false flags or infection?

bottomshot · April 19, 2013

Hi,

after updating to the latest MBAM I suddenly got 4 returns, and after googling I am suspicious I may have come across a few false flags, I am not sure.

Another new issue is that now after a scan completes, (done overnight while at work) when I attempt to close MBAM a message appears saying a scan is in progress, would I like to close anyway. Clickling yes closes the program.

I have attached the dev log zip as well

Thank you.

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2

Run by Wease at 16:45:38 on 2013-04-19

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.950 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ================

.

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\devldr32.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\WINDOWS\notepad.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = iexplore

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} - hxxp://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340447916546

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab

DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} - hxxp://www.iolo.com/app/ocx/UpgradeVerify.ocx

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{65F56E18-4DB3-4D5B-9E79-41A2AE857774} : DHCPNameServer = 192.168.1.254

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\wease\application data\mozilla\firefox\profiles\s1m47lbt.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.startup.homepage - www.google.com

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - plugin: c:\windows\system32\npwmsdrm.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 195296]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-7-27 27064]

S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

FileExt: .reg: regfile=regedit.exe "%1" [userChoice]

FileExt: .txt: Applications\Winword.exe="c:\program files\microsoft office\office11\WINWORD.EXE" /n /dde [userChoice] [default=edit - 'Open' doesn't exist]

FileExt: .vbs: VBSFile=c:\windows\system32\WScript.exe "%1" %* [userChoice]

FileExt: .jse: JSEFile=NOTEPAD.EXE %1

FileExt: .wsf: WSFFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2013-04-18 21:12:12 6906960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f827b9dd-0725-4726-8bf4-8afd454a051b}\mpengine.dll

2013-04-17 12:19:33 7108640 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-04-14 22:38:29 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin

2013-04-14 22:38:29 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin

2013-04-14 22:38:29 1 ----a-w- c:\windows\system32\nvdrssel.bin

2013-04-14 22:37:54 -------- d-----w- c:\program files\NVIDIA Corporation

.

==================== Find3M ====================

.

2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-02 10:33:22 237088 ------w- c:\windows\system32\MpSigStub.exe

2013-03-15 21:36:17 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-15 21:36:11 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-03-15 21:36:10 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-03-15 21:36:09 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-15 21:29:43 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-15 21:29:43 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:06:30 43520 ------w- c:\windows\system32\licmgr10.dll

2013-03-02 02:06:30 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08:47 385024 ------w- c:\windows\system32\html.iec

2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-08 09:03:02 19189760 ----a-w- c:\windows\system32\nvoglnt.dll

2013-02-08 09:03:02 1010464 ----a-w- c:\windows\system32\nvdispco32.dll

2013-02-08 09:03:00 4494336 ----a-w- c:\windows\system32\nv4_disp.dll

2013-02-08 09:02:58 7536640 ----a-w- c:\windows\system32\nvcuda.dll

2013-02-08 09:02:58 2581792 ----a-w- c:\windows\system32\nvcuvid.dll

2013-02-08 09:02:56 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll

2013-02-08 09:02:56 2389504 ----a-w- c:\windows\system32\nvapi.dll

2013-02-08 09:02:56 17551360 ----a-w- c:\windows\system32\nvcompiler.dll

2013-02-08 09:02:44 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2013-02-08 09:02:42 5967872 ----a-w- c:\windows\system32\nvopencl.dll

2013-02-08 09:02:42 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll

2013-01-20 20:59:04 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

.

============= FINISH: 16:46:29.04 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 11/12/2004 8:29:19 AM

System Uptime: 4/18/2013 1:13:47 AM (39 hours ago)

.

Motherboard: Dell Computer Corp. | | 0W2562

Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 74 GiB total, 16.376 GiB free.

D: is CDROM (CDFS)

E: is CDROM ()

G: is FIXED (NTFS) - 466 GiB total, 274.046 GiB free.

N: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP300: 2/27/2013 5:56:06 PM - Software Distribution Service 3.0

RP301: 2/28/2013 11:05:06 PM - Software Distribution Service 3.0

RP302: 3/1/2013 4:27:19 PM - Removed Java 7 Update 13

RP303: 3/1/2013 4:27:50 PM - Installed Java 7 Update 15

RP304: 3/2/2013 7:36:50 AM - Software Distribution Service 3.0

RP305: 3/3/2013 8:35:58 AM - Software Distribution Service 3.0

RP306: 3/4/2013 4:55:56 PM - Software Distribution Service 3.0

RP307: 3/5/2013 5:48:59 PM - Software Distribution Service 3.0

RP308: 3/6/2013 6:07:45 PM - System Checkpoint

RP309: 3/7/2013 7:05:22 AM - Software Distribution Service 3.0

RP310: 3/7/2013 8:29:01 AM - Software Distribution Service 3.0

RP311: 3/8/2013 6:12:21 PM - Software Distribution Service 3.0

RP312: 3/10/2013 6:48:54 PM - Software Distribution Service 3.0

RP313: 3/12/2013 6:20:14 AM - Software Distribution Service 3.0

RP314: 3/13/2013 4:33:51 PM - Software Distribution Service 3.0

RP315: 3/14/2013 1:43:04 AM - Software Distribution Service 3.0

RP316: 3/14/2013 7:09:35 AM - Software Distribution Service 3.0

RP317: 3/14/2013 5:57:03 PM - Software Distribution Service 3.0

RP318: 3/15/2013 5:35:23 PM - Removed Java 7 Update 15

RP319: 3/15/2013 5:36:00 PM - Installed Java 7 Update 17

RP320: 3/16/2013 7:44:54 AM - Software Distribution Service 3.0

RP321: 3/17/2013 8:19:02 AM - Software Distribution Service 3.0

RP322: 3/19/2013 6:14:22 AM - Software Distribution Service 3.0

RP323: 3/20/2013 7:22:55 PM - Software Distribution Service 3.0

RP324: 3/22/2013 6:20:36 AM - Software Distribution Service 3.0

RP325: 3/23/2013 7:18:53 AM - Software Distribution Service 3.0

RP326: 3/24/2013 8:00:57 AM - Software Distribution Service 3.0

RP327: 3/25/2013 5:13:27 PM - Software Distribution Service 3.0

RP328: 3/28/2013 7:08:31 AM - Software Distribution Service 3.0

RP329: 3/29/2013 9:22:35 AM - Software Distribution Service 3.0

RP330: 3/30/2013 6:55:41 PM - Software Distribution Service 3.0

RP331: 4/1/2013 6:41:48 AM - Software Distribution Service 3.0

RP332: 4/5/2013 3:45:12 PM - Software Distribution Service 3.0

RP333: 4/6/2013 7:28:19 AM - Software Distribution Service 3.0

RP334: 4/7/2013 8:40:23 AM - Software Distribution Service 3.0

RP335: 4/8/2013 4:49:54 PM - Software Distribution Service 3.0

RP336: 4/8/2013 5:03:44 PM - Software Distribution Service 3.0

RP337: 4/10/2013 6:28:32 AM - Software Distribution Service 3.0

RP338: 4/11/2013 7:34:41 AM - Software Distribution Service 3.0

RP339: 4/12/2013 9:22:55 AM - Software Distribution Service 3.0

RP340: 4/13/2013 5:07:25 PM - Software Distribution Service 3.0

RP341: 4/14/2013 7:51:17 AM - Software Distribution Service 3.0

RP342: 4/14/2013 5:12:02 PM - Software Distribution Service 3.0

RP343: 4/14/2013 6:36:49 PM - Software Distribution Service 3.0

RP344: 4/16/2013 7:10:31 AM - Software Distribution Service 3.0

RP345: 4/17/2013 8:19:29 AM - Software Distribution Service 3.0

RP346: 4/18/2013 5:11:28 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader for Palm OS, 3.05

Adobe Reader X (10.1.6)

ALTools Update

ALZip 8.51

Apple Application Support

Apple Software Update

Auslogics Disk Defrag

BCM V.92 56K Modem

Belarc Advisor 8.2

BitPim 1.0.7.20080908

Call of Duty

Call of Duty - United Offensive

Call of Duty® 2

Call of Duty® 2 Patch 1.3

Call of Duty® 4 - Modern Warfare 1.4 Patch

Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch

Call of Duty® 4 - Modern Warfare 1.6 Patch

Call of Duty® 4 - Modern Warfare 1.7 Patch

CCleaner (remove only)

Civilization III Complete Edition

Dell Support

DivX Converter

DivX Player

DivX Setup

DVD Shrink 3.2

ERUNT 1.1j

FileZilla Client 3.5.0

GiPo@MoveOnBoot 1.9.5

Glary Utilities 2.53.0.1726

Google Talk (remove only)

