Jump to content

chimpy

Honorary Members
  • Posts

    819
  • Joined

  • Last visited

Everything posted by chimpy

  1. Hi, thanks for the help, just one question, how do I know its finished? It has said "Pending please uncheck any elements you want to remove" for a long time so I clicked the report which is here. # AdwCleaner v3.000 - Report created 23/08/2013 at 22:51:59 # Updated 20/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : XXX - XXX-HP # Running from : C:\Users\XXX\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v23.0.1 (en-GB) [ File : C:\Users\moomin\AppData\Roaming\Mozilla\Firefox\Profiles\17ghuu51.default\prefs.js ] [ File : C:\Users\A J\AppData\Roaming\Mozilla\Firefox\Profiles\y02oni0a.default\prefs.js ] ************************* AdwCleaner[R0].txt - [2139 octets] - [23/08/2013 22:51:59] ########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [2199 octets] ########## Did I prematurely stop it or had it completed? I have no idea what it found but it all says its from IE which I don't really use but it looks harmless I think? I'm not sure.
  2. Hi, I scanned with MBAM and it flagged this as a PUP C:\Users\XX\Downloads\winamp563_full_emusic-7plus_all.exe with the prefix of PUP.Optional.OpenCandy. I let MBAM remove it and restart my laptop. This is infected MBAM log Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.22.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 XXX [administrator] 23/08/2013 00:27:31 mbam-log-2013-08-23 (00-27-31).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 244145 Time elapsed: 7 minute(s), 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\XXX\Downloads\winamp563_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. (end) This is the clean one Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.22.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 XXX [administrator] 23/08/2013 01:52:12 mbam-log-2013-08-23 (01-52-12).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 244033 Time elapsed: 9 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS.txt log DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.21.2 Run by XXX at 2:04:31 on 2013-08-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3561.2019 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\Tablet\Pen\Pen_TouchService.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskhost.exe C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Tablet\Pen\Pen_TabletUser.exe C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files\Tablet\Pen\Pen_TouchUser.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Bamboo Dock\BambooCore.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHOTOF~1.LNK - C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: HideFastUserSwitching = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: NameServer = 192.168.0.1 TCP: Interfaces\{306DE3AC-DBAE-4F34-83BB-4028486A93DE} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{3C3BC83C-468E-4339-9427-95A7197A58CD} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{3C3BC83C-468E-4339-9427-95A7197A58CD}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23 Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\moomin\AppData\Roaming\Mozilla\Firefox\Profiles\17ghuu51.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-6-17 79488] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-6-17 40064] R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-13 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-13 189936] R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-3-25 19600] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-3-25 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-3-25 378944] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-29 204288] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-3-25 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-3-25 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-19 46808] R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-6-27 173192] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-13 227896] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-10-25 2413056] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-5-12 6583160] R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-5-12 528760] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-25 46136] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-3-30 114704] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-10-25 338536] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-10-25 1145448] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2013-7-8 199384] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-10-25 53376] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-10 86072] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-28 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-08-21 23:49:21 -------- d-----w- C:\Program Files\iPod 2013-08-21 23:49:20 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-21 23:49:20 -------- d-----w- C:\Program Files\iTunes 2013-08-21 23:49:20 -------- d-----w- C:\Program Files (x86)\iTunes 2013-08-14 14:58:50 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-08-14 14:58:49 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-08-14 14:58:49 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-08-14 14:58:49 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-08-14 14:58:49 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-08-14 14:58:49 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-08-14 14:58:49 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-08-14 14:58:49 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-08-14 14:57:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-08-14 14:57:11 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-08-14 14:57:08 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-08-14 14:57:07 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-08-14 14:57:06 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-08-14 14:57:06 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-08-14 14:57:01 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-14 14:57:00 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-14 14:56:59 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-14 14:56:59 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-14 14:56:58 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-14 14:56:58 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-14 14:56:57 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-14 14:56:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-14 14:56:55 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-14 14:56:55 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-14 14:56:55 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-14 14:56:54 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-14 14:56:21 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-07-03 21:29:48 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-07-03 21:29:48 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-05-27 22:47:57 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-27 22:47:57 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe . ============= FINISH: 2:05:36.32 =============== And Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 27/01/2012 20:53:39 System Uptime: 23/08/2013 01:25:12 (1 hours ago) . Motherboard: Hewlett-Packard | | 3566 Processor: AMD E2-3000M APU with Radeon HD Graphics | Socket FS1 | 792/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 442 GiB total, 294.848 GiB free. D: is FIXED (NTFS) - 20 GiB total, 2.146 GiB free. E: is FIXED (FAT32) - 4 GiB total, 1.08 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP77: 22/07/2013 13:57:08 - Scheduled Checkpoint RP78: 14/08/2013 19:30:37 - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.7) MUI Adobe Shockwave Player 11.6 Age of Empires Online Aliens vs. Predator AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In AMD System Monitor AMD VISION Engine Control Center Analogue: A Hate Story Apple Application Support Apple Mobile Device Support Apple Software Update ArtRage 2 avast! Free Antivirus Bad Rats Bamboo Bamboo Dock Bamboo Tablets Tutorial Bejeweled 3 Bing Bar Bing Desktop Blackhawk Striker 2 Blio Bonjour Brawl Busters Breath of Death VII Call of Cthulhu: Dark Corners of the Earth Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Cradle of Rome 2 Cricket Revolution Cthulhu Saves the World CyberLink YouCam D3DX10 Dora's World Adventure Dota 2 Dota 2 Test ESU for Microsoft Windows 7 SP1 Evernote v. 4.2.3 Farm Frenzy Farmscapes FATE Final Drive Fury Garry's Mod Garry's Mod 13 Beta Hewlett-Packard ACLM.NET v1.1.2.0 Home Hoyle Card Games HP Auto HP Client Services HP Customer Experience Enhancements HP Documentation HP Games HP Launch Box HP On Screen Display HP Power Manager HP Quick Launch HP QuickWeb HP Recovery Manager HP Security Assistant HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio iTunes Java 7 Update 21 Java Auto Updater Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update Killing Floor Kung Fu Strike: The Warrior's Rise Left 4 Dead Left 4 Dead 2 Letters from Nowhere 2 LIMBO Livebrush Mini Luxor HD Magic Desktop Mah Jong Medley Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft XNA Framework Redistributable 4.0 Mozilla Firefox 23.0.1 (x86 en-GB) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 opensource Penguins! PHOTOfunSTUDIO 8.0 LE Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Portal Realm of the Mad God Realtek Ethernet Controller Driver Realtek PCIE Card Reader REALTEK Wireless LAN Driver RollerCoaster Tycoon 3: Platinum Sandboxie 4.04 (64-bit) Secret of the Magic Crystal Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Source Filmmaker Steam Sumo Paint Bamboo 2.2 swMSM Synaptics Pointing Device Driver Terraria The Treasures of Mystery Island: The Ghost Ship Torchlight Tropico 3 - Steam Special Edition Tropico 3: Absolute Power Universe Sandbox Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life VVVVVV WebTablet FB Plugin WebTablet IE Plugin WebTablet Netscape Plugin WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zombie Panic Source Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 23/08/2013 01:32:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect. 23/08/2013 01:32:03, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 23/08/2013 00:50:55, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service. 21/08/2013 23:05:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 21/08/2013 23:05:43, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 21/08/2013 01:17:37, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 21/08/2013 01:12:19, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 21/08/2013 01:11:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service. 21/08/2013 01:10:57, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. 21/08/2013 01:10:57, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 21/08/2013 01:10:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect. 21/08/2013 01:10:27, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 21/08/2013 01:10:27, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E} 21/08/2013 01:06:47, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. 21/08/2013 01:06:47, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 20/08/2013 23:10:52, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: After starting, the service hung in a start-pending state. 20/08/2013 23:10:42, Error: Service Control Manager [7022] - The Application Virtualization Client service hung on starting. 20/08/2013 02:43:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServicePen service. 19/08/2013 21:28:42, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 18/08/2013 19:50:45, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 18/08/2013 19:50:38, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service. 18/08/2013 19:50:38, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect. 18/08/2013 19:50:38, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== I already had DDS installed from previous posts so I notice the date on it is last year, not sure if there is a updated version that you would prefer me to download and run, I was just in a bit of hurry to post these. Thanks.
