe

(verified) Microsoft® Windows® Operating System 2532 C:\WINDOWS\system32\rundll32.exe

(verified) Microsoft® Windows® Operating System 844 C:\WINDOWS\system32\services.exe

(verified) Microsoft® Windows® Operating System 700 C:\WINDOWS\system32\smss.exe

(verified) Microsoft® Windows® Operating System 172 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1012 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1096 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1432 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1228 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2324 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2456 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1320 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2596 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2608 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 3908 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1844 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2068 C:\WINDOWS\system32\wbem\wmiprvse.exe

(verified) Microsoft® Windows® Operating System 800 C:\WINDOWS\system32\winlogon.exe

Network activity

----------------

Process svchost.exe (1096) listens on ports: 135 (RPC)

Process svchost.exe (2596) listens on ports: 2869 (SSDP event notification, UPNP)

Process DiscStreamHub.exe (3148) listens on ports: 9485

Autoruns and critical files

---------------------------

C:\Program Files\DISC\DISCUpdateMgr.exe

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe

AUTOBACK.EXE C:\Program Files\ERUNT\AUTOBACK.EXE

AutoCAD C:\Program Files\Common Files\Autodesk Shared\acstart16.exe

Carbonite InfoCenter C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

Corel Common Framework c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe

DISCover Drop & Play System C:\Program Files\DISC\DISCover.exe

DMAScheduler C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

eMail ID C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe

GrooveMonitor Utility C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

Hewlett-Packard Company KBD EXE C:\hp\KBD\kbd.exe

Hewlett-Packard Company PS2 EXE C:\WINDOWS\system32\ps2.exe

hp digital imaging - hp all-in-one seri C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

hp digital imaging - hp all-in-one seri C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

HP Photosmart c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

HpqSRmon Application C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

hpsysdrv C:\WINDOWS\system\hpsysdrv.exe

iTunes C:\Program Files\iTunes\iTunesHelper.exe

Messenger C:\Program Files\Messenger\msmsgs.exe

Microsoft Malware Protection c:\Program Files\Microsoft Security Client\MpCmdRun.exe

Microsoft Security Client C:\Program Files\Microsoft Security Client\msseces.exe

Microsoft® Windows® Operating System C:\WINDOWS\ehome\ehtray.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll

Nikon Message Center 2 C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe

NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\NvCpl.dll

nwiz.exe C:\WINDOWS\system32\nwiz.exe

Picture Motion Browser C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

QuickTime C:\Program Files\QuickTime\QTTask.exe

RAID Event Monitor C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE

RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe

Recguard Application C:\WINDOWS\SMINST\RECGUARD.EXE

Seagate FreeAgent™ Application C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll

Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll

Browser plugins

---------------

20-20 3D Viewer C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default\extensions\2020Player@2020Technologies.com\plugins\NP2020Player.dll

AcDcToday ActiveX Control Module C:\WINDOWS\Downloaded Program Files\AcDcToday.ocx

AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Adobe Acrobat C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

Auctiva Image Uploader C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx

AutoCAD Today C:\WINDOWS\Downloaded Program Files\AcPreview.ocx

Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll

Bonjour C:\Program Files\Bonjour\mdnsNSP.dll

DNL Reader C:\Program Files\Mozilla Firefox\plugins\npdbplug.dll

eMail ID c:\program files\iconix\ieaddon\iconixbho_46.dll

GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

Hewlett-Packard Online Support Services C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll

HP eHelp c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\webhelper.dll

HP Smart Web Printing c:\program files\hp\smart web printing\hpswp_framework.dll

HP Smart Web Printing c:\program files\hp\smart web printing\hpswp_printenhancer.dll

HP Software Update C:\WINDOWS\Downloaded Program Files\HPSWUpdate.ocx

i-drop control C:\WINDOWS\Downloaded Program Files\IDrop.ocx

i-drop control C:\WINDOWS\Downloaded Program Files\IDropENU.dll

IE Tab plugin C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npIETab.dll

InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll

InstBanr ActiveX Control Module C:\WINDOWS\Downloaded Program Files\InstBanr.ocx

InstFred ActiveX Control Module C:\WINDOWS\Downloaded Program Files\InstFred.ocx

Java Deployment Toolkit 7.0.170.2 C:\WINDOWS\system32\npDeployJava1.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McContentMgr.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McHealthCheck.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McLogMgr.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McPlugins.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McProdMgr.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\MVT.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\Uploader.exe

Messenger C:\Program Files\Messenger\msmsgs.exe

Microsoft Support Diagnostic Tool C:\WINDOWS\Downloaded Program Files\MSDcode.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

Move Streaming Media Player C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071505000011.dll

npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

NPSWF32_11_6_602_171.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

RealJukebox NS Plugin c:\program files\real\realplayer\Netscape6\nprjplug.dll

RealNetworks Chrome Background Exte C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

RealPlayer Download and Record Plugin C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

RealPlayer Download Plugin C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll

RealPlayer Download Plugin c:\program files\real\realplayer\Netscape6\nprpplugin.dll

RealPlayer G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

RealPlayer G2 LiveConnect-Enabled P c:\program files\real\realplayer\Netscape6\nppl3260.dll

RealPlayer HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll

Silverlight Plug-In C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

Snapfish Activia C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.ocx

Unity Player C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll

Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\WINDOWS\system32\IEFRAME.dll

XUpload ActiveX Control C:\WINDOWS\Downloaded Program Files\XUpload.ocx

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

Missing files

-------------

File not found: C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe

--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Bomgar Support Reconnect [1348348261]"

Scan

----

MD5: 5650b193fd9f06274ba17311deacc5a8 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DAA27D4E-6BC4-4DDD-A22C-BAC88F5906CB}\mpengine.dll

MD5: 3de544a34b868038bc704cef76c40a09 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

MD5: 10737b44923217bc0e67d26a9fc1f0aa C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

MD5: 2645990c521342dcd08963d2df6cd0d2 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

MD5: e66e9c5d42aa085891a4f67e7b2ca4df C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071505000011.dll

MD5: 22c7f250f06d2d2aa0b544219afaad11 C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default\extensions\2020Player@2020Technologies.com\plugins\NP2020Player.dll

MD5: 15cbff47533f00ecf800aabf1e1f5f6a C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\2au2xdzn.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npIETab.dll

MD5: 308c9ddbd043903534514b097396e017 C:\HP\KBD\aol.dll

MD5: 261e5e3602941656a1442b255c936b9e C:\HP\KBD\cfg.dll

MD5: c81be1b951c36e97d3da90da745da5f7 C:\hp\KBD\kbd.exe

MD5: f68a3f0d63be926ed65ed1c8c5b03a3d C:\HP\KBD\led.dll

MD5: 205db5a0dd15df2657efd4b64d0cc4a3 C:\HP\KBD\msg.dll

MD5: 60db5561f7b646fa217e9ea6561e6705 C:\HP\KBD\MSIKBDIF.DLL

MD5: fb8bfcdf02173e59f8336c3eaece76e5 C:\HP\KBD\onl.dll

MD5: 5f1ec8079dcc3acb3315966a9a7e2391 C:\HP\KBD\osd.dll

MD5: 2ae54f20144b2af570587a8478d02885 C:\HP\KBD\ps2.dll

MD5: 2f420c4dcffacf50f73cab6c27dda901 C:\HP\KBD\sct.dll

MD5: 996fc333026a68a66078a4ab6c9ea54c C:\HP\KBD\url.dll

MD5: f8c008da6f620e822394781c894a06db C:\HP\KBD\USB.dll

MD5: b1bb8edc9d83d8096ee873f04cee600c C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe

MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll

MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe

MD5: 9135c8eba8e0a8cc4b1488127a5aea3f C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll

MD5: 3ccee41f40015801d045bbbd9b5ed31b C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

MD5: 67b465dca2de244deacade0e1c32f156 C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

MD5: 041cda6766da9c388e91af41b2114e4a C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

MD5: f9616d202b0124d373d2d82a4aa66b1d C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

MD5: 75b9d3fe25d597301fb7334147db2498 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

MD5: 3cb07566302bceeb898de270a0bec175 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: 60c079cb2150760263d1fe5ff6218961 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

MD5: 46da8e7484ac7a52ce1d6e428398724b C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

MD5: f6fd367c9eaaedf90cd7a7952ae0b336 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

MD5: af54247f97ccf3539de7505c09972ff9 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

MD5: ef8cd3c64ee9c08980d6d06ccce46c68 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

MD5: ff9831030678c7b6d70bac00f68f8976 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

MD5: a3609397ef273b03295dbb10274be12c C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MD5: 78865abc5f5d13190f8b35bd9044714a C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

MD5: 64894527838c86454e2f378ff39fa336 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MD5: 4fe5c6d40664ae07be5105874357d2ed C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

MD5: 4327cf9a9d0864ca0ffc97fcda97315a C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

MD5: 37cf3324f46ceb3a4f2686c617cbb35c C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

MD5: 24665b221424ffd7b71f0d2c398f2f4f C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

MD5: 0f3376083a6f6ae88bc7b0c059540661 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll

MD5: 9cbdbaf045d9572e3297e030820a21c1 C:\Program Files\Common Files\Autodesk Shared\acstart16.exe

MD5: 9f29157695ee58875b06724743ce9c42 C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

MD5: 16a9705e996f60ccb05a820c43ee5093 c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\FileInfoProvider.dll

MD5: 16e1ae7afad829c661a6ca1c556f92af c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll

MD5: 17a5bc4732b7fe2437809ca1f63efe8b C:\Program Files\Common Files\Iconix\IconixService.exe

MD5: 4bf940a921bfac209ec6cf31e091ea05 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll

MD5: ab97d171a77b5f4bafb033bf539bed42 C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll

MD5: ec133c3e2a97aa6fbc276dcccd0645bf C:\Program Files\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll

MD5: d9da7b3117bf5eff921c0cded4d58050 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

MD5: 3dc635b66dd7412e1c9c3a77b8d78f25 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

MD5: 9696786759c4b43fa5c894747e893ea2 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

MD5: 2424231bbd703a677d115c29983b4293 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

MD5: db76303b109d5d1913925ecd4140b1c0 C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

MD5: 543a4ef0923bf70d126625b034ef25af C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

MD5: cc48d35013009588b0a3f6632a81940b c:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll

MD5: f119c18d74bd778d2e5865666e6350d3 c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe

MD5: 57aa81c8f01281f8f8fce95694a25513 c:\program files\disc\backgroundcopymanager.dll

MD5: a632abf8ef6bcf77480274462790b608 c:\program files\disc\bitsdownloadmanager.dll

MD5: 4755d2028a2603b81297819f2a1d9601 c:\program files\disc\dashboardpack.dll

MD5: ba5f6c5d6cebdd619fd9d618f5e5a560 C:\Program Files\DISC\DiscDLL.dll

MD5: c5e0a639877c380134a8a36e02143d1d C:\Program Files\DISC\DiscGui.exe

MD5: da133258b77312f67a30ac7a7ded501a c:\program files\disc\discobjslib.dll

MD5: 58292a55b2d232987fdec946a7d05a7c C:\Program Files\DISC\DISCover.exe

MD5: b925f41f1faeed2f732fd800e280f4e7 C:\Program Files\DISC\DiscStreamHub.exe

MD5: ae8c96c6ba1465ae227d8292bca15b17 C:\Program Files\DISC\DISCUpdateMgr.exe

MD5: d2f1db13e2d72d7d063576380d4f8c6b C:\Program Files\DISC\downloadMgr.dll

MD5: 0696834c2ecfbdd6e2274a658ebd959d c:\program files\disc\ebgamespack.dll

MD5: 7dd35be16e2094655409a2e3a4af43d1 c:\program files\disc\interop.yummyplayer.dll

MD5: 956b490e0838e1a4ecea7f748dcf996f c:\program files\disc\logitechprofilerpack.dll

MD5: 511fae23ec6f02699418538db875c836 c:\program files\disc\microsoft.msdn.samples.bits.dll

MD5: ebe2d963fc4d934fe31f709ccec155ed C:\Program Files\DISC\MYTDLIB.dll

MD5: 44022fcc67141d7bd6b8416e5735ce74 c:\program files\disc\securecomm.dll

MD5: 0ba65224efbac44b2f290ac15ce09732 c:\program files\disc\socketcomm.dll

MD5: 17f67b8037e4d0f12545baadab263931 C:\Program Files\DISC\StdDisc.dll

MD5: a4da60b0ceff3101faff2cabac008ffd c:\program files\disc\yummypack.dll

MD5: e00de20f0f6bed5cd2160247ddc9443b C:\Program Files\ERUNT\AUTOBACK.EXE

MD5: 633a529ebaeb78ff0f50a5a658600eb4 c:\Program Files\HP\Digital Imaging\bin\hphtra08.dll

MD5: 6eb2952c4cfd9fbdaa0c9069bacd19b6 C:\Program Files\HP\Digital Imaging\Bin\hphtra09.dll

MD5: 84dceeeceee0534ef8ad2480b9b9daea C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll

MD5: df8afd370a9937e82109a95ae5be5b3a C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll

MD5: 352acd7e6a866653bcc5d2382d026fc6 C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll

MD5: e866bf8b66384c65af0c4e63da40b386 C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll

MD5: 91400ea8c0fd0cfb5d62c83896e0174f C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll

MD5: c420b584ebc9d07a9db531ba35eff4f6 C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc

MD5: cd926f5ed68ce56532e5cc631d3ba287 C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll

MD5: 22475e2b8d958165d198d24558b231ba C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll

MD5: 187924625a55edc7b196b82777c5074a C:\Program Files\HP\Digital Imaging\bin\HpqCPTA.dll

MD5: fb4f2b190261e71b54e6c50e05714b4f C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll

MD5: 58d4765ab87347db835d5693adf652c1 c:\program files\hp\digital imaging\bin\hpqcxs08.dll

MD5: 9af5ea601c06e5c64f9f006e050b931e C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll

MD5: 99ed733f614660eb32199bf889dfb7e2 c:\program files\hp\digital imaging\bin\hpqddsvc.dll