Google Toolbar for Internet Explorer

Google Update Helper

HD Tune 2.55

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

HP Deskjet 1000 J110 series Basic Device Software

HP Deskjet 1000 J110 series Help

HP Photo Creations

HP Update

Intel® PRO Network Adapters and Drivers

ISO Recorder

Java 7 Update 17

Java Auto Updater

JavaFX 2.1.1

JFK Reloaded 1.1

LG USB Modem driver

MahJongg Solitaire 3D

Malwarebytes Anti-Malware version 1.75.0.1300

MBSS Fireworks 2.1

MegaView

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliPoint 5.2

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Money 2004

Microsoft Money 2004 System Pack

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Streets and Trips 2004

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C Runtime

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Windows XP Video Decoder Checkup Utility

Mouse Suite

Move Networks Media Player for Internet Explorer

Mozilla Firefox 19.0.2 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

NirSoft BlueScreenView

NVIDIA Drivers

Open Yahtzee

PANZERS - Phase1

PANZERS - Phase2

QuickTime

Revo Uninstaller Pro 2.5.8

SeaTools for Windows

Secunia PSI (2.0.0.4003)

Security Task Manager 1.8f

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

Simple Adblock

Speccy

SuperOthello

System Requirements Lab

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VC80CRTRedist - 8.0.50727.6195

VLC media player 2.0.5

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows PowerShell 1.0

Windows XP Service Pack 3

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

4/14/2013 6:19:05 PM, error: Print [23] - Printer Lexmark Z600 Series,0 failed to initialize because a suitable Lexmark Z600 Series driver could not be found.

4/13/2013 4:54:23 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

.

==== End Of File ===========================

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.19.03

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Wease :: GARRETTROBINSON [administrator]

4/19/2013 9:29:48 AM

MBAM-log-2013-04-19 (16-31-11)devv.txt

Scan type: Full scan (C:\|G:\|)

Scan options disabled:

Objects scanned: 320637

Time elapsed: 2 hour(s), 12 minute(s), 24 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 4

C:\LOGITEMP\_ISDel.exe (Spyware.Zbot) -> No action taken. [dd1286631e4dd85e78fa9a7d976aa55b]

C:\MSOCache\divx\DivXInstaller.exe (Trojan.Chad) -> No action taken. [4ba4faefe784082e08726a3c9769e917]

G:\kite\kite2\System\Apps\0DE4F643-C398-46ec-9339-2362F2311932\Skype(3.5.14.240)(u3)(6291)release_candidate.u3p (Trojan.Agent.ED) -> No action taken. [36b9d5143a31be78da35020a8d74ad53]

G:\kite\System\Apps\0DE4F643-C398-46ec-9339-2362F2311932\Skype(3.5.14.240)(u3)(6291)release_candidate.u3p (Trojan.Agent.ED) -> No action taken. [c22df1f88cdf5dd9f8170b01768b5ca4]

(end)

Maurice Naggar · April 20, 2013

Hello bottomshot and welcome to MalwareBytes forum.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here

Run Security Check
Follow the onscreen instructions inside of the command window.
A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6

Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
>> from here <<
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Click on Scan.
Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

bottomshot · April 20, 2013

Hello,

thank you for your reply, here are the requested logs:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Wease at 2013-04-20 07:36:47

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 17 GB (22%) free of 76 GB

Total RAM: 1535 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 7:37:20 AM, on 4/20/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\devldr32.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

G:\Mikey\RSIT.exe

C:\Program Files\trend micro\Wease.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340447916546

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab

O16 - DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} (iolo.ProductDetector) - http://www.iolo.com/app/ocx/UpgradeVerify.ocx

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

O24 - Desktop Component 0: (no name) - http://d.yimg.com/us.yimg.com/p/afp/20060809/capt.sge.cxa60.090806014234.photo00.photo.default-512x403.jpg?x=380&y=299&sig=_xxfpKMFc2x1meR6zoKJLA--

--

End of file - 7091 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1390067357-2025429265-682003330-1004.job

C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1390067357-2025429265-682003330-1004.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Wease\Application Data\Mozilla\Firefox\Profiles\s1m47lbt.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "www.google.com"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.6.602.180 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]

"Description"=DivX Plus Web Player

"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]

"Description"=DivX® Player Plugin for VOD Content

"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]

"Description"=12.0.1.647

"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]

"Description"=

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]

"Description"=Yahoo! activeX Plug-in Bridge

"Path"=

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

nppl3260.xpt

nsIQTScriptablePlugin.xpt

nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Documents and Settings\Wease\Application Data\Mozilla\Firefox\Profiles\s1m47lbt.default\extensions\

{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]

DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-15 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-18 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-18 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-15 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]

SimpleAdblock Class - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll [2012-05-15 863512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-18 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

""= []

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-26 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-28 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

C:\Program Files\Google\Google Talk\googletalk.exe [2012-06-28 3289088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]

C:\WINDOWS\system32\ICO.EXE [2006-10-23 56128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-26 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"

"C:\Program Files\DivX\DivX Update\DivXUpdate.exe"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe:*:Disabled:DivX Update"

"C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe"="C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam"

"C:\Program Files\Firaxis Games\Civilization III Complete\Conquests\Civ3Conquests.exe"="C:\Program Files\Firaxis Games\Civilization III Complete\Conquests\Civ3Conquests.exe:*:Enabled:Civ3Complete"

"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Disabled:Java Platform SE binary"

"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"

"C:\Program Files\Call of Duty\CoDUOMP.exe"="C:\Program Files\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"

"C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"wave1"=serwvdrv.dll

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"vidc.iv41"=ir41_32.ax

"msacm.iac2"=iac25_32.ax

"vidc.iv50"=ir50_32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=ctwdm32.dll

"msacm.lhacm"=lhacm.acm

"wave2"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave3"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"vidc.DIVX"=DivX.dll

"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2013-04-20 07:36:48 ----D---- C:\Program Files\trend micro

2013-04-20 07:36:47 ----D---- C:\rsit

2013-04-17 17:38:13 ----A---- C:\AdwCleaner[s1].txt

2013-04-17 17:37:48 ----A---- C:\AdwCleaner[R3].txt

2013-04-17 17:26:06 ----A---- C:\AdwCleaner[R2].txt

2013-04-17 17:17:54 ----A---- C:\AdwCleaner[R1].txt

2013-04-14 18:37:54 ----D---- C:\Program Files\NVIDIA Corporation

2013-04-14 07:59:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2808735$

2013-04-14 07:59:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$

2013-04-14 07:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$

2013-04-14 07:54:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2813170$

2013-04-04 06:48:27 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-03-31 15:34:46 ----D---- C:\Documents and Settings\Wease\Application Data\uTorrent

2013-03-30 20:01:52 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2013-04-20 07:36:48 ----RD---- C:\Program Files

2013-04-20 07:36:23 ----D---- C:\WINDOWS\Prefetch

2013-04-20 07:34:27 ----D---- C:\WINDOWS\erdnt

2013-04-20 07:26:31 ----D---- C:\Program Files\ERUNT

2013-04-20 07:15:41 ----D---- C:\WINDOWS\Temp

2013-04-20 07:15:06 ----D---- C:\WINDOWS\system32\CatRoot2

2013-04-19 23:17:12 ----D---- C:\Program Files\Mozilla Firefox

2013-04-19 16:32:01 ----D---- C:\WINDOWS\system32\drivers

2013-04-19 00:06:20 ----D---- C:\Documents and Settings\Wease\Application Data\vlc

2013-04-17 17:41:02 ----D---- C:\WINDOWS

2013-04-17 09:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-04-17 08:58:42 ----D---- C:\WINDOWS\Debug

2013-04-15 23:04:18 ----D---- C:\Documents and Settings\Wease\Application Data\FileZilla

2013-04-14 18:40:15 ----D---- C:\WINDOWS\system32

2013-04-14 18:38:14 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-04-14 18:37:45 ----D---- C:\WINDOWS\inf

2013-04-14 18:37:44 ----D---- C:\WINDOWS\system32\ReinstallBackups

2013-04-14 18:29:40 ----D---- C:\WINDOWS\AppPatch

2013-04-14 18:28:07 ----D---- C:\WINDOWS\system32\CatRoot

2013-04-14 17:53:00 ----D---- C:\Documents and Settings\Wease\Application Data\Simple Adblock

2013-04-14 08:00:30 ----D---- C:\Program Files\Internet Explorer

2013-04-14 07:59:50 ----HD---- C:\WINDOWS\$hf_mig$

2013-04-14 07:55:58 ----A---- C:\WINDOWS\system32\MRT.exe

2013-04-14 07:55:49 ----SHD---- C:\WINDOWS\Installer

2013-04-08 16:50:50 ----D---- C:\WINDOWS\Minidump

2013-04-02 06:33:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]