  3. Ah I didn't read the pinned post and panicked so let Mbam remove and restart my laptop sorry. I checked my programs and I must have removed winamp when I realized I wasn't going to use it so that PUP might have just been then exe that I downloaded in the first place to install? If not what would you suggest as my next move? I'll post in the possible infected thread just in case.
  4. Hi, I scanned just now and MBAM flagged this as a PUP C:\Users\XX\Downloads\winamp563_full_emusic-7plus_all.exe with the prefix of PUP.Optional.OpenCandy, I installed winamp a long time ago but never really used it. My understanding of PUPs is limited to the fact its potentially unwanted so just wondering if this is anything to be worried about? Thanks.
  5. My dynamic ip sometimes starts with a single digit which I've never seen before, I've seen three and two digits and mine normally starts with two but never one, is this ok or could it mean something else? Thanks.
  6. Thanks, can we keep the option open fora few days? As this start up and a restart have not produced the message which is odd after 3-4 days of it happening. So i'll give it a weekend and see if it comes back, I will probably have to start it up 3-4 times more during that time.
  7. Thanks Advanced Setup. Here are the logs. attach.txt dds.txt dds.txt
  8. For the past couple of days my HP g6 laptop running win7 64 has been having a message pop up on start up "this device can perform faster" with relation to a usb drive, but nothing is plugged into any of them... The scans from MBAM and Avast! have come up clean so might this be a hardware failure? or something else? I know I can just turn off the notifications but if its fixable I would like to try, I mean this lappy is less than a year old only. Thanks.
  9. Right I feel like a total fool now, I just picked extend volume on my C drive and it took back all the unallocated partition I had made... so I have fixed it! Apart from changing the sort of disc it was which the pop up said would only effect a install OS for other than the boot if I remember rightly but it doesn't matter I have now got a much bigger C drive and first thing in the morning I will go get a external HD for back up. Sorry for the trouble but that you for the help, I am not good with these thing!
  10. Ah right, is that what its doing? I presumed it was just doing what my PC did for a system restore. Damn so I made the partition for nothing and I still don't know how just to make a simple small system restore of my files. EDIT Its seems its already saving restore points so thats ok, but still leaves me with a un-needed partitions C drive which I hope I can rejoin and that the fact I changed the dics settings just to make the parts doesnt bork it in the future. Thanks for the help!
  11. Thanks, how big do you think the partition should be then? Its a brand new lappy btw. Oh and do I have to copy the gparted to a cd or is it a straight DL the iso/zip confused me. Thanks.
  12. I just partitioned my C to create a backup section, but I only used 20gb for the backup so I have 200gb unallocated with about 234gb in my C which is plenty to run a laptop with but I would like to if possibly just add it back on, and delete is not a option it seems. EDIT Also my new partion which ive upped to 30gb says there is not enough room even though the backup is only 1.34gb... On a HP laptop 64 bit win 7.
  13. Thanks everyone, I got it today and am installing MBAM, AVG and the like, more than annoyingly AVG found coolwebsearch on its first scan... I only was on IE to get programs from legit sites And now it wont connect to the web... First day and I am off to the HJT forum just to be safe. P.S Does anyone have the link for Coolwebshredder? If that is still around? Thanks. Edit, very annoyed, its become sluggish in the extreme, even trying to load the help centre is just looping, this cant be coolweb surely? Either way i am taking it back to the shop tomorrow and hope that either they fix it, or preferably they honour the 21 day exchange policy. Very annoyed
  14. Thanks, I get it tomorrow, I will probably remove any program that looks like I wont use it, I pressume it will be pretty much ready out of the box, would you reccomend making a seperate account away from the master one? And I heard that if you contact MS and give the key for the OS they send you a disc free of charge just as back up? That could be a urban myth but it would be nice to have just in case Oh and having only worked with 34bits I'm guessing MBAM and all AVs now cater for 64bits?
  15. Thank you, so the Skype and Steam "warnings" that AVG picked up were possibly FPs? I contacted Sandboxie and they have no idea why it does not work correctly.
  16. I take it the software comes already installed and not optional? Damn. @Randit I discounted a tablet as its not really going to be lasting long with kids.
  17. I have decided on this http://www.pcworld.c...884693-pdt.html its in a sale and I'm cheap What do you think of the specs? Will it stream netflix ok? What about if I put steam on there? Its got AMD Radeon HD 6380G Discrete-Class, up to 1.98 GB total memory... what ever that is. I wasn't going to put steam on but with 4gb of RAM and 500gb of HD its better than my Dell I'm running now! Though the ghz for the processor is only 1.8 not that I truly understand things like that to be honest.
  18. Hi Have you had time to take a look at this yet? Thanks.
  19. Thanks for that, that looks pretty decent. Thank you all.
  20. Thanks for the links, I'll take a look. My budget is about £300 to £350, can't really go more than that.
  21. Hmm, thanks, looks like a laptop is the way to go. What would the minimum specs be? All I know is I do not really need a big HD as I won't be using it to store much.
  22. I am looking to buy either a netbook or a laptop mainly as a portable way to stream movies from Netflix, but I am not sure a netbook would have the power? What would you say would be in the minimum specs for that? I just want browsing, shopping, youtube, facebook but mainly for Netflix. Oh and i'm looking at the cheapest end of the market, chances are the kids will use it most of the time so I dont really want to invest in something they might destroy Thanks.
  23. Hi, Thanks, I got another "warning" from AVG which was healed, that one was "";"C:\Program Files\Steam\steamapps\common\global agenda live\Binaries\GlobalAgenda.exe";"Corrupted executable file";"Moved to Virus Vault", I googled to see if anyone else had posted about it but found nothing, I removed the game as I had forgotten I had had it (Never really played it either) Only other odd thing was sandboxie now refusing to understand that FF is not already running so I have hand to create a sandbox with a different name to get it to work. This is the new MBAM log Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.18.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 XXXXXXXXXXXXXXXXXXXX [administrator] 19/01/2012 02:34:14 mbam-log-2012-01-19 (02-34-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 204886 Time elapsed: 8 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) And the DDS logs . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30 Run by amanda at 2:44:42 on 2012-01-19 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.2046.1017 [GMT 0:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\AERTSrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\System32\mobsync.exe C:\Windows\RtHDVCpl.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Windows\vsnp2uvc.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Users\panda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe C:\Program Files\FinePixViewerS\QuickDCF2.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskeng.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sky.com BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [HostsMan] "c:\program files\hostsman\hm.exe" -s uRun: [HostsServer] "c:\program files\hostsman\hostssrv.exe" --start mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe" mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [dscactivate] c:\program files\dell support center\gs_agent\custom\dsca.exe mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [snp2uvc] c:\windows\vsnp2uvc.exe mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewers\QuickDCF2.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{698A83BA-AE1B-4EE8-82B2-53B069F7BEC2} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{EEA90EAB-20F1-4644-884B-6D0592D529E7} : DhcpNameServer = 163.244.4.254 163.244.76.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\amanda\appdata\roaming\mozilla\firefox\profiles\jgi178he.default\ FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\id software\quakelive\npquakezero.dll FF - plugin: c:\users\amanda\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-2-29 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-2-29 55024] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952] R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560] R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-3-26 21504] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2008-6-9 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-11-20 240232] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624] R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-11-23 131856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-01-12 00:18:47 -------- d-----w- C:\85cff1293f2327d06ed12cc5a1da 2012-01-12 00:09:40 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-12 00:09:40 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-12 00:09:39 9728 ----a-w- c:\windows\system32\lsass.exe 2012-01-12 00:09:39 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-12 00:09:39 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-12 00:09:39 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-11 05:14:56 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 05:14:56 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 05:14:55 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 05:14:53 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 05:14:51 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 05:14:50 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2012-01-11 05:14:45 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 05:14:44 497152 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 01:18:00 -------- d-----w- c:\users\amanda\appdata\roaming\QuickScan 2011-12-20 11:21:11 -------- d-----w- c:\program files\Sandboxie . ==================== Find3M ==================== . 2011-12-17 23:25:55 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-12-13 09:45:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-10 15:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-25 15:56:04 49152 ----a-w- c:\windows\system32\csrsrv.dll . ============= FINISH: 2:46:08.30 =============== Thank you.