MD5: fb71b03bfef36cc57109e526562254c7 C:\Program Files\HP\Digital Imaging\bin\hpqddusr.dll

MD5: 5640607b6e4e9319edbd80c3f071c576 C:\Program Files\HP\Digital Imaging\bin\hpqmfc10.dll

MD5: d0716bd0c0822a642d36e82f49f2b5b8 c:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll

MD5: a6e02f65be0c48de7101923ae70268bd C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll

MD5: bfb91fe0b2631f23fdc8cfdd4618acec C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc

MD5: 79477455b475386dd1fecde3e56e8bbf C:\Program Files\HP\Digital Imaging\bin\hpqsoa08.dll

MD5: 941a08cbdeedf16b6c986b6ba7c9a5d0 C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

MD5: a5699775554de8897924a0f6eb5729c9 C:\Program Files\HP\Digital Imaging\bin\HpqSRTA.dll

MD5: 7fffd678c2da7bc8d05f244f6304a3e6 C:\Program Files\HP\Digital Imaging\bin\hpqstd08.dll

MD5: 439a280e5497a35237a297d90be35259 C:\Program Files\HP\Digital Imaging\bin\hpqstd08.rsc

MD5: feddd3579fee51a9873d856df3933c68 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe

MD5: 0a0a339d07ff5e9989eef1e1d476cd29 C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll

MD5: 5dd4cf50371fdf03b97f3345bd2c4e5c C:\Program Files\HP\Digital Imaging\bin\hpqstv08.dll

MD5: 67fc4efaa2e776b376ca42e74eecf943 C:\Program Files\HP\Digital Imaging\bin\hpqstv08.rsc

MD5: 021cfc69a1874431dc88befc37a2a2fd C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll

MD5: 1b2ccf8ebb5089a8541e08a458b6e494 C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll

MD5: f14219fc767f1383526ab423f278a8e3 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

MD5: 9d9f73ba0493671c59bd173419a28010 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc

MD5: 9507a8e70a620a36cf2cf60740b8f022 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll

MD5: feac3a668939ff90a37ac0d76fd16eba C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll

MD5: 1d0a76276ad7a836f29f447968c61ce6 C:\Program Files\HP\Digital Imaging\bin\hpqwso08.dll

MD5: eec6910d6da48e66390964735bc97b05 C:\Program Files\HP\Digital Imaging\bin\hpqxml2.dll

MD5: 151ef98e3178fb87d343f796537787b4 c:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll

MD5: 8e89b72cb355ea260936b3a59b5071a9 C:\Program Files\HP\Digital Imaging\Unload\hpnkhTA.dll

MD5: 4037f423494a66e9b7f85581e154361c c:\Program Files\HP\Digital Imaging\Unload\HpqUnRes.dll

MD5: 4f113169a2de985d043a5530987ad6d0 c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

MD5: 7af5a466cf4aeca28e3dcbcf5b6fd220 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

MD5: a40456de4ef7e318104955361c72ac9d c:\program files\hp\smart web printing\hpswp_framework.dll

MD5: 1062e80907867bfc14eb844241391331 c:\program files\hp\smart web printing\hpswp_printenhancer.dll

MD5: 8db8292d87d90b7b2b04581aff8e1ce0 c:\program files\iconix\ieaddon\iconixbho_46.dll

MD5: d1b5b2e7fde30f18bd5a47e214456dfa C:\Program Files\Iconix\OEAddOn\OEdmn_6.exe

MD5: ea26357bf32b0ebf935546fd78b96237 C:\Program Files\Iconix\OEAddOn\OEldr_7.dll

MD5: f3237784c1d931a13863862194292f51 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll

MD5: f340e8407877dc5bdde99443f08211d0 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

MD5: ba523965d72d750fad439ea51d633bae C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

MD5: c57e9154a51a8a969c60d55b6e46afec C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll

MD5: d1de16926c682dcd3d99ae5500ca5522 C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\ieproxy.dll

MD5: c3ddc05c898f19d35a4a2b5f707ca916 C:\Program Files\Internet Explorer\iexplore.exe

MD5: 570a48f975661221a126fcfe3b38b7e1 C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: e46b17060d3962a384ae484094614788 C:\Program Files\iPod\bin\iPodService.exe

MD5: 691baf41144ebde972a66c5eb5210fc8 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL

MD5: 665fba44c65bac9ee8af9a5e37036640 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL

MD5: 5082bc510fad849630d09da626bb7cda C:\Program Files\iTunes\iTunesHelper.dll

MD5: 8e2a7f1f62467a7dcb8ab2c0642f47ca C:\Program Files\iTunes\iTunesHelper.exe

MD5: be643cd44dd06da283634a3e51dc22bc C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL

MD5: afeeafd7cf8ed6958a81acc304c17b7d C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL

MD5: f00a0ef5835e1b96f783d617f1948704 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe

MD5: d291fa0a37901e5e5a687813fa2af2b5 C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll

MD5: 123271bd5237ab991dc5c21fdf8835eb C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

MD5: 533aecd1b5356870ae2d905b4d3b42b7 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll

MD5: 0e34b7bb1fcf22bcc1e394d16f9e992b C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

MD5: 30efebdc960a482e3e188b9960b286e2 C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL

MD5: 30db64d316f502558db2380f7343c9fd C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

MD5: d8c2b95bc2353e1f18850d6b8f5dba13 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

MD5: 207204af80505af51271fe164b56f662 C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL

MD5: 5d999bf519415d1c8ee0b97ff6a254db C:\Program Files\Microsoft Office\Office12\msohevi.dll

MD5: 118d81523ea80b9e252cb840e94754c6 C:\Program Files\Microsoft Security Client\EppManifest.dll

MD5: 3d9381a332e4373f8811c71ba5078b31 c:\Program Files\Microsoft Security Client\mpclient.dll

MD5: cb6b671ed6d97f2e9f2274eadb7517b2 c:\Program Files\Microsoft Security Client\MpCmdRun.exe

MD5: 41c34f15be216ac2233694376ca0ff9e c:\Program Files\Microsoft Security Client\MpOAv.dll

MD5: aa87d7709021503687326432dc59590d c:\Program Files\Microsoft Security Client\mprtp.dll

MD5: f556912e70b22d740c9c99e310e3c11f c:\Program Files\Microsoft Security Client\mpsvc.dll

MD5: 5ccde0fcc91ed207d4598967dd1f5889 c:\Program Files\Microsoft Security Client\MsMpCom.dll

MD5: c1f19d2bacbee9ab64d9ae69e9859ac0 C:\Program Files\Microsoft Security Client\MsMpEng.exe

MD5: 4d2f7561d8a840450aabfad3740b0e6b C:\Program Files\Microsoft Security Client\msseces.exe

MD5: 9013599b12923a45c029c34e8d2211ac C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

MD5: 2423cf371ffe31b219e5d9e58101fde3 C:\Program Files\Mozilla Firefox\plugins\npdbplug.dll

MD5: 570a48f975661221a126fcfe3b38b7e1 C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

MD5: 4d96a92905be968000b6470996e670a7 C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

MD5: 419680fce774976fd752eb425d91aedf C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