R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2008-09-19 43528]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2011-08-09 3840]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-07-16 12032]

R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]

R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-06-18 501760]

R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-06-18 438784]

R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-06-18 7168]

R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-06-18 142336]

R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]

R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-06-18 77824]

R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2005-06-18 751104]

R3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2005-06-18 178688]

R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]

R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-06-18 114688]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys []

S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-06-07 340176]

S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]

S3 dbustrcm;dbustrcm; \??\C:\DOCUME~1\Wease\LOCALS~1\Temp\dbustrcm.sys []

S3 emu10k;Creative Sound Blaster PCI512; C:\WINDOWS\system32\drivers\emu10k1f.sys [2001-08-14 775296]

S3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlface.sys [2001-07-11 6912]

S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []

S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2005-06-18 153088]

S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []

S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []

S3 OmniDrv;Ideazon Keyboard Driver; C:\WINDOWS\system32\DRIVERS\OmniDrv.sys [2005-09-22 30976]

S3 OmniUsb;Ideazon USB Zboard Driver; C:\WINDOWS\system32\DRIVERS\OmniUsb.sys [2005-09-22 28800]

S3 OmniUsbl;Ideazon USBl Zboard Driver; C:\WINDOWS\system32\DRIVERS\OmniUsbl.sys [2005-09-22 9696]

S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys []

S3 PciCon;PciCon; \??\E:\PciCon.sys []

S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2007-04-17 18944]

S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2007-04-11 17920]

S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]

S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]

S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]

S3 rt2500usb;DWL-G122(rev.B) USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-03-12 243456]

S3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfman.sys [2001-08-31 36992]

S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys []

S3 usbbus;LGE CDMA Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2004-05-03 20092]

S3 UsbDiag;LGE CDMA USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgUsbDiag.sys [2004-05-03 39136]

S3 USBModem;LGE CDMA USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2004-05-03 41664]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-15 170912]

R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-31 75064]

R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2011-10-14 399416]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-11 135664]

S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-11 135664]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-14 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 Imapi Helper;Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-05 163840]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2011-10-14 994360]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.09 2013-04-20 07:37:22

======Uninstall list======

--> UNINST

-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{5AF4B3C4-C393-48D7-AC7E-8E7615579548}

Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_168_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin

Adobe Reader X (10.1.6)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}

ALTools Update-->C:\Program Files\ESTsoft\ALUpdate\unins000.exe

ALZip 8.51-->C:\Program Files\ESTsoft\ALZip\unins000.exe

Apple Application Support-->MsiExec.exe /I{F5266D28-E0B2-4130-BFC5-EE155AD514DC}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"

BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet

Belarc Advisor 8.2-->"C:\PROGRA~1\Belarc\Advisor\Uninstall.exe" "C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG"

Call of Duty - United Offensive-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A662E280-64A8-4CF5-8407-13D0808602B3}

Call of Duty® 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l1033

Call of Duty® 4 - Modern Warfare 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409

Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409

Call of Duty® 4 - Modern Warfare 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409

Call of Duty® 4 - Modern Warfare 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409

Call of Duty-->C:\PROGRA~1\CALLOF~1\Uninstall\Unwise.exe /u C:\PROGRA~1\CALLOF~1\Uninstall\Install.log

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Civilization III Complete Edition-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2157961D-0507-44A8-BCF2-1EE2D439E8DF}

Dell Support-->MsiExec.exe /X{43FCA273-9534-40DB-B7C5-D7758875616A}

DivX Converter-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER

DivX Player-->C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Player\DivXPlayerUninstall.exe /PLAYER

DivX Setup-->C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe /uninstall

DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

FileZilla Client 3.5.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe

GiPo@MoveOnBoot 1.9.5-->MsiExec.exe /I{9F185C48-595B-401A-A1D6-AAB324890DC4}

Glary Utilities 2.53.0.1726-->"C:\Program Files\Glary Utilities\unins000.exe"

Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe"

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

HP Deskjet 1000 J110 series Basic Device Software-->MsiExec.exe /I{F4B1B985-F308-4DBA-BFD7-CCCB8839234B}

HP Deskjet 1000 J110 series Help-->MsiExec.exe /I{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}

HP Photo Creations-->C:\Program Files\HP Photo Creations\uninst.exe

HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}

Intel® PRO Network Adapters and Drivers-->Prounstl.exe

ISO Recorder-->MsiExec.exe /I{DFC6573E-124D-4026-BFA4-B433C9D3FF21}

Java 7 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}

JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}

JFK Reloaded 1.1-->C:\Program Files\JFK Reloaded\uninst.exe

LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\Setup.exe" -l0x9

MahJongg Solitaire 3D-->C:\Program Files\MahJongg Solitaire 3D\Uninstal.exe

Malwarebytes Anti-Malware version 1.75.0.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

MBSS Fireworks 2.1-->"\Windows\MBSS Fireworks\unins000.exe"

MegaView-->"C:\Program Files\MegaView\unins000.exe"

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended

Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Money 2004 System Pack-->MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}

Microsoft Money 2004-->MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}

Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91E30409-6000-11D3-8CFE-0150048383C9}

Microsoft Security Client-->MsiExec.exe /X{390DD8BB-BB57-4942-A029-2D913E4E9D74}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Streets and Trips 2004-->MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790210}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}

Microsoft Windows XP Video Decoder Checkup Utility-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DECCHECK.inf,Uninstall

Mouse Suite-->C:\Program Files\InstallShield Installation Information\{EEDBE2DF-4141-44A9-8614-9832B16637E6}\setup.exe -runfromtemp -l0x0009 -removeonly

Mozilla Firefox 19.0.2 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}

MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}

MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}

NirSoft BlueScreenView-->"C:\Program Files\NirSoft\BlueScreenView\uninst.exe"

NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI

Open Yahtzee-->"C:\Program Files\Open Yahtzee\uninstall.exe"

PANZERS - Phase1-->C:\PROGRA~1\PANZER~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\PANZER~1\UNINST~1\INSTALL.LOG

PANZERS - Phase2-->C:\PROGRA~1\PANZER~2\UNINST~1\UNWISE.EXE C:\PROGRA~1\PANZER~2\UNINST~1\INSTALL.LOG

QuickTime-->MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}

Revo Uninstaller Pro 2.5.8-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"

SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}

Secunia PSI (2.0.0.4003)-->"C:\Program Files\Secunia\PSI\uninstall.exe"

Security Task Manager 1.8f-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager"

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Extended

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Extended

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Extended

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2722913)-->"C:\WINDOWS\ie8updates\KB2722913-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2744842)-->"C:\WINDOWS\ie8updates\KB2744842-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2792100)-->"C:\WINDOWS\ie8updates\KB2792100-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2797052)-->"C:\WINDOWS\ie8updates\KB2797052-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2799329)-->"C:\WINDOWS\ie8updates\KB2799329-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2809289)-->"C:\WINDOWS\ie8updates\KB2809289-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2817183)-->"C:\WINDOWS\ie8updates\KB2817183-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2757638)-->"C:\WINDOWS\$NtUninstallKB2757638$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2778344)-->"C:\WINDOWS\$NtUninstallKB2778344$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2780091)-->"C:\WINDOWS\$NtUninstallKB2780091$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2799494)-->"C:\WINDOWS\$NtUninstallKB2799494$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2802968)-->"C:\WINDOWS\$NtUninstallKB2802968$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2807986)-->"C:\WINDOWS\$NtUninstallKB2807986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2808735)-->"C:\WINDOWS\$NtUninstallKB2808735$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2813170)-->"C:\WINDOWS\$NtUninstallKB2813170$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2813345)-->"C:\WINDOWS\$NtUninstallKB2813345$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2820917)-->"C:\WINDOWS\$NtUninstallKB2820917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Simple Adblock-->MsiExec.exe /X{59308225-510C-4492-A7E4-71625FAD545E}

Speccy-->"C:\Program Files\Speccy\uninst.exe"

SuperOthello-->"C:\WINDOWS\SuperOthello\uninstall.exe" "/U:C:\Program Files\SuperOthello\irunin.xml"

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Windows Internet Explorer 8 (KB2447568)-->"C:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"

Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"

Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}

VLC media player 2.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows PowerShell 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: *removed*

Event Code: 55

Message: The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume C:.

Record Number: 20110

Source Name: Ntfs

Time Written: 20130228083617.000000-300

Event Type: error

User:

Computer Name: *removed*

Event Code: 23

Message: Printer Lexmark Z600 Series,0 failed to initialize because a suitable Lexmark Z600 Series driver could not be found.