  24. Hi I had a warning on my AVG about SkypeSetUp.exe which it removed and healed, I googled a bit and thought little of it as in the past 3-5 months AVG has picked up somethings but all linked to Steam games so nothing to worry about I thought, but decided to make sure my PC was clean and so ran a few scans. MBAM was clean and I have just ran it again to put up a new one to show you. Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.11.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 XXXXXXXX :: XXXXXXXXXX-PC [administrator] 11/01/2012 01:27:09 mbam-log-2012-01-11 (01-27-09).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 205524 Time elapsed: 7 minute(s), 47 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Esetonline was also clean but I decided to run the 60 second quick scan from bitdefender and although that says it is clean something about it tells me otherwise. I have highlighted the bit in Bold and underlined, it is the IP that the browsers are "connected" to, I googled a few and one came back looking very dodgy, something about a backdoor trojan/worm? QuickScan 32-bit v0.9.9.103 --------------------------- Scan date: Wed Jan 11 01:18:08 2012 Machine ID: XXXXXXXXXXX No infection found. ------------------- Processes --------- SansaDispatch 2980 C:\Users\panda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe Adobe Acrobat Update Service 660 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe APO Access Service (32-bit) 684 C:\Windows\System32\AERTSrv.exe AVG Internet Security 5128 C:\Program Files\AVG\AVG10\avgcsrvx.exe AVG Internet Security 2732 C:\Program Files\AVG\AVG10\avgnsx.exe AVG Internet Security 2868 C:\Program Files\AVG\AVG10\avgtray.exe AVG Internet Security 740 C:\Program Files\AVG\AVG10\avgwdsvc.exe AVG Internet Security 3084 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVG Internet Security 464 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe AVG Internet Security 4904 C:\PROGRA~1\AVG\AVG10\avgrsx.exe AVGIDSMonitor.exe 4352 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe CameraMonitor Application 928 C:\Windows\vsnp2uvc.exe CommonSDK 1020 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe CommonSDK 304 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe CommonSDK 3892 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe Cyberlink PowerCinema 3912 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe Firefox 4420 C:\Program Files\Mozilla Firefox\firefox.exe HD Audio Control Panel 3860 C:\Windows\RtHDVCpl.exe iTunes 4008 C:\Program Files\iPod\bin\iPodService.exe iTunes 2976 C:\Program Files\iTunes\iTunesHelper.exe Java Platform SE Auto Updater 2 0 1248 C:\Program Files\Common Files\Java\Java Update\jusched.exe Microsoft Xbox 360 Accessories 2512 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe Microsoft® CoReXT 2356 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE Microsoft® CoReXT 2568 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE Microsoft® Windows Mobile® Device Cente 3872 C:\Windows\WindowsMobile\wmdc.exe Microsoft® Windows® Operating System 3248 C:\Windows\explorer.exe Microsoft® Windows® Operating System 716 C:\Windows\System32\csrss.exe Microsoft® Windows® Operating System 784 C:\Windows\System32\csrss.exe Microsoft® Windows® Operating System 3656 C:\Windows\System32\mobsync.exe Microsoft® Windows® Operating System 816 C:\Windows\System32\services.exe Microsoft® Windows® Operating System 1452 C:\Windows\System32\SLsvc.exe Microsoft® Windows® Operating System 432 C:\Windows\System32\smss.exe Microsoft® Windows® Operating System 1944 C:\Windows\System32\spoolsv.exe Microsoft® Windows® Operating System 1108 C:\Windows\System32\taskeng.exe Microsoft® Windows® Operating System 772 C:\Windows\System32\wininit.exe Microsoft® Windows® Operating System 880 C:\Windows\System32\winlogon.exe Microsoft® Windows® Operating System 2480 C:\Windows\System32\WUDFHost.exe MobileDeviceService 720 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe NVIDIA Driver Helper Service, Version 2 1092 C:\Windows\System32\nvvsvc.exe NVIDIA Driver Helper Service, Version 2 1572 C:\Windows\System32\nvvsvc.exe NVIDIA Settings 2668 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe NVIDIA User Experience Driver Component 1560 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe Opera Internet Browser 1844 C:\Program Files\Opera\opera.exe PnkBstrA.exe 1620 C:\Windows\System32\PnkBstrA.exe Sandboxie 636 C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe Sandboxie 5336 C:\Program Files\Sandboxie\SandboxieRpcSs.exe Sandboxie 3128 C:\Program Files\Sandboxie\SbieCtrl.exe Sandboxie 1600 C:\Program Files\Sandboxie\SbieSvc.exe Spybot - Search & Destroy 2524 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe Stereo Vision Control Panel API Server 2244 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe Windows® Internet Explorer 5040 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 2388 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 5340 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 5704 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 5812 C:\Program Files\Internet Explorer\iexplore.exe Windows® Search 5852 C:\Windows\System32\SearchFilterHost.exe Windows® Search 1804 C:\Windows\System32\SearchProtocolHost.exe (verified) Microsoft® Windows® Operating System 2156 C:\Windows\System32\dwm.exe (verified) Microsoft® Windows® Operating System 832 C:\Windows\System32\lsass.exe (verified) Microsoft® Windows® Operating System 848 C:\Windows\System32\lsm.exe (verified) Microsoft® Windows® Operating System 2264 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1048 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1432 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1304 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1284 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 908 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 4032 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1124 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1480 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 4988 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 836 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1980 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1972 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 2296 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1252 C:\Windows\System32\svchost.exe (verified) Windows® Search 2396 C:\Windows\System32\SearchIndexer.exe Network