MD5: 90492e00ee4c916123bec5d267894e8c C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

MD5: 1291beebb50451c80bf7719612196508 C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll

MD5: 8a7c8f4c713e70d73946833d76b77035 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

MD5: 3b104ee76b142ecdfcd38ed80f0098a5 C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe

MD5: 164545c065d9938e7d25a382b30d38e1 C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

MD5: 6a874ede522ad92fc0b2da6d29b5b9bd C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\GetUSBDeviceID.DLL

MD5: ee89c295d592ec77b4789ea352d938b0 C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\IMxCameraInfo.dll

MD5: 8e0c32c649d0ea53e8dba2f213e7a577 C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\pxl_m17n_tool.dll

MD5: 8dda2b606279753601f9415da503ca63 C:\Program Files\QuickTime\QTTask.exe

MD5: 4d96a92905be968000b6470996e670a7 c:\program files\real\realplayer\Netscape6\nppl3260.dll

MD5: 90492e00ee4c916123bec5d267894e8c c:\program files\real\realplayer\Netscape6\nprjplug.dll

MD5: 1291beebb50451c80bf7719612196508 c:\program files\real\realplayer\Netscape6\nprpplugin.dll

MD5: d412ac27fe3c9f8bc19741dac0e0329d C:\Program Files\Real\RealUpgrade\realupgrade.exe

MD5: 187429da7630d6eec520b338e4d29e45 C:\Program Files\Seagate\SeagateManager\Encryption\SFEConfiguration.dll

MD5: f6378c5b6f9c1ee04cee11f060d3fda6 C:\Program Files\Seagate\SeagateManager\Encryption\SFECopier.dll

MD5: f18a802bc2f9a0f8a8d57114cbd1463e C:\Program Files\Seagate\SeagateManager\Encryption\SFECrypto.dll

MD5: 7a2ece869804a76d9757c1865556f4e5 C:\Program Files\Seagate\SeagateManager\Encryption\SFEPassword.dll

MD5: 31695ddd1eb3a6300b6dd04158b2d4cd c:\program files\seagate\seagatemanager\freeagent status\ot4maxmenu.dll

MD5: 1eb7340a8938d65c49bcac94a540b793 C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

MD5: eb1951e61c28b3b7d812a47adb976e60 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

MD5: bacdf428635297976f0d127d7886e1f6 C:\Program Files\Seagate\SeagateManager\Sync\STXDEVIF.dll

MD5: 8c1846cf3628c1af15e8a21bb48cb38a C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

MD5: 7d4feb141189442c86a6b9d33134eb41 c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\EAFunctions.dll

MD5: 863abb8788d7a4562d845a70b3cca426 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\MFC71U.DLL

MD5: 145076536db5e6561c0e24e047b07a62 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

MD5: 3d239d80dc75619418ad4ce4346536e5 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcherLOC.DLL

MD5: c5b3e5074a6155139d90c660a1859f0e C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll

MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL

MD5: 00ab99e13c24aee11a547be3301eaf59 c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll

MD5: df695e9850f66cccc70659975184df2a c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MD5: 236b31c60d401f1ab428ca14d808dc95 c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll

MD5: fc7fa8c8c3293afeec1145b509712227 c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll

MD5: b15120fdd741500c20c4dcbb29baab46 c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MD5: a5205b3af85b1477ab2c2a1e12201598 c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MD5: ed4558869c7d2251f86cc24b90f15976 c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MD5: 937fbd23997a91af923d5e89286126bd C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll

MD5: 16f96c1496cbd0965285ab19a9271d02 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MD5: 9631b15db7c43c267636ff43c3075e07 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

MD5: f054572a92573ca32d5f3aa8c15d2bac C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

MD5: 12500e86fafeb5cb22c0aba370cfffbd C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MD5: 26d2b399e87f2df5dbce2dac24d94cff C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MD5: c0770e006d0556d359f586ed86ead004 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MD5: fe88e72f1b01ef8334e47ec44117559f C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MD5: f71a731e236fb55e3585dc5391d286d3 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MD5: 54b21273aaf8a0ba1c06494ffb21bb29 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll

MD5: 515d0e89532fa76488be97427de4207f C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll

MD5: e5210eb71e2017951050550067c30093 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MD5: b37a7c2b855fa1523a6840246c250fb2 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MD5: 1d114e646e5cc8b6d18238eba210f9ae C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MD5: bc204ce4cd9d08d6b178dfc77095b850 C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MD5: b89cb7f3f1a1e2807e708f5435deb13d C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll

MD5: c1c4025b5f5311ac8bcc318b0c244d58 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MD5: 579425596c4e66a010213f70be2b2182 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MD5: 2849f13593d2712ccb97ffbdd3c1232e C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MD5: 50d2943d426ba91771ad87fdec802ac3 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

MD5: 111c12035c1a4e84d5639539e01b3aef C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MD5: eb97291e3c9e0035b47b45dbb1af710d C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MD5: 89542a319d18140413d719615b5433b5 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MD5: e81c1973ffa396c1d49aabdabc37bdca c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_16b2b8f0\mscorlib.dll

MD5: 426039d01c562bac141909b04239003e c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e8b14108\system.drawing.dll

MD5: 4c8887bc8e03f0ec3de7e271091f766f c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_0ade2641\system.windows.forms.dll

MD5: 8e33ea351bf7e20bf0be7c431d624b93 c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_0cab6959\system.xml.dll

MD5: fe038d2d0353f47639da1d434983cf25 c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_005fd56d\system.dll

MD5: 09523afbc5937d7cc786fc9c74d2d516 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MD5: c1649188479440aa5834eda555445cdc C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll

MD5: 4b3685aa700084e4ed6635fc1efd9cc2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MD5: bd7bd4e342ab3ab84c1441aa76213605 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll

MD5: 7fd5da8145c09858ac201d4a29df242d C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll

MD5: 19348207eadadf20555601d4513793d5 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll

MD5: 511c9e3dd98b1a403aab8f2dbdcb667c C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll

MD5: 3fdcd4b976af5ff4b345cb5cdbf19490 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll

MD5: 05b1b94698939457571e4dcf96eddf9b C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll

MD5: e12abf37bc028ad53fc3f4984f227fdc C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\01e360ed3a3cb2b0a3c47c7f3eb09e58\System.Runtime.Remoting.ni.dll

MD5: 40cb47f60854703f7a13594fe01b6486 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll

MD5: 3724a9c6025168fd53c6b5a385d6de08 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll

MD5: 2d035877d6658c12b70ed978baf7b3ec C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll

MD5: 73d67a7f55a6438f10e35f16d47aba29 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll

MD5: 82e1ff067a74bf3ec61d1962ad9335bc C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll

MD5: 3d950983cbfac3a1aa35696810c2e9bf C:\WINDOWS\Downloaded Program Files\AcDcToday.ocx

MD5: e24d3b63bc9aa3fc9c0ed1871b7b4fe7 C:\WINDOWS\Downloaded Program Files\AcPreview.ocx

MD5: f8f4beaaa78b3daee48c0f26063864a1 C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll

MD5: 737f8e1ee81e82adc236e321e9b011b0 C:\WINDOWS\Downloaded Program Files\HPSWUpdate.ocx

MD5: 4bad20339bf6f42342713ab7a0a8b099 C:\WINDOWS\Downloaded Program Files\IDrop.ocx

MD5: 900f6763fd7e72ec0c7fe5c9522c6624 C:\WINDOWS\Downloaded Program Files\IDropENU.dll

MD5: 23bd5d3d33582378e9e44667b2bf4c73 C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx

MD5: 7f9441faf5865b07dac75edb1deff408 C:\WINDOWS\Downloaded Program Files\InstBanr.ocx

MD5: 7277db945e523480c7b23dc718b192c3 C:\WINDOWS\Downloaded Program Files\InstFred.ocx

MD5: 6f88f1de97b7ba6e2be4dc29aeeacf0d C:\WINDOWS\Downloaded Program Files\isusweb.dll

MD5: 4af2bedfc339108f42fbda45238a3f34 C:\WINDOWS\Downloaded Program Files\McContentMgr.dll

MD5: 80a6e8d88f47bdebe7076d979d5442b3 C:\WINDOWS\Downloaded Program Files\McHealthCheck.dll

MD5: 061c34a890af71d44c13d801dfb7db27 C:\WINDOWS\Downloaded Program Files\McLogMgr.dll

MD5: 13f38e890318d6239f7d18adac882f2c C:\WINDOWS\Downloaded Program Files\McPlugins.dll

MD5: b98f891ee1433069bf05e9f65d432f1e C:\WINDOWS\Downloaded Program Files\McProdMgr.dll

MD5: ac67eeaa7677f4e9c4b8aa7eea32b028 C:\WINDOWS\Downloaded Program Files\MSDcode.dll

MD5: 5765282a4e450fe12d6f0e089c4a30ba C:\WINDOWS\Downloaded Program Files\MVT.dll

MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll

MD5: f5c79c45f1adf877dc3afdff3565ae7b C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.ocx

MD5: 9deb8c5bf6aeca9db194cace96ff0d71 C:\WINDOWS\Downloaded Program Files\Uploader.exe

MD5: 06c907de234988c37b2c591351c989d0 C:\WINDOWS\Downloaded Program Files\XUpload.ocx

MD5: 03a905fba1d62317087db5c21c0f8f62 C:\WINDOWS\ehome\ehmsas.exe

MD5: 0f0f5b564c5a3c9b38a6220230252567 C:\WINDOWS\eHome\ehProxy.dll

MD5: 5d1347aa5ae6e2f77d7f4f8372d95ac9 C:\WINDOWS\ehome\ehrecvr.exe

MD5: a53243709439ac2a4c216b817f8d7411 C:\WINDOWS\ehome\ehSched.exe

MD5: 6d280bc969218ae4a72180f907c32913 C:\WINDOWS\eHome\ehTrace.dll

MD5: 7a21e06385e748e9cb0252f1bbc493f1 C:\WINDOWS\ehome\ehtray.exe

MD5: df0a511f38f16016bf658fca0090cb87 C:\WINDOWS\ehome\mcrdsvc.exe

MD5: 621b8a1aa85635b59837f44d853b5859 C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll

MD5: c755e17bac396f9a9f468320b3f6cf46 C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

MD5: 41962d5e18e9874390bc1f074571a6bb C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll

MD5: ca75c883ea05a05b592ee3c562cfae10 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL

MD5: 3da977851fe3013741091ed584ee7658 c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll

MD5: abec6ad92ede64cfd3e63cf846248eb2 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

MD5: 425fdbf3c4f268ed0543be2e747684b7 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

MD5: 860fad57b4668a9f5f350a9d5444ae89 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

MD5: 723528449ed0d1b0ad98af3edf23101d C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

MD5: fb53a700132d9a97d1e10e9f80bd6174 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: f64fd5c7fef7fc25cba37974ff3584d7 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll

MD5: 7b1028a754bb63bbfc75b6a94c3f47e5 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll

MD5: 1986443c2f2c0e2a18e908dd241bf84d C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\culture.dll

MD5: 7d69c583dc724a8eb688d6adcc3d73a6 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll

MD5: bebdf2293f53049569285b9b2fa7ec68 c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\webhelper.dll

MD5: 0b4a7b6dcc667ac50660e0aaa5914704 C:\WINDOWS\RTHDCPL.EXE

MD5: f3eaea279f09a7779c18793c87640794 C:\WINDOWS\SMINST\RECGUARD.EXE

MD5: 36f5f5a17fb30ac2ba269b22ff34b79f C:\WINDOWS\system32\AcSignIcon.dll

MD5: 546a28fbc44b984fd92530227bf6f5c2 C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll

MD5: 07d35cd045c26dad5597934842606cba C:\WINDOWS\system32\ADVPACK.DLL

MD5: ca4603ab0cb1c86736302baa0ab5177c C:\WINDOWS\system32\BlackBox.dll

MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll

MD5: b99ff349bf53bd91fbddcd6b1ede8980 C:\WINDOWS\system32\BROWSEUI.dll

MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll

MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll

MD5: 7b2669faf4aee51fce0d492fb7738f15 C:\WINDOWS\system32\corpol.dll

MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll

MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll

MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll

MD5: aa0507f0516a4dff1b1279ab4a2abb37 C:\WINDOWS\system32\DINPUT8.dll

MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll

MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll

MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: 51a66c689ad9b9a953f75496209ae520 C:\WINDOWS\system32\DRIVERS\AGRSM.sys

MD5: 5d7be7b19e827125e016325334e58ff1 C:\WINDOWS\System32\Drivers\BANTExt.sys

MD5: bc277a864759e6ea5e89a67bd73f4c27 C:\WINDOWS\system32\DRIVERS\BEFCMU10V4XP.sys

MD5: 95974e66d3de4951d29e28e8bc0b644c C:\WINDOWS\system32\DRIVERS\e100b325.sys

MD5: 1976fedf6d7f87135c9b7f5cb4c8c868 C:\WINDOWS\system32\DRIVERS\ELacpi.sys

MD5: ae65c02444907966378454138b9f99f0 C:\WINDOWS\System32\DRIVERS\ELhid.sys

MD5: e485c3ba1daddeef3e14fea1e8fda6e1 C:\WINDOWS\System32\DRIVERS\ELkbd.sys

MD5: 0d87cb825ed6cb2ebcc147a10a42f1d6 C:\WINDOWS\System32\DRIVERS\ELmon.sys

MD5: a4add3847b67bacab6fc851a2b60fdb3 C:\WINDOWS\System32\DRIVERS\ELmou.sys

MD5: 185ada973b5020655cee342059a86cbb C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys

MD5: 41bbad646a8c842bc30ef6745a4f6ff3 C:\WINDOWS\system32\DRIVERS\hcwPP2.sys

MD5: d61e53e3fec0c92bc8dd3969fad63f87 C:\WINDOWS\system32\drivers\HipShieldK.sys

MD5: d03d10f7ded688fecf50f8fbf1ea9b8a C:\WINDOWS\system32\DRIVERS\HPZid412.sys

MD5: 89f41658929393487b6b7d13c8528ce3 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