Record Number: 20046

Source Name: Print

Time Written: 20130225183338.000000-300

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: *removed*

Event Code: 23

Message: Printer Lexmark Z600 Series,0 failed to initialize because a suitable Lexmark Z600 Series driver could not be found.

Record Number: 20011

Source Name: Print

Time Written: 20130224185009.000000-300

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: *removed*

Event Code: 7031

Message: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

Record Number: 19981

Source Name: Service Control Manager

Time Written: 20130224071922.000000-300

Event Type: error

User:

Computer Name: *removed*

Event Code: 5008

Message: Microsoft Antimalware engine has been terminated due to an unexpected error.

Failure Type: Crash

Exception code: 0xc0000005

Resource: file:C:\DOCUME~1\Wease\LOCALS~1\temp\~e5.0001.dir.0000\~df394b.tmp

Record Number: 19980

Source Name: Microsoft Antimalware

Time Written: 20130224071907.000000-300

Event Type: error

User:

=====Application event log=====

Computer Name: *removed*

Event Code: 1

Message:

Record Number: 1011

Source Name: nview_info

Time Written: 20121027224958.000000-240

Event Type: error

User:

Computer Name: *removed*

Event Code: 1000

Message: Faulting application MsMpEng.exe, version 4.1.522.0, faulting module unknown, version 0.0.0.0, fault address 0xffffffff.

Record Number: 1006

Source Name: Application Error

Time Written: 20121027153349.000000-240

Event Type: error

User:

Computer Name: *removed*

Event Code: 1000

Message: Faulting application explorer.exe, version 6.0.2900.5512, faulting module browseui.dll, version 6.0.2900.5512, fault address 0x000836aa.

Record Number: 973

Source Name: Application Error

Time Written: 20121024143830.000000-240

Event Type: error

User:

Computer Name: *removed*

Event Code: 1000

Message: Faulting application MsMpEng.exe, version 4.1.522.0, faulting module mpengine.dll, version 1.1.8904.0, fault address 0x0013b0a5.

Record Number: 921

Source Name: Application Error

Time Written: 20121021144348.000000-240

Event Type: error

User:

Computer Name: *removed*

Event Code: 1015

Message: Failed to connect to server. Error: 0x800401F0

Record Number: 878

Source Name: MsiInstaller

Time Written: 20121019011429.000000-240

Event Type: warning

User: *removed*

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ESTsoft\ALZip;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel

"PROCESSOR_REVISION"=0209

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"FP_NO_HOST_CHECK"=NO

"CLASSPATH"=.;C:\Program Files\Java\jre7\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre7\lib\ext\QTJava.zip

-----------------EOF-----------------

bottomshot · April 20, 2013

here are the rest:

Results of screen317's Security Check version 0.99.62

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

`````````Anti-malware/Other Utilities Check:`````````

Secunia PSI (2.0.0.4003)

Malwarebytes Anti-Malware version 1.75.0.1300

CCleaner (remove only)

JavaFX 2.1.1

Java 7 Update 17

Adobe Flash Player 11.6.602.180

Adobe Reader 10.1.6 Adobe Reader out of Date!

Mozilla Firefox 19.0.2 Firefox out of Date!

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 7%

````````````````````End of Log``````````````````````

QuickScan 32-bit v0.9.9.118

---------------------------

Scan date: Sat Apr 20 07:58:31 2013

Machine ID: D0093591

No infection found.

-------------------

Processes

---------

Creative Ring3 NT Inteface 180 C:\WINDOWS\system32\devldr32.exe

Java Platform SE 7 U17 408 C:\Program Files\Java\jre7\bin\jqs.exe

Java Platform SE Auto Updater 2 0 480 C:\Program Files\Common Files\Java\Java Update\jucheck.exe

Java Platform SE Auto Updater 2 0 1284 C:\Program Files\Common Files\Java\Java Update\jusched.exe

MarkVision for Windows (32 bit) 1504 C:\WINDOWS\system32\LEXBCES.EXE

MarkVision for Windows (32 bit) 1548 C:\WINDOWS\system32\LEXPPS.EXE

Microsoft Malware Protection 1048 C:\Program Files\Microsoft Security Client\MsMpEng.exe

Microsoft Security Client 1188 C:\Program Files\Microsoft Security Client\msseces.exe

Microsoft® Windows® Operating System 1528 C:\WINDOWS\system32\spoolsv.exe

Microsoft® Windows® Operating System 3040 C:\WINDOWS\system32\wscntfy.exe

PnkBstrA.exe 612 C:\WINDOWS\system32\PnkBstrA.exe

Secunia Update Agent 1120 C:\Program Files\Secunia\PSI\sua.exe

(verified) GoogleToolbarNotifier 1376 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(verified) Microsoft® Visual Studio .NET 504 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

(verified) Microsoft® Windows® Operating System 212 C:\WINDOWS\explorer.exe

(verified) Microsoft® Windows® Operating System 2780 C:\WINDOWS\system32\alg.exe

(verified) Microsoft® Windows® Operating System 616 C:\WINDOWS\system32\csrss.exe

(verified) Microsoft® Windows® Operating System 1348 C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System 696 C:\WINDOWS\system32\lsass.exe

(verified) Microsoft® Windows® Operating System 684 C:\WINDOWS\system32\services.exe

(verified) Microsoft® Windows® Operating System 568 C:\WINDOWS\system32\smss.exe

(verified) Microsoft® Windows® Operating System 860 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 944 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1084 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1128 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1404 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1756 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1860 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 640 C:\WINDOWS\system32\winlogon.exe

(verified) Windows® Internet Explorer 1368 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Internet Explorer 3100 C:\Program Files\Internet Explorer\iexplore.exe

Network activity

----------------

Process iexplore.exe (1368) connected on port 80 (HTTP) --> 74.125.225.122

Process iexplore.exe (1368) connected on port 80 (HTTP) --> 66.235.142.57

Process iexplore.exe (1368) connected on port 80 (HTTP) --> 74.125.225.133

Process iexplore.exe (1368) connected on port 80 (HTTP) --> 23.60.127.139

Process iexplore.exe (1368) connected on port 80 (HTTP) --> 74.125.225.176

Process iexplore.exe (1368) connected on port 80 (HTTP) --> 74.125.225.122

Process svchost.exe (944) listens on ports: 135 (RPC)

Process LEXPPS.EXE (1548) listens on ports: 1025 (RPC)

Autoruns and critical files

---------------------------

hpwuSchd Application C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

Glary Utilities C:\Program Files\Glary Utilities\initialize.exe

Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe

Microsoft Security Client C:\Program Files\Microsoft Security Client\msseces.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\upnpui.dll

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll

QuickTime C:\Program Files\QuickTime\QTTask.exe

Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll

(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe

(verified) GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll

(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

Browser plugins

---------------

AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll

DivX Player Netscape Plugin C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

DivX Plus Web Player C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

DivX Plus Web Player HTML5 <video> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

DivX VOD Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

Flash® Player Installer/Uninstaller C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe

Google Toolbar for Internet Explorer C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

Google Update C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll

Java Deployment Toolkit 7.0.170.2 C:\WINDOWS\system32\npDeployJava1.dll

Java Platform SE 7 U17 c:\program files\java\jre7\bin\jp2ssv.dll

Java Platform SE 7 U17 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

Java Platform SE 7 U17 C:\Program Files\Java\jre7\bin\ssv.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McContentMgr.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McHealthCheck.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McLogMgr.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McPlugins.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\McProdMgr.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\MVT.dll

McAfee Virtual Technician C:\WINDOWS\Downloaded Program Files\Uploader.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

NPSWF32_11_6_602_180.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

Q3PX plugin 3.1.1 C:\Program Files\Internet Explorer\plugins\npq3px.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.3 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

Silverlight Plug-In C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

Simple AdBlock C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll

TestGen Plug-in 7.3 C:\Program Files\Internet Explorer\plugins\nptgeqplugin.dll

VLC Web Plugin C:\Program Files\VideoLAN\VLC\npvlc.dll

Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

xwrapper.ocx C:\Program Files\Internet Explorer\plugins\xwrapper.ocx

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

Scan

----

MD5: 5fc8307e040c2e95ea4f486c8379fb64 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EC934D25-4979-4FB6-AB7A-7BEA02455F15}\mpengine.dll

MD5: db988b4550db9bce86f9199d961057fc C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

MD5: 1acad13923e467e473c3ec503223f983 C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe

MD5: 569a07c4395ab391d0d0e437654d871a C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

MD5: 40986a81053401e5379154818fa8733c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

MD5: 8f08f3d3a15c6a82f70ddc04554ca808 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

MD5: 3cb07566302bceeb898de270a0bec175 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: d2dad71c96c113ed07f7bb79ad831c28 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