activity ---------------- Process opera.exe (1844) connected on port 6667 (IRC) --> 173.203.196.29 Process firefox.exe (4420) connected on port 443 (HTTP over SSL) --> 69.171.227.59 Process iexplore.exe (5040) connected on port 443 (HTTP over SSL) --> 209.85.147.95 Process iexplore.exe (5040) connected on port 443 (HTTP over SSL) --> 209.85.147.95 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.114 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.114 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.160 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.160 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 199.7.48.190 (Found this about that, http://www.threatexpert.com/report.aspx?md5=0004fe2bf4a391acce937e52634b792c but then this site states its VeriSign so I am not sure what to think http://www.ip-adress.com/ip_tracer/199.7.48.190) Process iexplore.exe (5040) connected on port 80 (HTTP) --> 173.194.34.159 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 199.7.59.190 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 69.63.189.16 Process iexplore.exe (5040) connected on port 80 (HTTP) --> 69.63.189.16 Process iexplore.exe (5812) connected on port 80 (HTTP) --> 90.223.216.113 Process wininit.exe (772) listens on ports: 49152 (RPC) Process services.exe (816) listens on ports: 49156 (RPC) Process lsass.exe (832) listens on ports: 49155 (RPC) Process svchost.exe (1124) listens on ports: 135 (RPC) Process svchost.exe (1252) listens on ports: 49153 (RPC) Process svchost.exe (1304) listens on ports: 49154 (RPC) Process svchost.exe (4032) listens on ports: 990 (FTP over SSL) Autoruns and critical files --------------------------- C:\Dell\E-Center\EULALauncher.exe C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe AVG Internet Security C:\Program Files\AVG\AVG10\avgtray.exe CameraMonitor Application C:\Windows\vsnp2uvc.exe CommonSDK C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe Cyberlink PowerCinema C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe HD Audio Control Panel C:\Windows\RtHDVCpl.exe HostsMan C:\Program Files\HostsMan\hm.exe HostsServer C:\Program Files\HostsMan\hostssrv.exe Internet Explorer C:\Program Files\Internet Explorer iTunes C:\Program Files\iTunes\iTunesHelper.exe Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe Macrovision FLEXnet Connect C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe Macrovision FLEXnet Connect C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe Malwarebytes Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe Microsoft Xbox 360 Accessories C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe Microsoft® Windows Mobile® Device Cente C:\Windows\WindowsMobile\wmdc.exe Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll SuperAntiSpyware c:\program files\superantispyware\sasseh.dll SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL Winamp Agent C:\Program Files\Winamp\winampa.exe Windows® Internet Explorer c:\windows\system32\webcheck.dll (verified) Google Update C:\Users\panda\AppData\Local\Google\Update\GoogleUpdate.exe (verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Browser plugins --------------- AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll AVG Internet Security C:\Program Files\AVG\AVG10\avgssie.dll BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll Browser Address Error Redirector C:\Program Files\Dell\BAE\BAE.dll InstallShield C:\Windows\Downloaded Program Files\isetup.dll InstallShield C:\Windows\Downloaded Program Files\isetup.EXE Java Deployment Toolkit 6.0.300.12 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll Java Platform SE 6 U30 C:\Program Files\Java\jre6\bin\jp2ssv.dll Java Platform SE 6 U30 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll Java Platform SE 6 U30 c:\program files\java\jre6\bin\ssv.dll Macrovision FLEXnet Connect C:\Windows\Downloaded Program Files\isusweb.dll Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll NVIDIA 3D Vision C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll QUAKE LIVE C:\ProgramData\id Software\QuakeLive\npquakezero.dll Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll Unity Player C:\Users\amanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll Winamp Application Detector C:\Program Files\Mozilla Firefox\plugins\npwachk.dll Windows Live Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll Windows Presentation Foundation C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\Windows\System32\ieframe.dll (verified) bdscanonline C:\Windows\Downloaded Program Files\oscan82.ocx (verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll (verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe (verified) ipsupd.dll C:\Windows\Downloaded Program Files\ipsupd.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll Scan ---- MD5: d6b7814aa0d1412f0ea77845c0af7b51 C:\Dell\E-Center\EULALauncher.exe MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll MD5: e175a3a80d3626a3eb01a378d758df8c C:\Program Files\AVG\AVG10\avgcclix.dll MD5: 1e9839fd8f51e4836a219abcbdcbea6b C:\Program Files\AVG\AVG10\avgcertx.dll MD5: 2f12417827653994c8d5a335da438787 C:\Program Files\AVG\AVG10\avgcfgx.dll MD5: db359d68d8b5d7e1c0a1961916bba905 C:\Program Files\AVG\AVG10\avgchclx.dll MD5: 1a3579ecee56c4d4d32204d8c667ca6c C:\Program Files\AVG\AVG10\avgchjwx.dll MD5: 853ab2f2a2267fe90d1d4e9b0c8cf314 C:\Program Files\AVG\AVG10\avgchsvx.exe MD5: f71ecab18972467500609a8fa4e98f33 C:\Program Files\AVG\AVG10\avgclitx.dll MD5: f5f6028248ef336c221bf19519502c0e C:\Program Files\AVG\AVG10\avgcorex.dll MD5: 2fe694541c5d0d2a874ccc222bbfc7d0 C:\Program Files\AVG\AVG10\avgcsrvx.exe MD5: 3fa61ef87e49fface4ed58c4f1a98eb1 C:\Program Files\AVG\AVG10\avglogx.dll MD5: e8a6413ce73fd6c7586f27443a3171c8 C:\Program Files\AVG\AVG10\avgnsx.exe MD5: e0e0b180cfa3b1a1322ac4aea5ffbebf C:\Program Files\AVG\AVG10\avgrsx.exe MD5: 6fbfa21869a09ede8f3a2427baebcbdb C:\Program Files\AVG\AVG10\avgse.dll MD5: e37dbc42f405f0b804cf83ef6f08361d C:\Program Files\AVG\AVG10\avgssie.dll MD5: bddbaa0906eb612971c0fcd6030dba14 C:\Program Files\AVG\AVG10\avgtray.exe MD5: fc2bc51120a945f7c70376495e4e7737 C:\Program Files\AVG\AVG10\avgwdsvc.exe MD5: 82d8dc61c24c5b4d754ccd97e78da876 C:\Program Files\AVG\AVG10\avgxpl.dll MD5: 3ce07fb20b84734cce81cf10d1d7f803 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe MD5: 350a0c2cc411a6b0982604c8893c3e93 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe MD5: 6397ea2e883422f04527da68a6941f26 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll MD5: 8c4ac22616e77925135c221c46dc6307 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: 11a52cf7b265631deeb24c6149309eff C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe MD5: 848bc9a0bb2361e549fd4c22d7548fb8 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll MD5: f7dd2d785280db73dc9060f80361befb C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll MD5: 8b22cf51b907e3a221267cf1e502993a C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MD5: d8e18021f91ad79ca8491cb5a5da22d4 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe MD5: 500bbc336e6273a3035ced554acb1ef6 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll MD5: f7950e8fbb9b26e1a347f00e11ea42b5 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll MD5: c440345a38fda337afb7333863cc8533 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll MD5: ff3bf05021bfecc92db81b8257eeb026 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe MD5: 631289583481c45c7342efd57442b738 C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll MD5: cf39a105cd553eed31e2255aff4c6742 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll MD5: 45406ffd87f6ba4345b018e303a64ff1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll MD5: fb01d4ae207b9efdbabfc55dc95c7e31 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE MD5: c649f293b8b047a2694f3c615d09bf17 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE MD5: f6c66188def298e2c3827af6fb2c0637 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll MD5: 39877ce56747fea382175cd57d3bba10 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll MD5: 3c03db6f66c9792c9b6e30473e847ca2 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll MD5: 86947f0a12a04408467305a8437140a6 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSAlbumObjects.dll MD5: 41857da3ea7a2568e1aae8fedc8d8939 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll MD5: c7c30b24c8c57078654ba9574ce70e3d C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll MD5: 1bac818025403333c11817dafbcee283 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll MD5: c551d15d5d0f875d7bf0bc4fbb6eb2d9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe MD5: 5fce5b36991dbaa99da9e9c62d8e60ac C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll MD5: ebcde8b48fadc6479d96a56d0a432160 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe MD5: ab2b1de1c8f31efce2384b14b3dc4260 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe MD5: 1aad451ccbece62987591b35ae8037a8 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe MD5: 900a9d261859ec999c9c7243410c3203 C:\Program Files\Common Files\Roxio Shared\DLLShared\homeutils9.dll MD5: 743e556a998074ed7eeb99ca495b2e5d C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll MD5: 3c84fca13c4eb607478a45f2d7e16db3 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll MD5: 6bcacab447d6d723a4047cc79e60854f C:\Program Files\Common Files\Steam\SteamService.exe MD5: 51778fd315c9882f1cbd932743e62a72 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe MD5: 951f36219c7384c6ed6c9f44d45c5235 C:\Program Files\Common Files\System\Ole DB\oledb32.dll MD5: 892125b60ba6c2a66f485a89c4a6b918 C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL MD5: bf0cfc7156e22d24184cc53bc5a8a50a C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\CyberLink\PowerDVD DX\MFC71.DLL MD5: bf67a8f7cc0e83d226fed8b4e27f8c33 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe MD5: 267b3a856e9f4db1cabd4e6db71e07d2 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe MD5: 1a4f60ef6da38621f1091b0cb0fa2c09 C:\Program Files\Dell\BAE\BAE.dll MD5: dd833e85856bf4b2a54062f41e737617 C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll MD5: 6e621e4c417b7434803d6da3e60ed32b C:\Program Files\HostsMan\hm.exe MD5: 8bebac4cb105ce836d52998a3350b473 C:\Program Files\HostsMan\hostssrv.exe MD5: a1659e4d08fe8d0f0bc61960d8c0369e C:\Program Files\Internet Explorer\ieproxy.dll MD5: 4d0bad6e0b9a5e650fe37a05f33bf288 C:\Program Files\Internet Explorer\IEShims.dll MD5: 904e13ba41af2e353a32cf351ca53639 C:\Program Files\Internet Explorer\iexplore.exe MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Internet Explorer\plugins\nppdf32.dll MD5: 33642c17c232aa272c68e446a2619899 C:\Program Files\iPod\bin\iPodService.exe MD5: 2c542b82121066ea97b864f0f02a035c C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL MD5: c4b5d43704b407c9b0d19ab19bb5303d C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL MD5: 7001ed498afe9921db7231878de1ce12 C:\Program Files\iTunes\iTunesHelper.dll MD5: d743372a621ed03a274539a88eeb3450 C:\Program Files\iTunes\iTunesHelper.exe MD5: 3af147edc68cb34cb91b606db6304f11 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL MD5: 9c94183a22256c35b025a900af4b5372 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll MD5: f2121482c2968cd3b53ed53acc9277a5 C:\Program Files\Java\jre6\bin\jp2ssv.dll MD5: ccc24faa47c47e66be61bf22603c5e3a C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll MD5: e810acafa8e6d80117414b7ca036d626 c:\program files\java\jre6\bin\ssv.dll MD5: 1365bb2a78db638870337422b54ddbac C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll MD5: 385b9a26dbe3d97b483d977c037c4bec C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MD5: 14fc8f36bf4ac96deffd5602d90b3de6 C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL MD5: a425c3ff90de6fdb363e2e1e1dbeeffd C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL MD5: 554446b4c9b3fd663f183f77fc74e7ca C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL MD5: ce6db25ffa35fd051c503f11db745862 c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll MD5: 968b7a2e6be07cf337a34e07d0be3ecc C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe MD5: bd4c601a0c7c2b5e06753c77b0f15cec C:\Program Files\Mozilla Firefox\components\browsercomps.dll MD5: 25532414a7a088553527a75b31df0592 C:\Program Files\Mozilla Firefox\firefox.exe MD5: acdda9608d9e9374227ae3981305da74 C:\Program Files\Mozilla Firefox\freebl3.dll MD5: 8bb7bee59f0287a0ead64957db67b532 C:\Program Files\Mozilla Firefox\mozalloc.dll MD5: 54e853f7cbb2a7114da3763bf9abd4d5 C:\Program Files\Mozilla Firefox\MOZCPP19.dll MD5: 37ef3bb68aea271b600a1d2eec58cd2a C:\Program Files\Mozilla Firefox\MOZCRT19.dll MD5: 3a5236be0bc729a077a80e2e5a716843 C:\Program Files\Mozilla Firefox\mozjs.dll MD5: 3481a993bbbcef7f83938d3bbcba53c3 C:\Program Files\Mozilla Firefox\mozsqlite3.dll MD5: b18ac873044816fcd21f6c742eea4556 C:\Program Files\Mozilla Firefox\nspr4.dll MD5: 3c840551b5baafc45b3f02c789d4fc77 C:\Program Files\Mozilla