MD5: 88b1943ecff661f765228099138cf6ab C:\WINDOWS\system32\DRIVERS\iaStor.sys

MD5: 7f2f1d2815a6449d346fcccbc569fbd6 C:\WINDOWS\system32\DRIVERS\mhndrv.sys

MD5: cf105ee42e3f71e648cebb3f666e1cf0 C:\WINDOWS\system32\DRIVERS\MpFilter.sys

MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys

MD5: eb2858f920b8135b807b5ccaa3ed73dc C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

MD5: 390c204ced3785609ab24e9c52054a84 C:\WINDOWS\system32\DRIVERS\PS2.sys

MD5: 90e1b42e49d9e91e5accaaaaefa10ce8 C:\WINDOWS\system32\drivers\RtkHDAud.sys

MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys

MD5: 6e421ccc57059b0186c6259ca3b6dfc9 C:\WINDOWS\System32\Drivers\usbaapl.sys

MD5: e989e4badcccf78e18aabf3d42b306ce C:\WINDOWS\system32\drmv2clt.dll

MD5: e615f53a40049cc43a019566979c58e6 C:\WINDOWS\system32\Dxtmsft.dll

MD5: b164a267954b2c41f7610415bd51a1ff C:\WINDOWS\system32\Dxtrans.dll

MD5: 09515d23c06928f749546e57c2400b0e C:\WINDOWS\system32\encapi.dll

MD5: a4bd412fa3be813c7bcc61f8ed21aeeb C:\WINDOWS\system32\encdec.dll

MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll

MD5: 8d1805727e8642ff88de9daeb088adef c:\windows\system32\fpalsu.dll

MD5: 2b2de038ab6e84134abd1641e2a5e451 C:\WINDOWS\system32\hcwCCnv2.ax

MD5: 4b834226811c402b1846df4f7f69e6dd C:\WINDOWS\system32\hcwECP.ax

MD5: a93f23e481b4730ac66ef01db51803c1 C:\WINDOWS\system32\hcwXDS.dll

MD5: 36247c6d5e1fe03a56ee81bb99d7e68c C:\WINDOWS\system32\hptcpmib.dll

MD5: e0b83adfb16d794a0d207fe119d03182 C:\WINDOWS\system32\HpTcpMon.dll

MD5: 5cc3838902a9257b79bd43f56d8b7275 C:\WINDOWS\system32\HPTcpMUI.dll

MD5: be3cd116130174657ead2731ab3daa5d C:\WINDOWS\system32\hpz3l5ha.dll

MD5: f4624c7d2136d279174e0f09fbd9130e C:\WINDOWS\system32\hpzidr12.dll

MD5: 51c6d8bfbd4ea5b62a1ba7f4469250d3 c:\windows\system32\hpzinw12.dll

MD5: 79834aa2fbf9fe81eebb229024f6f7fc c:\windows\system32\hpzipm12.dll

MD5: c9bd323b1bdbfeeebfc204b574fdb5a1 C:\WINDOWS\system32\hpzipr12.dll

MD5: b85ec14c7a5f7b2c8d70d4443486dd77 C:\WINDOWS\system32\hpzjrd01.dll

MD5: 10226a19dbb65fe794b63cd7588f990e C:\WINDOWS\system32\hpzll463.dll

MD5: 87393cacec63e456bafbd3963d59caac C:\WINDOWS\system32\ieapfltr.dll

MD5: 63f40fd81c07e8002622fc461e49c814 C:\WINDOWS\system32\IEFRAME.dll

MD5: 950c17200aaa8a3a7aff441765cec09e C:\WINDOWS\system32\iepeers.dll

MD5: f40d0d1598aa1503de5070a4e2fc74ad C:\WINDOWS\system32\iertutil.dll

MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll

MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll

MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\system32\jscript.dll

MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll

MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll

MD5: f1941197a42f9f373cc70042fc82c950 C:\WINDOWS\system32\ksproxy.ax

MD5: 264c642770cb6269a67ac8e0ed74419f C:\WINDOWS\system32\kstvtune.ax

MD5: c9ef69b25dfa1c0e7932cb02fb8a7e91 C:\WINDOWS\system32\kswdmcap.ax

MD5: d5c3d43d0616ff699db771928ac0e2cd C:\WINDOWS\system32\ksxbar.ax

MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll

MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll

MD5: 4895f67e1c74a855285c95741f3da695 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_6_602_171.ocx

MD5: 9942dc4cc265cda00486504444ef521d C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

MD5: e64819b6014a93e2503bb52419a0f6f3 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll

MD5: 055b1f50c32ad4014fb30b08035ed37e C:\WINDOWS\system32\MFC100ENU.DLL

MD5: 9188ba404850b16c41ab59e3be19ba66 C:\WINDOWS\system32\mfc100u.dll

MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\MFC71.DLL

MD5: 1e744353bd534405187a404667da3dc3 C:\WINDOWS\system32\mgmtapi.dll

MD5: b7521f69c0a9b29d356157229376fb21 C:\WINDOWS\System32\mhn.dll

MD5: 84bba0be8b158949affb18047386c461 C:\WINDOWS\system32\mpg2splt.ax

MD5: 3aed76082731f7da2e6e0f58e525f186 C:\WINDOWS\system32\msadds32.ax

MD5: 92e1a82ca4b048d1d970cbea1a097f6e C:\WINDOWS\system32\MSDTCPRX.dll

MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\MSFTEDIT.DLL

MD5: 62a5b23ccb21149c62fa2cea66701985 C:\WINDOWS\system32\mshtml.dll

MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll

MD5: 98e53ca00d3c0a2e9faa4e59c101aeba C:\WINDOWS\system32\mslbui.dll

MD5: c52ce534397e1d3a442fb4c88a3cbe42 C:\WINDOWS\system32\msonpmon.dll

MD5: 585992d78b671aaa075c02241309795d C:\WINDOWS\system32\MSVCIRT.dll

MD5: bc83108b18756547013ed443b8cdb31b C:\WINDOWS\system32\MSVCP100.dll

MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\WINDOWS\system32\MSVCR100.dll

MD5: e325bcdbb6ded6c89f679b8ae89e975c C:\WINDOWS\system32\msvidctl.dll

MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll

MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\System32\msxml3.dll

MD5: bbdfdbead1b7a1cfd44bfffd177fb627 C:\WINDOWS\system32\mucltui.dll

MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\netapi32.dll

MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll

MD5: d4bd9f86123c87eca570418b69326f99 C:\WINDOWS\system32\npDeployJava1.dll

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: bcb7334687fdfe2a89567233295cb5af C:\WINDOWS\system32\nvapi.dll