MD5: 5dfe72b9f1ff669070fc032090b7b982 C:\Program Files\Common Files\Java\Java Update\jucheck.exe

MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files\Common Files\Java\Java Update\jusched.exe

MD5: a7e8525fa8788ca52f728414a65ba349 C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL

MD5: 1210aa2cc147a8ee32cf756650910653 C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll

MD5: b938c1ae3adce166190895685b0beb0d C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

MD5: ad2e6fb5da47fb720f39186282dbe4fd C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

MD5: bc8ab9aa21934b663a07f79f7efa0123 C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

MD5: a66a630e101e7b5cf0946f34935660cc C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

MD5: d2d04a0563df21f2a5e6659a6d2f9d59 C:\Program Files\ESTsoft\ALZip\AZCTM.dll

MD5: 7f8cda2c332e2828701356328279c2e8 C:\Program Files\ESTsoft\ALZip\ctm_en-US.dll

MD5: 39a71908a62c5476eaaeec9195147066 C:\Program Files\FileZilla FTP Client\fzshellext.dll

MD5: 095516791c381206b134525b68a480d8 C:\Program Files\Glary Utilities\initialize.exe

MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

MD5: b53a732c08002f6eda943deb8ce91f6e C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll

MD5: 58ec0172da8a00597e93a072f6e7f044 C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll

MD5: b9497c5acaea521663bffbb321dd3afa C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

MD5: 76e7410b3a308f6960d3ce06dc7874ad C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll

MD5: 917a728a12f25fcf4636858fac9979fa C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

MD5: e0ff893763ba82baabb869a351f0c455 C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

MD5: c56de8185672b9f17f127ea282dd5e07 C:\Program Files\Google\Update\1.3.21.135\psmachine.dll

MD5: bd123d1c9b1e8d38c00f495dd3461624 C:\Program Files\Internet Explorer\ieproxy.dll

MD5: f647d0bea553c1d0c251ce07da6a5511 C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: 2ba1a226f33493587e173d7ce0559cc9 C:\Program Files\Internet Explorer\plugins\npq3px.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: dcefc06a923943cff59749fcf7dc01bf C:\Program Files\Internet Explorer\plugins\nptgeqplugin.dll

MD5: 4b8fe2760e9b7c91b4d1e64231f6b00c C:\Program Files\Internet Explorer\plugins\xwrapper.ocx

MD5: 2e6b535eb0493a8707dc2d576d3678dc C:\Program Files\Internet Explorer\xpshims.dll

MD5: 27861540f6a834218c9ed6e2fe75e32b c:\program files\java\jre7\bin\jp2ssv.dll

MD5: 999db5f88c8e145cca9d471e33227143 C:\Program Files\Java\jre7\bin\jqs.exe

MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\MSVCR100.dll

MD5: 05c4a7136f3012bb47107333b5d351d3 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

MD5: 0e0d229cc5ad08adb848878fd167e0c5 C:\Program Files\Java\jre7\bin\ssv.dll

MD5: 118d81523ea80b9e252cb840e94754c6 C:\Program Files\Microsoft Security Client\EppManifest.dll

MD5: 3d9381a332e4373f8811c71ba5078b31 C:\Program Files\Microsoft Security Client\mpclient.dll

MD5: 41c34f15be216ac2233694376ca0ff9e C:\Program Files\Microsoft Security Client\MpOAv.dll

MD5: aa87d7709021503687326432dc59590d C:\Program Files\Microsoft Security Client\mprtp.dll

MD5: f556912e70b22d740c9c99e310e3c11f C:\Program Files\Microsoft Security Client\mpsvc.dll

MD5: 5ccde0fcc91ed207d4598967dd1f5889 C:\Program Files\Microsoft Security Client\MsMpCom.dll

MD5: c1f19d2bacbee9ab64d9ae69e9859ac0 C:\Program Files\Microsoft Security Client\MsMpEng.exe

MD5: 4d2f7561d8a840450aabfad3740b0e6b C:\Program Files\Microsoft Security Client\msseces.exe

MD5: a5c14075b571af1c9592595be724d9d2 C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

MD5: f647d0bea553c1d0c251ce07da6a5511 C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

MD5: 5c82ecf7cf5e836425e7334728e58cf2 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

MD5: 8a7c8f4c713e70d73946833d76b77035 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

MD5: 8dda2b606279753601f9415da503ca63 C:\Program Files\QuickTime\QTTask.exe

MD5: 5b66db4877bbac9f7493aa8d84421e49 C:\Program Files\Secunia\PSI\PSIA.exe

MD5: 0e88fdf474f2cdd370a4a6ce77d018f0 C:\Program Files\Secunia\PSI\sua.exe

MD5: a843fc35574ecfd9e7a41c5505a9921b C:\Program Files\VideoLAN\VLC\npvlc.dll

MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL

MD5: 789e50b5a5d602bc141a3725ae22adcf C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe

MD5: 5002991ada7920b35e46e7ea80c134fe C:\WINDOWS\Downloaded Program Files\isusweb.dll

MD5: 1be4cd6e264d82163f5a346aad0c1478 C:\WINDOWS\Downloaded Program Files\McContentMgr.dll

MD5: 40cdb9687d67516251e3a876ce843701 C:\WINDOWS\Downloaded Program Files\McHealthCheck.dll

MD5: 0541ec396d772289dadbf572607138e2 C:\WINDOWS\Downloaded Program Files\McLogMgr.dll

MD5: 38e1c7407449caee7559dea5cd413007 C:\WINDOWS\Downloaded Program Files\McPlugins.dll

MD5: 0d1f44af9ee665245d9acf85dbe43810 C:\WINDOWS\Downloaded Program Files\McProdMgr.dll

MD5: 4047fd723bd7cdaab49fab542b6497d2 C:\WINDOWS\Downloaded Program Files\MVT.dll

MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll

MD5: c9caf4e7d62e263073a392b00d9245f7 C:\WINDOWS\Downloaded Program Files\Uploader.exe

MD5: d43637f8e835ddf2fe95fbe6242494b0 C:\WINDOWS\IME\SPGRMR.DLL

MD5: f6faec07446a78a9c5af4558ff5bd118 C:\WINDOWS\ime\sptip.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll

MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll

MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll

MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll

MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll

MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll

MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: d874723e025c465990b5f105715361f7 C:\WINDOWS\system32\devldr32.exe

MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll

MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll

MD5: 5f7e24fa9eab896051ffb87f840730d2 C:\WINDOWS\System32\dnsrslvr.dll

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: 5d7be7b19e827125e016325334e58ff1 C:\WINDOWS\System32\Drivers\BANTExt.sys

MD5: 41347688046d49cde0f6d138a534f73d C:\WINDOWS\System32\DRIVERS\BCMSM.sys

MD5: 620255815698bd3cac73a796138e98d1 C:\WINDOWS\system32\drivers\ctac32k.sys

MD5: d37944ac4701a4205348f622220ca566 C:\WINDOWS\system32\drivers\ctaud2k.sys

MD5: f02e5e05ad79111f3b975e2a654aa050 C:\WINDOWS\system32\drivers\ctdvda2k.sys

MD5: aadc81e967c25dd7c90e150fec6eab74 C:\WINDOWS\system32\drivers\ctlface.sys

MD5: 71007bd2e1e26927fe3e4eb00c0beedf C:\WINDOWS\System32\DRIVERS\ctljystk.sys

MD5: 08cb1c2d0ba02d35332163beaac4ef3b C:\WINDOWS\system32\drivers\ctoss2k.sys

MD5: 537f9a31d6999b30057f6eddb8b7d02c C:\WINDOWS\system32\drivers\ctprxy2k.sys

MD5: 391bd6b5fb13b8480239202030cd493a C:\WINDOWS\system32\drivers\ctsfm2k.sys

MD5: 98b46b331404a951cabad8b4877e1276 C:\WINDOWS\System32\DRIVERS\e100b325.sys

MD5: eac137eb2c92c524cbb91b60f82db27e C:\WINDOWS\system32\drivers\emu10k1f.sys

MD5: b1f5e195af93f203c1422bbb176ffc39 C:\WINDOWS\system32\drivers\emupia2k.sys

MD5: 16ebd8bf1d5090923694cc972c7ce1b4 C:\WINDOWS\system32\DRIVERS\ENTECH.sys

MD5: 229eb06fa35d84a8cb592e9679a2fbda C:\WINDOWS\system32\drivers\ha10kx2k.sys

MD5: 6c7615b88dd535125f69500b70b22d01 C:\WINDOWS\system32\drivers\hap16v2k.sys

MD5: f0214205548aa09de6a0b96b0c4df939 C:\WINDOWS\system32\drivers\hap17v2k.sys

MD5: b5fbadee0e8aa4ad1f5e3f4f153c8c6c C:\WINDOWS\system32\DRIVERS\lgusbbus.sys

MD5: 3cedcf0b428d5f49a4a2b031f974e838 C:\WINDOWS\system32\DRIVERS\lgUsbDiag.sys

MD5: b4796b12df011dc75617d4c687cf38cc C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys

MD5: cf105ee42e3f71e648cebb3f666e1cf0 C:\WINDOWS\system32\DRIVERS\MpFilter.sys

MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\System32\DRIVERS\ndistapi.sys

MD5: 7c56f3fd65b2bdb315ca3605a5392d7b C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

MD5: cec7e2c6c1fa00c7ab2f5434f848ae51 C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS

MD5: 6b71e0619b676e5d485a97a741ec223f C:\WINDOWS\system32\DRIVERS\OmniDrv.sys

MD5: e6622491f114b8c9cb179011d300c009 C:\WINDOWS\system32\DRIVERS\OmniUsb.sys

MD5: a20310e06fb9a26753979220fd50382c C:\WINDOWS\system32\DRIVERS\OmniUsbl.sys

MD5: 0196ae2adcd2eb13ff355da7f9d4518f C:\WINDOWS\system32\DRIVERS\pelmouse.sys

MD5: bc672907c5429d8f6c95d7e0784deaa1 C:\WINDOWS\system32\DRIVERS\pelusblf.sys

MD5: 3b6973d60bde757c53bb76842d31318e C:\WINDOWS\system32\DRIVERS\point32.sys

MD5: d24dfd16a1e2a76034df5aa18125c35d C:\WINDOWS\system32\DRIVERS\psi_mf.sys

MD5: 9621807bf414bca55b3ef3c4591a2f20 C:\WINDOWS\system32\DRIVERS\rt2500usb.sys

MD5: 28b740a66cb88be3d0cd93d5664d7d88 C:\WINDOWS\system32\drivers\sfman.sys

MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\System32\DRIVERS\srv.sys

MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll

MD5: 8e229002c6857d538178c42b5d1741a3 C:\WINDOWS\system32\hpinksts8811LM.dll

MD5: a2180b455ae266d66f38634de018e7ce C:\WINDOWS\system32\ieframe.dll

MD5: 50cc4c85402d5f8777c9713de8808868 C:\WINDOWS\system32\iepeers.dll

MD5: bd485dbd15ffa3286a75906e4c4dd914 C:\WINDOWS\system32\iertutil.dll

MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll

MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll

MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll

MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll

MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll

MD5: 2f5f68e1102c2786db5bd97978af54e9 C:\WINDOWS\system32\lex2kusb.dll

MD5: 4b7c904f33c9097811b02e5edbbb350d C:\WINDOWS\system32\LexBce.dll

MD5: 2b7005bd9e0966cccf70ae9a5b9d2427 C:\WINDOWS\system32\LEXBCES.EXE

MD5: 9bd4e3dc2e1e1297db8255a432b637a8 C:\WINDOWS\system32\LEXLMPM.DLL

MD5: 725283ac861060add476b0cd6a747e99 C:\WINDOWS\system32\lexp2p32.dll

MD5: 7a4cc92d2a23d34934c71c61671e3a7c C:\WINDOWS\system32\LEXPPS.EXE

MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll

MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll

MD5: 47299371607dc2fb234444eeacb1639e C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

MD5: 08335edd4d07feff9bfaa6dc528be18a C:\WINDOWS\system32\msfeeds.dll

MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\MSFTEDIT.DLL

MD5: 85fe43a44239e406d7bb9513569d4d00 C:\WINDOWS\system32\mshtml.dll

MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll

MD5: 98e53ca00d3c0a2e9faa4e59c101aeba C:\WINDOWS\system32\mslbui.dll

MD5: 29bd913d8fd1feb6728dc9b43b55c1d2 C:\WINDOWS\system32\MSRATING.dll

MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll

MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll

MD5: 2b8b64aa14f817bdf3e3204fb041a61d C:\WINDOWS\System32\mtxoci.dll

MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\NETAPI32.dll

MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll

MD5: d4bd9f86123c87eca570418b69326f99 C:\WINDOWS\system32\npDeployJava1.dll

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: 288fc8b1a73fb46ae02590157855e302 C:\WINDOWS\system32\nvapi.dll

MD5: 89c7169d6161d98585880e3079d721f3 C:\WINDOWS\system32\nvcpl.dll

MD5: aae353663bb47f80064afe81482b6920 C:\WINDOWS\system32\nvshell.dll

MD5: f96df45cfbdc670584293e03c2ab602a C:\WINDOWS\system32\nvsvc32.exe

MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll

MD5: eff03460e542eea6b0abdec6bf19c897 C:\WINDOWS\system32\OLEAUT32.dll

MD5: a1dd33d16f277ce34124ee52ab2c0f14 C:\WINDOWS\system32\PnkBstrA.exe

MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll

MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll

MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll

MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll

MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll

MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll

MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe

MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll

MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\System32\sti.dll

MD5: 5c4adb808b54126c1ed2fba0eae06c63 C:\WINDOWS\system32\upnpui.dll

MD5: a9d17e2afab5eb5c4920d8e07505d3ca C:\WINDOWS\system32\urlmon.dll

MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe

MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll

MD5: 6404807abc7af52fa3792697ae638b50 C:\WINDOWS\System32\wbem\wbemcons.dll

MD5: 627b55fad15c6b03b44198afbeebab1a C:\WINDOWS\system32\WgaLogon.dll

MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll

MD5: da5b96a293b006572209e5eac9f3a045 C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll

MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll

MD5: 69ae2b2e6968c316536e5b10b9702e63 C:\WINDOWS\system32\winsrv.dll

MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll

MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll

MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\system32\wscntfy.exe

MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll

MD5: 5caf91e865fe0c85048a233e594544d2 c:\windows\system32\WUDFPlatform.dll

MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\System32\XPOB2RES.DLL

MD5: 29f3ecd623330ad06005482a84c2a741 C:\WINDOWS\system32\xpsp1res.dll

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll

MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll

No file uploaded.

Scan finished - communication took 1 sec

Total traffic - 0.01 MB sent, 0.78 KB recvd

Scanned 594 files and modules - 54 seconds

==============================================================================

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Wease [Admin rights]

Mode : Scan -- Date : 04/20/2013 08:12:52

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST380011A +++++

--- User ---

[MBR] 1522866a6520d844a402c65c4ed8b097

[bSP] f0531316a6163d16f4ba254ab3fe3bf4 : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76285 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_04202013_02d0812.txt >>

RKreport[1]_S_04202013_02d0812.txt

Maurice Naggar · April 20, 2013

Tell me, what is on the G drive?

What are these files in the Kite folder:

G:\kite\kite2\System\Apps\0DE4F643-C398-46ec-9339-2362F2311932\Skype(3.5.14.240)(u3)(6291)release_candidate.u3p (Trojan.Agent.ED) -> No action taken. [36b9d5143a31be78da35020a8d74ad53]

G:\kite\System\Apps\0DE4F643-C398-46ec-9339-2362F2311932\Skype(3.5.14.240)(u3)(6291)release_candidate.u3p (Trojan.Agent.ED) -> No action taken. [c22df1f88cdf5dd9f8170b01768b5ca4]

Task 1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Task 2

These are out of date and pose security risks. Please Uninstal { via Control Panel >> Add-or-Remove Programs }

Adobe Reader X (10.1.6)

Java 7 Update 17

JavaFX 2.1.1

Task 3

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 / 8 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

IF prompted to update Avast definitions, answer NO.

On the following screen:

uncheck trace disk IO calls at the bottom left :excl:

Now, Click the "Scan" button to start scan.

Have patience as it scans.

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me)

Now click save log, save it to your desktop and Copy & Paste in your next reply.

Do NOT click any Fix button.

EXIT the tool.

Task 4

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Using Internet Explorer browser only, go to ESET Online Scanner website:

{Windows 7 & Vista users should start IE by Start >> Internet Explorer >> Right-Click and select Run As Administrator.}

Press the ESET Online scanner" button
Check the I accept the terms box. Accept the Terms of Use and press Start button;
Approve the install of the required ActiveX Control, then follow on-screen instructions;
Checkmark the Remove found threats option.
Uncheck Scan Archives option.
Click on Advanced Settings and checkmark the following
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology
click Scan.
After the scan completes, the Details tab in the Results window will display what was found and removed.
- A logfile is created and located at C:\Program Files\Eset\EsetOnlineScanner\log.txt.
Look at contents of this file using Notepad or Wordpad.
The Frequently Asked Questions for ESET Online Scanner can be viewed here
http://www.eset.com/onlinescan/cac4.php?page=faq
[*]Use of Internet Explorer for the online scan is preferred. If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.