Firefox\nss3.dll MD5: 15032e6af825451b861f0f941c344932 C:\Program Files\Mozilla Firefox\nssckbi.dll MD5: c45c19f159f02a7a050c840dfccac489 C:\Program Files\Mozilla Firefox\nssdbm3.dll MD5: 4585bff270a7f0bac15c15f131012578 C:\Program Files\Mozilla Firefox\nssutil3.dll MD5: 3a6b10e1d909da39716dfbb921a4842c C:\Program Files\Mozilla Firefox\plc4.dll MD5: f9375875aa40bf4756d66ff692393aac C:\Program Files\Mozilla Firefox\plds4.dll MD5: ff030b5f429a1a8c18821e4595599c1f C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll MD5: f9ae1ad5cc7f73827b64a05a44902b07 C:\Program Files\Mozilla Firefox\plugins\npwachk.dll MD5: 3cf277c305780ffeb8be2f80276a9e37 C:\Program Files\Mozilla Firefox\smime3.dll MD5: c30f05f0faa9c826b8578d0159fa7c83 C:\Program Files\Mozilla Firefox\softokn3.dll MD5: eda70aba6202a5a152c6d8b5c5874ce9 C:\Program Files\Mozilla Firefox\ssl3.dll MD5: 49f6273082e0341ddd4af0be02394da9 C:\Program Files\Mozilla Firefox\xpcom.dll MD5: d2f353297cdf9197dc322f4c930009c0 C:\Program Files\Mozilla Firefox\xul.dll MD5: fe199f882e94e11b2732d415eab80e7d C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll MD5: 0f25f4f6b94b9bddcb2f2d1805db8510 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MD5: 7c28d81fc104d0dea13ce1c54280feb5 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe MD5: cd36276e9aa3ba997021b20e4d8fe2c8 C:\Program Files\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MD5: 04db1e60fbfb9a77af16238a209c2cdd C:\Program Files\NVIDIA Corporation\Display\nvtray.exe MD5: 780db9b6d1066a23aac8e228a0d1bc2e C:\Program Files\NVIDIA Corporation\Display\NvUI.dll MD5: 5511cbc05cf0b50da6ba288c55a62c4b C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll MD5: 9dca0e054cc51bd33e7303e6fe9b3735 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll MD5: 44dbef6b6fc8130a20b756862084506b C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll MD5: 3d36332478ef0026439d8ad4471e800c C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe MD5: 04f977f0d879f174e9540e462d13ea56 C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdt.dll MD5: a4476ab9fc262c70bf0914fb0ecadb4d C:\Program Files\NVIDIA Corporation\NvUpdate\NVUPDTR.DLL MD5: 28ba05011fa40215999121f23b770a8e C:\Program Files\Opera\Opera.dll MD5: 734cacde3e6d1882aae2c6f8f8be4f93 C:\Program Files\Opera\opera.exe MD5: b69af133925ef402c8714488b829db9d C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe MD5: e70e4ddd77f03cb955c080e88e395eb9 C:\Program Files\Sandboxie\SandboxieRpcSs.exe MD5: 7f23a48c1c051c4dbbffb8cc339b381c C:\Program Files\Sandboxie\SbieCtrl.exe MD5: 5bb1e50c658841edd8d48f18355602f4 C:\Program Files\Sandboxie\SbieDll.dll MD5: 3ab6cad1ddfa84cd7bc3d1a759b1e81e C:\Program Files\Sandboxie\SbieDrv.sys MD5: 3f327523c54f3cbcf3dbd791c4aac765 C:\Program Files\Sandboxie\SbieMsg.dll MD5: 833539963e31edd4dc0063fe9cf95701 C:\Program Files\Sandboxie\SbieSvc.exe MD5: d617404d119b1db10366692447d8a648 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL MD5: c030c9a39e85b6f04a8dd25d1a50258a C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS MD5: 7f1085895e499907f68df7731924122b C:\Program Files\SUPERAntiSpyware\SASENUM.SYS MD5: 64c100dbf57c6cb6e7d5d24153f5e444 C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys MD5: ecd5517a6633826057d4f050927ddf56 c:\program files\superantispyware\sasseh.dll MD5: 972edede23ac8d59aac0c09799c6f18a C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL MD5: 1bef98b2bd922836ccdd0f85620bc755 C:\Program Files\Winamp\winampa.exe MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll MD5: 0a1ff0b674e2f268799442a434a63bb3 C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll MD5: a070b8c38ceb3a30cc18d1b7c433144c C:\Program Files\WinRAR\rarext.dll MD5: 968a05deda7fbb3ff935a99739453e89 C:\ProgramData\id Software\QuakeLive\npquakezero.dll MD5: 853ab2f2a2267fe90d1d4e9b0c8cf314 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe MD5: e0e0b180cfa3b1a1322ac4aea5ffbebf C:\PROGRA~1\AVG\AVG10\avgrsx.exe MD5: 9abf687071c649609bf7e177062a9008 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe MD5: 3d3af7420b5b01f591163bb3cea89877 C:\Users\amanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll MD5: e634a88cfa85f413e2d41476520d61bc C:\Users\panda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe MD5: d6804f089cbb6749e95124e7c4d80900 C:\Windows\AppPatch\AcLayers.DLL MD5: 90c68ae43007fda5a44a4eccfc0a8d89 C:\Windows\Downloaded Program Files\isetup.dll MD5: 8217d1033d425ff5770d1de9bd4a5baa C:\Windows\Downloaded Program Files\isetup.EXE MD5: 11ebc1ef713a878a14be8d5923cd355f C:\Windows\Downloaded Program Files\isusweb.dll MD5: b8f613ac24cc3c706029e602e2d5ddbf C:\Windows\Downloaded Program Files\qsax.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: b503285b5d1cac5ae445d60c690dcff9 C:\Windows\RtHDVCpl.exe MD5: e9b9c1b98c8d6d48407e1c1203eac659 c:\windows\system32\adsldpc.dll MD5: 031da76a5a7dc13f015dd3491394865e C:\Windows\system32\advpack.dll MD5: 330a1e4df07c2e29949ed8631cd8828e C:\Windows\System32\AERTSrv.exe MD5: f31eebc1a1c81fd04005489cc3dcdfe7 C:\Windows\system32\basesrv.dll MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll MD5: b0b4c590c0cae7741da17e3dc86cc828 C:\Windows\system32\CEUTIL.dll MD5: d333058925ce305e39de8d5ad2b52a46 c:\windows\system32\CLUSAPI.dll MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe MD5: 9add154cbc0ea85b55e414c35c58ceb1 C:\Windows\system32\CmdLineExt.dll MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll MD5: 93e317d7ad783d8eaee2e3500bfe889d c:\windows\system32\credui.dll MD5: 187076dd5d8d4d5d23079d0741195ead C:\Windows\system32\CSRSRV.dll MD5: abca209eba02cb59233614db83b4f50d C:\Windows\System32\csrss.exe MD5: 3dfeec45e5f22993216083fb777719d5 C:\Windows\system32\d2d1.dll MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6 C:\Windows\system32\d3d10.dll MD5: 29e4ea31c6debe5efb384eefa4f1ef63 C:\Windows\system32\d3d10_1.dll MD5: 556f1cbe9ba19e2ccd6f8d9af71af5c7 C:\Windows\system32\d3d10_1core.dll MD5: 9c7094f537782a82b6a29b4a7172e180 C:\Windows\system32\d3d10core.dll MD5: 85e861d0b88db2b54acb0839654c09f7 C:\Windows\system32\DNSAPI.dll MD5: 57d762f6f5974af0da2be88a3349baaa C:\Windows\System32\dnsrslvr.dll MD5: 4ebdd20afc19aaecba2893d128dd5ecd C:\Windows\system32\dpx.dll MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys MD5: 8b10ce1c1f9f1d47e4deb1a547a00cd4 C:\Windows\system32\drivers\agp440.sys MD5: dc67a153fdb8105b25d05334b5e1d8e2 C:\Windows\system32\drivers\aliide.sys MD5: 848f27e5b27c1c253f6cefdc1a5d8f21 C:\Windows\system32\drivers\amdagp.sys MD5: 