MD5: c63121de1bce663b2602e146e45b6fca C:\WINDOWS\system32\NvCpl.dll

MD5: d34a3a96d399ab8c1e0a5132cd2bb274 C:\WINDOWS\system32\nview.dll

MD5: 4450bbaf1b77f2b87ab9c5ee4e69532c C:\WINDOWS\system32\nvshell.dll

MD5: 36032035fa55f030d55237d5c639a81d C:\WINDOWS\system32\nvsvc32.exe

MD5: 82d04a6469c880c0830ffe0727065232 C:\WINDOWS\system32\nvwddi.dll

MD5: 0294e2a5e89bf786f24a9cc2fd753191 C:\WINDOWS\system32\nwiz.exe

MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll

MD5: eff03460e542eea6b0abdec6bf19c897 C:\WINDOWS\system32\OLEAUT32.dll

MD5: 0c79e6e339d0f4bc26bd977809e5343c C:\WINDOWS\system32\pngfilt.dll

MD5: 5c112cb49b85449c418814bdfd537379 C:\WINDOWS\system32\Primomonnt.dll

MD5: ff8ccc86c4e42f59b189bd28d362b599 C:\WINDOWS\system32\ps2.exe

MD5: 997f5e9c8442abd564084d4be3940454 C:\WINDOWS\system32\PX.dll

MD5: cec0e5bff9d3bcdf28d741acaddf52c1 C:\WINDOWS\system32\PXDRV.DLL

MD5: ce319ac8df8164b2c33eef12fd445ed7 C:\WINDOWS\system32\PXMAS.DLL

MD5: d4c4a79ef3898603b587b3c432c94eab C:\WINDOWS\system32\PXSFS.DLL

MD5: 107736b30790a06ef1a89433d7846606 C:\WINDOWS\system32\PXWAVE.DLL

MD5: 4e48ea036f83bd5286578f44ddb4a6b2 C:\WINDOWS\system32\qasf.dll

MD5: f1dac7969c1337af790bd1d981aa780c C:\WINDOWS\system32\qmgrprxy.dll

MD5: bf107acf2cdd552aabe14e8c3e62e3fc C:\WINDOWS\system32\quartz.dll

MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll

MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll

MD5: 926afc4848ff3297bb264333bf51e21f C:\WINDOWS\system32\sbe.dll

MD5: ff3bf3dcbb9603ecfe22dea8d6a02d78 C:\WINDOWS\system32\sbeio.dll

MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll

MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\SECURITY.DLL

MD5: fd5eac0c148e96df4e2160354c54360c C:\WINDOWS\system32\shdocvw.dll

MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll

MD5: 0e3605a5e7c23f1139c5c448e1eaf494 C:\WINDOWS\system32\shimgvw.dll

MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll

MD5: ac30389f94784919e26e8237b65fb259 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp463.dll

MD5: 75bf87e542c1368dbd6768ae6e6ed507 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll

MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe

MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll

MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll

MD5: 17e0cf9c8cbb717d05948656bcd86efa C:\WINDOWS\system32\txflog.dll

MD5: 32beba450a17d54bef4aac1aaa1f1878 C:\WINDOWS\system32\urlmon.dll

MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe

MD5: 708acd96e3ff9d2517c90fba27489a4e C:\WINDOWS\system32\VBICodec.ax

MD5: 94ba90c6af5c50ff5f7a6392514c4642 C:\WINDOWS\system32\vidcap.ax

MD5: cc01c7628f58fa48224b2d537a91d822 C:\WINDOWS\system32\vss_ps.dll

MD5: 831f1cd855299d8c8482621c52e635c8 C:\WINDOWS\system32\VXBLOCK.DLL

MD5: e837fdbb92e9873e538395b623f45462 C:\WINDOWS\system32\wbem\cimwin32.dll

MD5: 4306fa2f1099d7c606139255fdb62b19 C:\WINDOWS\system32\wbem\framedyn.dll

MD5: f82749a8292c17a315b6c46647a55599 C:\WINDOWS\system32\webcheck.dll

MD5: d7dcfb4d0c58ffb569de93e1681fd37a C:\WINDOWS\system32\WgaLogon.dll

MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll

MD5: d791d18aa6befa2847fabac4a858dba3 C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll

MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll

MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll

MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll

MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll

MD5: 8255fceef3566c44e6f2bcfe15eb198f C:\WINDOWS\system32\wmadmod.dll

MD5: 033f4c2023ddfc096c0877caaeab9872 C:\WINDOWS\system32\wmadmoe.dll

MD5: 84b68c6ec17c99943f0ea68215bb2238 C:\WINDOWS\system32\WMDRMSDK.DLL

MD5: 77b4be0c9aa0ac78884d8e7cfb315463 C:\WINDOWS\system32\wmp.dll

MD5: e8885a533a3d46209851433e3b9b3bc4 C:\WINDOWS\system32\wmploc.dll

MD5: d6e858f9496f7869d18b559ac5565c08 C:\WINDOWS\system32\wmspdmoe.dll

MD5: 7c300c535ece3301c029dfe0e17930bc C:\WINDOWS\system32\wmv8ds32.ax

MD5: ba26ddbb7c725c2914d125377777e24f C:\WINDOWS\system32\WMVDECOD.dll

MD5: db5ac0f93742d926bdeaa7bb6ce591c1 C:\WINDOWS\system32\wmvds32.ax

MD5: c8fdd26cbf4426f0b4528ff53e6c15b3 C:\WINDOWS\system32\WMVENCOD.dll

MD5: da00b148e85819771d47a357708c0b1e C:\WINDOWS\system32\WMVXENCD.dll

MD5: 277f3e3333f1d10ca428568197fcce70 C:\WINDOWS\system32\wsnmp32.dll

MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\WINDOWS\system32\wuauclt.exe

MD5: c31dd4cec06d2908ae5f212a0b13805b C:\WINDOWS\system32\wuaucpl.cpl

MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll

MD5: c88c65df1ed4dfd34cfbd11cdfe519a3 C:\WINDOWS\system32\wucltui.dll

MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll

MD5: 215422272bbadd7dda57d0372062d293 C:\WINDOWS\system32\xmllite.dll

MD5: ae3470d2bf8f16fd93fa54167b87172d C:\WINDOWS\system32\XOLEHLP.DLL

MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\system32\XPOB2RES.DLL

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll

MD5: 06a1ecb63df139ec639e084d4ab3c9d7 C:\WINDOWS\system\hpsysdrv.exe

MD5: e7a2d42ddfe1af501e06d27a11c170de C:\WINDOWS\TEMP\024582~1.EXE

MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL

MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll

MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80.DLL

MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL

MD5: 28a09777d2d952122567a8a82f1a2c7b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80ENU.DLL

MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll

MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll

MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll

The following file(s) must be uploaded for server-side scanning:

c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e8b14108\system.drawing.dll

Upload started - 1 file(s)

system.drawing.dll (843776)

Upload speed - 52 KB/s

Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 16 sec

Total traffic - 0.82 MB sent, 1.74 KB recvd

Scanned 913 files and modules - 273 seconds

==============================================================================

Link to post
Share on other sites

RogueKiller V8.5.2 [Mar 9 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : HP_Administrator [Admin rights]

Mode : Scan -- Date : 03/12/2013 13:44:54

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : DIMDownloading your update...1300677038425 ("c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_907002\1300677038425\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\hp_administrator\application da) [-] -> FOUND