Reply with copy of the Eset scan log.

Task 5

Download, & save & then run the MS Safety scanner

http://www.microsoft.com/security/scanner/en-us/default.aspx

Let me know the result.

Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.

After the scan is done, re-enable your antivirus program.

bottomshot · April 21, 2013

Hi,

in an attempt to avoid filling up my 80 GB internal drive, I added an external 500GB USB drive (G:) for storage of any downloads and large files.

At one time I had several small 4 GB Sandisk Cruzer USB thumb drives and when no longer useful I placed these onto G drive for storage. Kite being one drive, kite 2 being another. These drives came with several games and other “U3 smart” programs pre-installed in a hidden System folder, Skype being one of these. http://en.wikipedia.org/wiki/U3

I transferred those drives in June 2012, so when I suddenly got a flag after updating I am thinking the Sandisk software is now being false flagged.

Forgive me but I try to keep on top of flash and Java updates via Secunia, so rather than uninstall I did update Adobe reader and attempted to update Java, but turns out the latest Java installer has problems of its own: http://forums.malwarebytes.org/index.php?showtopic=125232

Please let me know if this is an issue.

The AswMBR “Fix” button was not enabled by the scan and the MS Safety scanner performed a full scan and found no problems. ESET found 5 files, 4 of them various free utilities or tools. I assume these are carrying some sort of spyware? I assume utorrent is loaded as well?

The logs:

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/20/2013 04:52:17 PM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\LEXBCES.EXE (PID: 1504) [WD-HEUR]

* C:\WINDOWS\system32\LEXPPS.EXE (PID: 1548) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* DNS Client (Dnscache) is not Running.

Startup Type set to: Disabled

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 04/20/2013 04:52:56 PM

Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=8

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=b8d10838e9091a4f9dba2496b7eaf5e1

# engine=13661

# end=stopped

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2013-04-20 11:51:08

# local_time=2013-04-20 07:51:08 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=5892 16777213 88 94 5113772 7703524 0 0

# scanned=42587

# found=0

# cleaned=0

# scan_time=1939

# version=8

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=b8d10838e9091a4f9dba2496b7eaf5e1

# engine=13661

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2013-04-21 06:43:29

# local_time=2013-04-21 02:43:29 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=5892 16777213 88 94 5134913 7728265 0 0

# scanned=92339

# found=5

# cleaned=5

# scan_time=4651

sh=A8FD2DC2BF4A20EB726312E130F3939529FC6785 ft=1 fh=e4d95ff85e679928 vn="a variant of Win32/Bunndle application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{C0013CD2-ECA9-4B7C-8926-8DE0AF1DC8AC}\RP346\A0095818.exe"

sh=30FC6A02E29989F70662F7E609CE5A884B4DB6A8 ft=1 fh=8012c7ddc7173a7f vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="G:\kite\FreeVideoToMP3Converter.exe"

sh=3039EBF2F2705A0FA327A5AC12F85F3E7B9F6F2E ft=1 fh=942d62f44822638b vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="G:\Mikey\pc tools\CrystalDiskInfo5_0_5Shizuku-en.exe"

sh=BE9DDF61D66016CB8C119EB8F7700AA07860D042 ft=1 fh=54791b18931ce2a3 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="G:\Mikey\pc tools\disk-defrag-setup.exe"

sh=A8FD2DC2BF4A20EB726312E130F3939529FC6785 ft=1 fh=e4d95ff85e679928 vn="a variant of Win32/Bunndle application (cleaned by deleting - quarantined)" ac=C fn="G:\Mikey\temp\uTorrent.exe"

Run date: 2013-04-20 19:03:08

-----------------------------

19:03:08.734 OS Version: Windows 5.1.2600 Service Pack 3

19:03:08.734 Number of processors: 1 586 0x209

19:03:08.734 ComputerName: Removed UserName: Wease

19:03:09.375 Initialize success

19:03:19.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

19:03:19.453 Disk 0 Vendor: ST380011A 3.16 Size: 76293MB BusType: 3

19:03:19.562 Disk 0 MBR read successfully

19:03:19.562 Disk 0 MBR scan

19:03:19.562 Disk 0 Windows XP default MBR code

19:03:19.562 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76285 MB offset 63

19:03:19.562 Disk 0 scanning sectors +156232125

19:03:19.718 Disk 0 scanning C:\WINDOWS\system32\drivers

19:03:29.609 Service scanning

19:03:41.703 Service PciCon E:\PciCon.sys **LOCKED** 21

19:03:48.671 Modules scanning

19:03:58.843 Scan finished successfully

19:04:20.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Wease\Desktop\needed logs\needed 2\MBR.dat"

19:04:20.625 The log file has been saved successfully to "C:\Documents and Settings\Wease\Desktop\needed logs\needed 2\aswMBR.txt"

Maurice Naggar · April 21, 2013

Please disconnect the G drive as we continueworking this case. In the near future, you should scan the G drive with your antivirus.

Using "torrents" or any file-sharing app is never a good idea. Worse case is that you would get infected by malware. At minimum, you see you can get bundled unwanted add-ons like the Ask toolbar, which is a poor search.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwarebytes.org/index.php?showtopic=97700

You need to remove older versions of Java runtime. Do this:

Download & Save to your Desktop or a new folder Javara.zip

Extract the contents of the zip file. Then double click Javara.exe to run it.

JavaRa is a simple tool that does a simple job: it removes old and redundant versions of the Java Runtime Environment (JRE).

Java vulnerabilities are a never ending occurence. Bottom line is, if your system does not have an installed 3rd-party application that needs it, then unistall it.

If you do have that dependency, then turn off Java in your browsers.

If somehow, you have a often-used website that needs Java to display all information, then just use a specific browser and only allow Java in that one.

If you want to disable Java in your browser:

How to disable Java in various browsers : http://blog.eset.com/2012/08/29/disabling-java-a-safer-way-to-browse

Also see No, Seriously, Just Disable Java in Your Browser Right Now

As noted by Brian Krebs,

Most consumers can get by without Java installed, or least not plugged into the browser. Because of the prevalence of threats targeting Java installations, I’d urge these users to remove Java or unplug it from the browser. If this is too much trouble, consider adopting a dual-browser approach, keeping Java unplugged from your main browser, and plugged in to a secondary browser that you only use to visit sites that require the plugin.

Firefox browser

Your Firefox is out of date. Start Firefox. From it's main menu, select Help >> About Firefox. Then click on Check for Updates.

Allow the download, allow the update, and allow the system to restart.

I need to know the result of the MS Safety Scanner {from task 5 in prior reply to you ! }.

bottomshot · April 22, 2013

Sorry I should have stated that I have included G drive in my full scan routine from the day I installed it. I always scan C: and G: drives. I run MSE and the free MBAM. That was why the sudden appearance of system files from a thumb drive, and divxinstaller.exe returns as Trojan.chad, makes me wonder.

I mentioned above that the MS Safety Scanner performed a full scan and found no problems.

I have updated Firefox and removed Java.

I had only tried utorrent within the past month and downloaded nothing from it, the file I was interested in was long dead. I have removed it, I agree it's not worth the risks.

Maurice Naggar · April 22, 2013

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member bottomshot only. If you are a casual viewer, do NOT try this on your system!

If you are not bottomshot and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on Combo-Fix.exe accept the EULA & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

-------------------------------------------------------

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh !

Reply & Copy / Paste the contents of C:\Combofix.txt log

and tell me, How is the system now

RE-Enable your AntiVirus and AntiSpyware applications.

bottomshot · April 22, 2013

Hi,

Combofix ran with no problems although I had to do a manual restart.

ComboFix 13-04-22.01 - Wease 04/22/2013 17:54:41.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.989 [GMT -4:00]

Running from: c:\documents and settings\Wease\Desktop\Combo-Fix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

((((((((((((((((((((((((( Files Created from 2013-03-22 to 2013-04-22 )))))))))))))))))))))))))))))))

.