835c4c3355088298a5ebd818fa31430f C:\Windows\system32\drivers\amdide.sys MD5: 3c4b9850a2631c2263507400d029057b C:\Windows\system32\DRIVERS\atksgt.sys MD5: 1c8d965bbcaa9ee5defdb54743437086 C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys MD5: c59c9bc3f0612bd207ccdc5d8cb9ce39 C:\Windows\system32\DRIVERS\AVGIDSEH.Sys MD5: c5559de2ec66cede15a1664f6d183d8e C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys MD5: ae5e9667fa40206796d1bd5bd0427a8a C:\Windows\system32\DRIVERS\AVGIDSShim.Sys MD5: 4e796d3d2c3182b13b3e3b5a2ad4ef0a C:\Windows\system32\DRIVERS\avgldx86.sys MD5: 5639de66b37d02bd22df4cf3155fba60 C:\Windows\system32\DRIVERS\avgmfx86.sys MD5: d1baf652eda0ae70896276a1fb32c2d4 C:\Windows\system32\DRIVERS\avgrkx86.sys MD5: aaf0ebcad95f2164cffb544e00392498 C:\Windows\system32\DRIVERS\avgtdix.sys MD5: cf6a67c90951e3e763d2135dede44b85 C:\Windows\system32\DRIVERS\bcmwl6.sys MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys MD5: e79cbb2195e965f6e3256e2c1b23fd1c C:\Windows\system32\drivers\cmdide.sys MD5: 82b8c91d327cfecf76cb58716f7d4997 C:\Windows\system32\drivers\compbatt.sys MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys MD5: 7505290504c8e2d172fa378cc0497bcc C:\Windows\system32\DRIVERS\e1e6032.sys MD5: 0084046c084d68e494f8cf36bcf08186 C:\Windows\system32\drivers\intelide.sys MD5: ce44cc04262f28216dd4341e9e36a16f C:\Windows\system32\DRIVERS\intelppm.sys MD5: 2f8ece2699e7e2070545e9b0960a8ed2 C:\Windows\system32\drivers\isapnp.sys MD5: 4127e8b6ddb4090e815c1f8852c277d3 C:\Windows\system32\DRIVERS\lirsgt.sys MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys MD5: 4fccb34d793b116423209c0f8b7a3b03 C:\Windows\system32\DRIVERS\mrxsmb10.sys MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys MD5: d420bc42a637ac3cc4f411220549c0dc C:\Windows\system32\drivers\msahci.sys MD5: 055081fd5076401c1ee1bcab08d81911 C:\Windows\system32\drivers\nv_agp.sys MD5: 847b1755f7757f825305a1ffe6dac3e9 C:\Windows\system32\DRIVERS\nvlddmkm.sys MD5: a1108084b0d2fc43dcc401735770e2a3 C:\Windows\system32\DRIVERS\nvmfdx32.sys MD5: 4a5fcab82d9bf6af8a023a66802fe9e9 C:\Windows\system32\drivers\nvstor.sys MD5: fa7b8eca6e845b244b7e30a9dcd82c6c C:\Windows\system32\DRIVERS\nvstor32.sys MD5: 1636d43f10416aeb483bc6001097b26c C:\Windows\system32\drivers\pciide.sys MD5: 0245418224cfa77bf4b41c2fe0622258 C:\Windows\system32\drivers\rdpdr.sys MD5: f8f53c5449f15b23d4c61d51d2701da8 C:\Windows\system32\drivers\RTKVHDA.sys MD5: 51cf56aa8bcc241f134b420b8f850406 C:\Windows\system32\drivers\sffdisk.sys MD5: 96ded8b20c734ac41641ce275250e55d C:\Windows\system32\drivers\sffp_mmc.sys MD5: 8b08cab1267b2c377883fc9e56981f90 C:\Windows\system32\drivers\sffp_sd.sys MD5: 08072b2fb92477fc813271a84b3a8698 C:\Windows\system32\drivers\sisagp.sys MD5: f8e7411b26530e34d1ddc82f8a6b741a C:\Windows\system32\DRIVERS\snp2uvc.sys MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys MD5: 814a1c66fbd4e1b310a517221f1456bf C:\Windows\System32\drivers\tcpip.sys MD5: 6d72ef05921abdf59fc45c7ebfe7e8dd C:\Windows\system32\drivers\uliagpkx.sys MD5: 119a487b94fcb54d5154ebfbfa124755 C:\Windows\System32\drivers\UMDF\WpdFs.dll MD5: 83cafcb53201bbac04d822f32438e244 C:\Windows\System32\Drivers\usbaapl.sys MD5: 325dbbacb8a36af9988ccf40eac228cc C:\Windows\system32\DRIVERS\usbuhci.sys MD5: d5929a28bdff4367a12caf06af901971 C:\Windows\system32\drivers\viaagp.sys MD5: f3b4762eb85a2aff4999401f14c3262b C:\Windows\system32\drivers\viaide.sys MD5: 701a9f884a294327e9141d73746ee279 C:\Windows\system32\drivers\wmiacpi.sys MD5: ee9144207ee0211eb5656ba6808ac4a0 C:\Windows\system32\DRIVERS\xusb21.sys MD5: 6843926aff733d46a04f9d4e1c1a6b14 C:\Windows\system32\DWrite.dll MD5: aaae543c535ed596ecad2ab8761c2c6f C:\Windows\system32\dxgi.dll MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\system32\Dxtmsft.dll MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\system32\Dxtrans.dll MD5: a4ec6b9766e2a7faa77283697bc5c307 C:\Windows\System32\E_FLBCAE.DLL MD5: b8a21907fe2f1a113f3487d9ab60bef9 C:\Windows\system32\en-us\tQuery.dll.mui MD5: 8ce364388c8eca59b14b539179276d44 c:\windows\system32\fntcache.dll MD5: 77ebf3e9386daa51551af429052d88d0 C:\Windows\system32\giveio.sys MD5: 05b6a5ce1c7767c32df35966107cb1ec C:\Windows\system32\hhctrl.ocx MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp MD5: 0c84b6affa7486422235584110d7176f c:\windows\system32\ICAAPI.dll MD5: dca3fa9f9dd103dc39c24c85ef073db1 C:\Windows\system32\ICMP.DLL MD5: ee9d715af1b928982f417238b9914484 C:\Windows\system32\ieapfltr.dll MD5: 691e93028b8723e05b4a637be77380dd C:\Windows\System32\ieframe.dll MD5: 1416ab557be700fa117323b6b8f32882 C:\Windows\system32\iertutil.dll MD5: 274e38af453fa9e079b1d5a85f5f0921 C:\Windows\system32\IEUI.dll MD5: 68563ac389f92ee79f1c714288ba1dce C:\Windows\system32\ImgUtil.dll MD5: 4b65b4f93f63aa6dc1042a8aed99d093 C:\Windows\system32\jscript.dll MD5: 82586704868e3abb382cae303b41e8b7 C:\Windows\System32\jscript9.dll MD5: 574b473facaa0e91702b86578440b525 C:\Windows\system32\kernel32.dll MD5: 74c2f29cc612b2b34231bebd824d2fb2 C:\Windows\system32\keyiso.dll MD5: 953193a9dea40348c1086d171f6440ae C:\Windows\system32\kmddsp.tsp MD5: ca0b849566776a17f35f0339be17dfd9 c:\windows\system32\ktmw32.dll MD5: 19ffad68a02af1bf0bc336ee26cd6767 c:\windows\system32\l2gpstore.dll MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll MD5: de3745a51b7ac7fedc356a83f76c8023 C:\Windows\system32\Macromed\Flash\NPSWF32.dll MD5: ef24642d5fb52a1eef56de9e47cbb993 C:\Windows\system32\MFC42.DLL MD5: 1b593fbb763150bd225df266c69a9329 C:\Windows\system32\MFC42u.dll MD5: 1fd3f9722119bdf7b8cff0ecd1e84ea6 C:\Windows\system32\MFC71.DLL MD5: bf142d4f8c61ed3629a9cdd7ba867900 C:\Windows\system32\mfplat.dll MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll MD5: 9b89b3bb79ea1acf041f40a7b6fc5827 C:\Windows\System32\mobsync.exe MD5: 56e315acfb08a177b4d01e42b9044db5 C:\Windows\System32\MPRAPI.dll MD5: 554ed6988e44fdf18941429e8b2cb652 C:\Windows\system32\MSDART.DLL MD5: 7940c04ce581288a3498d57ec4ee47d2 C:\Windows\System32\msfeeds.dll MD5: 66c0aee61d1c5c35bf1b4642a153b114 C:\Windows\system32\MSHTML.dll MD5: aab5feaabf4cb6f76d794203831c8d94 C:\Windows\system32\Msidle.dll MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll MD5: 5e41139ec6efbcaffd96d46925e544ab c:\windows\system32\mspatcha.dll MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll MD5: ff41e1ac301f51e16f61ad7c0f45467c C:\Windows\System32\msshsq.dll MD5: 2310a32bb0164552a311bfa02102a3d6 C:\Windows\system32\msvcp60.dll MD5: 2fa16465f64db54b1f7f511395eb4fd7 C:\Windows\system32\NCObjAPI.DLL MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b c:\windows\system32\ncsi.dll MD5: 2f6776acefe41ee889c464ea407918f2 C:\Windows\system32\ndptsp.tsp MD5: 6bc5fcef351e4cb5a269c1e84b5a06da C:\Windows\system32\netcfgx.dll MD5: 95daecf0fb120a7b5da679cc54e37dde C:\Windows\system32\netlogon.dll MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\System32\NETRAP.dll MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd c:\windows\system32\nsisvc.dll MD5: 708fb84003732e220c23cdf207f5a329 C:\Windows\system32\ntdll.dll MD5: 64ffb7acb668a18ba45c645a28c8cd11 C:\Windows\system32\nvapi.dll MD5: 125d7807ad8b86fccdedf1521b8b7351 C:\Windows\system32\nvd3dum.dll MD5: fe980b7b6c967be02b9892496d2f1072 C:\Windows\system32\NVSVC.DLL MD5: 3543046f8f23d9109f403c8176c3a07d C:\Windows\system32\NVSVCR.DLL MD5: 7c732aff202dcd06c3d262966d71604c C:\Windows\System32\nvvsvc.exe MD5: dbb2dbed63b4ff6a53e79e1461eedb4f C:\Windows\system32\nvwgf2um.dll MD5: 862363973dcbcc31dd161ef41a69153c C:\Windows\system32\ODBC32.dll MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll MD5: dc15ab7168c0309d8f04fd95b6240422 C:\Windows\system32\OLEACC.dll MD5: b218342214d9bba0f54ea12ba2e9278c C:\Windows\system32\OLEAUT32.dll MD5: f0062778f50838145ac46b384ffb4fa3 C:\Windows\system32\pcadm.dll MD5: a1dd33d16f277ce34124ee52ab2c0f14 C:\Windows\System32\PnkBstrA.exe MD5: b2b117bd8d1ea80536cdd91797ef4a0a C:\Windows\System32\portabledeviceclassextension.dll MD5: b288ff7c1987a736726e87c79148c360 C:\Windows\system32\PortableDeviceWiaCompat.dll MD5: e340845c8e96d107c36420065d7a5733 C:\Windows\system32\printcom.dll MD5: 08f9134a2215b7ed985409a4df60ac60 C:\Windows\system32\psbase.dll MD5: daa1b96073c79c84f8d28fbf55580415 C:\Windows\system32\pstorec.dll MD5: 6d01259214d1e815613eca3cd81679ec C:\Windows\system32\pstorsvc.dll MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll MD5: 11fbb8cb6865b7ba387095398eb91ed4 C:\Windows\system32\RAPI.dll MD5: 3379989f06b31347792836dcf028a325 C:\Windows\system32\rapiproxystub.dll MD5: b1e4d190cd21cc75ae38562400dd5345 C:\Windows\system32\rapistub.dll MD5: 2dd6af8e97f59c9d39329bbc2a81f13f C:\Windows\System32\RASDLG.dll MD5: 88225070dd2f7b0b2ed51e7935078641 C:\Windows\system32\RASQEC.DLL MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b C:\Windows\system32\RESUTILS.DLL MD5: 2ab58991862153a248779174d4e4212b C:\Windows\system32\schannel.dll MD5: 1a58069db21d05eb2ab58ee5753ebe8d c:\windows\system32\schedsvc.dll MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\system32\SHDOCVW.dll MD5: 33ae914c24f546aabf281ba7b138186d C:\Windows\system32\SHELL32.dll MD5: 9176285122b7b849fec2aa1b72a8f7a8 C:\Windows\system32\SHLWAPI.dll MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\system32\SHSVCS.dll MD5: 5d6401db90ec81b71f8e2c5c8f0fef23 C:\Windows\system32\speedfan.sys MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe MD5: bf7e4d6f60a6d9e866432855c6f8c262 c:\windows\system32\sqmapi.dll MD5: 1bf5eebfd518dd7298434d8c862f825d c:\windows\system32\srvsvc.dll MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL MD5: 365828e555e9479246efd9090c41c2d7 C:\Windows\System32\sti.dll MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll MD5: bfa034aac103d8a6f591ac9364688339 C:\Windows\system32\t2embed.dll MD5: 2a6a2c09ecc2cb495628e45f1379ece8 C:\Windows\system32\taskcomp.dll MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll MD5: f8873d15018f411588bec02c1725bada C:\Windows\system32\tspkg.dll MD5: e45051c374f845edf3db02a35ba13193 C:\Windows\system32\umb.dll MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll MD5: 814638f572f497d96b17bf254113d9a4 C:\Windows\system32\urlmon.dll MD5: 0bf0bb276f17b6ad61a8694d2551ec28 C:\Windows\System32\usbmon.dll MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll MD5: af25ecaa3d7f85dc13e348a6f79ad40d C:\Windows\system32\vss_ps.dll MD5: dc3ae9f1554dcd97f90983ddbdacd83d c:\windows\system32\vsstrace.dll MD5: 83c2f5076e1b4a63c04f2b14ee7cad47 C:\Windows\system32\wbem\wbemdisp.dll MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll MD5: 917422e1b95a72b0328b301bacbf1b07 C:\Windows\system32\wcescommproxy.dll MD5: e7d0f91e44d9d3b2116fa549bdcdb756 c:\windows\system32\WDSCORE.dll MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\system32\webcheck.dll MD5: 0745d6ead386710110817fbec03f5161 C:\Windows\system32\wfapigp.dll MD5: 73fe2e5fa55088a241aa2732f5d387d6 C:\Windows\system32\wiarpc.dll MD5: 02f98b5c0e397ad06124d84428cf8f1a C:\Windows\system32\WININET.dll MD5: 101ba3ea053480bb5d957ef37c06b5ed C:\Windows\System32\wininit.exe MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 C:\Windows\System32\WINSPOOL.DRV MD5: 9a7a3bc8dc7e7ecaba2478ced4c38cbd C:\Windows\system32\winsrv.dll MD5: e5a905bdd0007868fb87007c13324479 C:\Windows\system32\WINUSB.DLL MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll MD5: 617f9a5813e69f6e9ed94b811ec75396 C:\Windows\System32\wmpps.dll MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll MD5: 09c7859269563c240ab2aaab574483dd C:\Windows\System32\WUDFHost.exe MD5: 399bb52ad0668472717498e97cf28341 c:\windows\system32\WUDFPlatform.dll MD5: 4b72b5b342ada4de8deea39cce465b58 C:\Windows\system32\WUDFx.dll MD5: 77f595dee5ffacea72b135b1fce1312e C:\Windows\system32\XINPUT1_3.dll MD5: 1908cc7673f72601affdca022689cedf c:\windows\system32\XmlLite.dll MD5: 8ae3273ec161cc98573f0e095cf0c790 C:\Windows\vsnp2uvc.exe MD5: d5d7c7cbdd63c5938c83846b313fcf3b C:\Windows\WindowsMobile\BthASPlugin.dll MD5: 523df3b590d8a353a49235b1b7c571ad C:\Windows\windowsmobile\dtptdns.dll MD5: 8f97d374ad1857e1eed85a79f29a1d3d c:\windows\windowsmobile\rapimgr.dll MD5: 8c8c82633a7e90a33e8d7d9617b2b46c c:\windows\windowsmobile\TCP2UDP.dll MD5: 59e19bd13c3bdb857646b9e436ba27f7 c:\windows\windowsmobile\wcescomm.dll MD5: 96b3c4e20f02ca16aa1e3e425bffcc8b C:\Windows\WindowsMobile\wmdc.exe MD5: e270b78c30a4795978b8067e6a2252a2 C:\Windows\WindowsMobile\wmdsyncman.dll MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MD5: b5b09091b0e33c396ceec8995515bd41 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll No file uploaded. Scan finished - communication took 1 sec Total traffic - 0.02 MB sent, 1.58 KB recvd Scanned 905 files and modules - 60 seconds ============================================================================== As I am not experiencing any issues that I can notice should I still go ahead and post the DDS logs? I just really need to make sure my PC is clean as I have started to buy online. Thank you in advance
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.