[RUN][sUSP PATH] HKCU\[...]\Run : Bomgar Support Reconnect [1348348261] ("C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe" -nomulti) [x] -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-4117639358-2012749475-3948883146-1008[...]\Run : DIMDownloading your update...1300677038425 ("c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_907002\1300677038425\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\hp_administrator\application da) [-] -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-4117639358-2012749475-3948883146-1008[...]\Run : Bomgar Support Reconnect [1348348261] ("C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe" -nomulti) [x] -> FOUND

[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND

[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500JS-60NCB1 +++++

--- User ---

[MBR] 6588eb7d0749421be15c9ac2f5703ac9

[bSP] e53f08a2547f8ceb7cedf0196039bc96 : Toshiba MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 229710 Mo

1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 470463525 | Size: 8754 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_03122013_02d1344.txt >>

RKreport[1]_S_03122013_02d1344.txt

Link to post
Share on other sites

Task 1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
    Put a check next to all of these and uncheck the rest: (if found)
    [RUN][sUSP PATH] HKCU\[...]\Run : DIMDownloading your update...1300677038425 ("c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_907002\1300677038425\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\hp_administrator\application da) [-] -> FOUND
    [RUN][sUSP PATH] HKCU\[...]\Run : Bomgar Support Reconnect [1348348261] ("C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe" -nomulti) [x] -> FOUND
    [RUN][sUSP PATH] HKUS\S-1-5-21-4117639358-2012749475-3948883146-1008[...]\Run : DIMDownloading your update...1300677038425 ("c:\Program Files\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\documents and settings\all users\application data\corel\downloads\540215253_907002\1300677038425\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\hp_administrator\application da) [-] -> FOUND
    [RUN][sUSP PATH] HKUS\S-1-5-21-4117639358-2012749475-3948883146-1008[...]\Run : Bomgar Support Reconnect [1348348261] ("C:\Documents and Settings\All Users\Application Data\apple-scc-505E2961\apple-scc.exe" -nomulti) [x] -> FOUND
    [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND
    [HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND

  • Then click on Delete on the right hand column under Options.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Task 2

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Task 3

You have a -lot- of applications that auto-start with Windows that can be removed from auto-starting. This will have Windows finishing its initial startup faster and will free up RAM memory.

Programs like these can be so "trimmed"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

You can use a urility from MalwareBytes, Startup Lite --> http://www.malwarebytes.org/startuplite.php

StartUpLite is a lightweight and simple to use application that allows you to speed up your system startup, safely and efficiently.

Task 4

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your antivirus program

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

If you have the PRO license, then do this too: Click the Protection tab. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan. i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.

Tell me, How is the system ?

Re-enable your antivirus program.

Keep in mind, some other possible sources that would cause a computer freeze or reboot....

Bad spots on your hard drive

Bad or marginal RAM meomory

Both of those examples have nothing to do with malware infections.

Link to post
Share on other sites

What is /was on the "blue screen" icon_question.gif

I need to have the STOP code information, along with any descriptive information :excl:

Your STOP screen info will look similar to this:

STOP-sample_zpsac08f8e3.gif

I need the information from yours..... if and when the next time it happens.

For now, let's have you restart the system into Safe mode with Networking, or as a last choice, Safe Mode

Safe mode with Networking will allow a connection to the internet.

While in that mode, only use it for our tasks. Do not go to other sites or do anything else on the net.

See this article How to start Windows in Safe Mode

Download BlueScreenView http://www.nirsoft.n...creen_view.html

No installation required.

Double click on BlueScreenView.exe file to run the program.

When scanning is done, go Edit>Select All.

Go File>Save Selected Items, and save the report as BSOD.txt.

Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Thanks to Broni for the instructions and program

Link to post
Share on other sites

The screen is stuck on the HP invent blue screen. Every time I turn the computer on it doesn't proceed past this screen. The options at the bottom are: <esc=boot menu> <F1=setup><F10=system recovery>

I'm not able to do anything...F8 does not work, Esc does not work.

Please advise

Thank you

Link to post
Share on other sites

Did HP (or the pc vendor) provide you with a Windows XP operating system CD when you bought this system?

If yes, you can set the pc to boot off that CD so that you can boot into the XP Recovery Console so that we can do some research.

Do tell me IF you have a prior image-backup of this system from before "this problem"?

What backups do you have?

If you cannot manage to get into Safe mode with Networking or Safe mode, it is likely I'll have to suggest that you seek help from HP web-based consumer support forum: ==> http://h30434.www3.hp.com/psg/

They would be best suited to help you with this HP system.

Give this 1 try:

Power off the system. Disconnect any printer(s), scanners, external add-on devices {but not mouse, keyboard, or monitor}.

Wait about a minute.

Get mentally prepared to press & tap the Escape key on keyboard.

Power the pc. Right away press & tap Escape key to get the boot menu.

Link to post
Share on other sites

I was able to reboot the computer by unplugging all cables pressing the power button for A brief time and restarting. Upon restart, It said that a change to the hardware or software caused the computer to shut down.

I am in normal mode now. Do you think it is ok to proceed?

Link to post
Share on other sites

I had you get ERUNT back on 11 March.

Run it now (one time) so that it makes a backup of the registry.

Take a timeout now. Backup any personal files or documents that you do not already have saved onto Offline backup.

Malware removal can be unpredictable. So backup your stuff at this time.

After doing that,

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the otlDesktopIcon.png icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Then copy/paste the following into your post (in order):
  • the contents of OTL.txt;
  • the contents of Extras.txt ; and
  • the contents of checkup.txt

Be sure to do a Preview prior to pressing Add Reply because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

I have some questions and concerns before proceeding

I ran Erunt on march 11, as instructed and created a backup registry. If I do another registry backup will it copy over the previous? Or will I have both backups? Im concerned if those regestry items we already removed caused the computer to be stuck on a bluescreen, we may want to restore the first backup.

Also, I have concerns about the scenario of needing to do a reinstall of everything on the computer. All I have is a recovery disc that was made when I first bought the computer - per HP instructions. In addition, I have software on the computer that is used that I cannot reinstall.

I do not want to do a complete reinstall, unless all other options have been exhausted.

Thank you for your understanding in this matter.

And thank you so much for your expertise and time

Link to post
Share on other sites

The new run of ERUNT makes a separate / new folder for backup. It is just fine to do a new run. Just follow the prompts, and use the default options. Please.

I would hope you would not have to do a clean install. But your issue on not having backups for your installed software only points to the "value" of doing system image backups on a regular basis.

I would recommend you proceed forward with what I outlined in my last reply. :)

Link to post
Share on other sites

Hello,

I'm trying to familiarize myself with how to make a bootable system image CD/DVD for XP. Since XP itself will only create a floppy disc. So I'm still researching.

In the meantime, I've been attempting to backup all of my photos/videos and files, however, each time the process is interrupted by a shut down/restart. And thus far have been unable to complete the task.

Upon restart the same error messages display. I've attached screen shots.

It makes me wonder if the problem is a corrpted/missing file, or a hardware issue? I've been having problems with unexplained freezes & shut down/restarts for the past two weeks. I assumed malware, so tried to do the malwarebytes scan, but it also froze and would not complete.

024582.exe App error.bmp

Error_Signature_3-17-13.bmp

Error_report_3-17-13.bmp

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.