2013-04-22 12:13 . 2013-04-22 13:39 -------- d-----w- c:\documents and settings\Wease\Application Data\vlc

2013-04-21 22:58 . 2013-04-10 03:08 6906960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{322D6AD1-F155-4DD9-9A29-5BCDCF871A4C}\mpengine.dll

2013-04-21 20:33 . 2013-04-10 03:08 6906960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-04-20 23:14 . 2013-04-20 23:14 -------- d-----w- c:\windows\LastGood

2013-04-20 23:14 . 2013-04-20 23:14 -------- d-----w- c:\program files\ESET

2013-04-20 11:58 . 2013-04-20 11:58 -------- d-----w- c:\documents and settings\Wease\Application Data\QuickScan

2013-04-20 11:36 . 2013-04-20 11:37 -------- d-----w- c:\program files\trend micro

2013-04-20 11:36 . 2013-04-20 11:37 -------- d-----w- C:\rsit

2013-04-14 22:38 . 2013-04-14 22:38 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin

2013-04-14 22:38 . 2013-04-14 22:38 1 ----a-w- c:\windows\system32\nvdrssel.bin

2013-04-14 22:38 . 2013-04-14 22:38 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin

2013-04-14 22:37 . 2013-04-14 22:38 -------- d-----w- c:\program files\NVIDIA Corporation

2013-03-31 19:34 . 2013-04-19 20:42 -------- d-----w- c:\documents and settings\Wease\Application Data\uTorrent

2013-03-31 00:01 . 2013-04-22 02:49 -------- d-----w- c:\program files\Mozilla Maintenance Service

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-04 18:50 . 2012-06-18 04:07 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-02 10:33 . 2011-06-10 21:36 237088 ------w- c:\windows\system32\MpSigStub.exe

2013-03-15 21:36 . 2012-06-22 02:30 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-03-15 21:36 . 2011-06-11 23:16 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-15 21:29 . 2012-06-22 05:13 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-15 21:29 . 2011-06-11 01:41 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-08 08:36 . 2003-07-16 20:51 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:32 . 2003-07-16 20:39 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50 . 2002-08-29 01:04 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:06 . 2004-08-24 01:32 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:06 . 2003-07-16 20:32 43520 ------w- c:\windows\system32\licmgr10.dll

2013-03-02 02:06 . 2003-07-16 20:30 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:25 . 2003-07-16 20:51 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08 . 2004-08-04 05:59 385024 ------w- c:\windows\system32\html.iec

2013-02-27 07:56 . 2004-11-12 13:20 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-12 00:32 . 2004-08-04 06:04 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-12 00:32 . 2003-07-16 20:49 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-08 09:03 . 2013-02-08 09:03 1010464 ----a-w- c:\windows\system32\nvdispco32.dll

2013-02-08 09:03 . 2007-02-14 05:31 19189760 ----a-w- c:\windows\system32\nvoglnt.dll

2013-02-08 09:03 . 2004-10-29 21:50 4494336 ----a-w- c:\windows\system32\nv4_disp.dll

2013-02-08 09:02 . 2013-02-08 09:02 2581792 ----a-w- c:\windows\system32\nvcuvid.dll

2013-02-08 09:02 . 2008-09-17 13:55 7536640 ----a-w- c:\windows\system32\nvcuda.dll

2013-02-08 09:02 . 2013-02-08 09:02 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll

2013-02-08 09:02 . 2013-02-08 09:02 17551360 ----a-w- c:\windows\system32\nvcompiler.dll

2013-02-08 09:02 . 2007-02-14 05:31 2389504 ----a-w- c:\windows\system32\nvapi.dll

2013-02-08 09:02 . 2004-10-29 21:50 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2013-02-08 09:02 . 2013-02-08 09:02 5967872 ----a-w- c:\windows\system32\nvopencl.dll

2013-02-08 09:02 . 2013-02-08 09:02 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-01-26 03:55 . 2003-07-16 20:40 552448 ------w- c:\windows\system32\oleaut32.dll

2013-04-22 02:46 . 2013-04-22 02:45 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 68856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0smrgdf c:\program files\iolo\System Mechanic 6

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-18 19:08 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-10-12 02:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2012-06-28 19:35 3289088 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]

2006-10-23 18:54 56128 ----a-w- c:\windows\system32\ico.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2008-09-17 13:55 13574144 ----a-w- c:\windows\system32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

2008-09-17 13:55 1657376 ----a-w- c:\windows\system32\nwiz.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 08:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2007-07-27 01:24 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"c:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe"=

"c:\\Program Files\\Firaxis Games\\Civilization III Complete\\Conquests\\Civ3Conquests.exe"=

"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=

"c:\\Program Files\\Call of Duty\\CoDUOMP.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

.

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [10/14/2011 2:01 AM 399416]

S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 4:30 AM 15544]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [7/27/2012 1:44 PM 27064]

S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [10/14/2011 2:01 AM 994360]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - aswMBR

.

Contents of the 'Scheduled Tasks' folder

.

2013-04-20 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2013-03-02 20:58]

.

2013-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 00:35]

.

2013-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 00:35]

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

TCP: DhcpNameServer = 192.168.1.254

DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} - hxxp://www.iolo.com/app/ocx/UpgradeVerify.ocx

FF - ProfilePath - c:\documents and settings\Wease\Application Data\Mozilla\Firefox\Profiles\s1m47lbt.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.startup.homepage - www.google.com

.

------- File Associations -------

.

JSEFile=NOTEPAD.EXE %1

.

- - - - ORPHANS REMOVED - - - -

.

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe

MSConfigStartUp-TkBellExe - c:\program files\Real\RealPlayer\update\realsched.exe

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-04-22 18:01

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1390067357-2025429265-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:9a,41,fd,e2,ce,d2,11,3a,4e,da,b9,a8,08,87,5e,ba,81,3a,85,b6,a5,f7,e0,

54,98,15,35,55,25,fb,45,08,9e,a5,bf,dc,db,db,9c,e7,87,55,c5,fc,9c,54,52,5d,\

"??"=hex:c4,61,92,55,b6,87,66,46,df,5c,39,13,e7,33,25,3c

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(180)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2013-04-22 18:03:58

ComboFix-quarantined-files.txt 2013-04-22 22:03

.

Pre-Run: 18,160,013,312 bytes free

Post-Run: 19,108,372,480 bytes free

.

- - End Of File - - 5B934CC50130A5EB501BD2A179A16886

Maurice Naggar · April 23, 2013

You are good to go after the following cleanups. DO let me know after you have finished the tool removals.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used.

We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it Combo-Fix :excl: , put that name in the RUN box stated just below.

The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.

Note the space after exe and before the slash mark.

The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk.

Click Start, then click Run.
In the text box that opens, type or copy/paste
c:\documents and settings\Wease\Desktop\Combo-Fix.exe /uninstall
and then click OK.

IF in the case Combofix un-install has an issue, skip that step.

Download OTC to your desktop and run it
Click Yes to beginning the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use on a periodic basis to backup Windows registry.

Delete the following if still present:

RSIT.exe

securitycheck.exe

roguekiller.exe

RKILL

aswMBR.exe

MS safety scanner

In Control Panel >> Add-or-Remove Programs uninstall

BitDefender Quickscan

ESET Online scan

exit/close Control panel

Safer practices & malware prevention

Have a hardware router between the incoming internet-modem and your computer.
Use a Standard user account rather than an administrator-rights account when "surfing" the web.
Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
Check in at Windows Update and install any Important Updates offered.
Make certain that Automatic Updates is enabled.
How to configure and use Automatic Updates in Windows
http://support.microsoft.com/kb/306525
Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (OSI) on a monthly basis.
See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
Download, install, and keep updated Spyware Blaster (free): http://www.javacoolsoftware.com/spywareblaster.html (all Protections should be enabled at all times)
Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware
I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
See the FAQ page http://mvps.org/winhelp2002/hostsfaq.htm
That would help to keep your browser away from known spyware/malware sites.
Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
Having a total image backup of your system stored on DVD/CD is highly important.
Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits.
Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.asp
or Paragon Backup & Recovery http://www.paragon-software.com/home/br-free/download.html
Consider using Web of Trust WOT add-on for your browser(s)
http://www.mywot.com/en/download
http://www.mywot.com/en/faq/add-on
Take extreme care if you share USB-flash/thumb drives from other people {even from friends, roommates, relatives}
Don't plug in an unknown flash/thumb drive into your PC.
IF you must do so, hold down the SHIFT-key when you insert the drive.
Scan any file with your Antivirus prior to opening or using.
On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:

ESET Online Scanner
BitDefender Quickscan
Trend Micro Housecall
F-Secure Online Scanner
Microsoft Safety Scanner
Panda ActiveScan
See Six tips to help you stay safer online
Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !

We are finished here. Best regards.

bottomshot · April 23, 2013

Hi,

cleanup went smoothly with OTC, thank you for your assistance. However, I performed another dev scan and there is still the issue with MBAM returning three flags. I assume we have removed the chances of these being infections. Should I open a thread in the false flags forum?

Maurice Naggar · April 23, 2013

It looks like you know of that sub-forum.

There, provide them a list of the filenames & folders (where the tagged items are).

bottomshot · April 24, 2013

Thank you for your help.

Maurice Naggar · April 24, 2013

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

false flags or infection?

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information