Jump to content

Glinthi

Honorary Members
 View Profile  See their activity

  • Posts

    52

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Glinthi
    D-Fred-Brown, I can't thank you enough for your time and help in removing the viruses on my computer. Your knowledge and courtesy throughout our session were top-notch professional. May God bless you in all of your future endeavors.
  2. Glinthi
    OK, done. I have a few questions as we wrap up. Your long post of suggestions above seems to indicate that there are three types of virus related programs I should have: 1. Antivirus (AVG, Avast, Norton, etc.) 2. Malware (Spybot S&D, Malwarebytes, etc.) 3. Firewall Questions: 1. Is my Norton Security Suite good for Antivirus AND Firewall (as it's serving both capacities)? Do you know if my Norton is a HIPS firewall? Or should I remove Norton altogether and go with one of the other suggestions you gave me? 2. Is my Malwarebytes program redundant now that I have Spybot S&D? 3. What category does IE-Spyad For ZonedOut fall into (1, 2, or 3)? Would it interfere with other virus related programs? If I download Mozilla FF, will that conflict with anything. . .? 4. Finally, out of all the programs you had me download, which ones should I keep (if any)? I want to run Revo remover program to remove what appears to be remnants of old programs on my computer. Does that sound like a good idea?
  3. Glinthi
    Hello. I decided to download Spybot Search & Destroy. I ran a scan and was surprised that if found problems. I have not yet told SSD to "Fix Selected Problems." I wanted you to see the report first and get your opinion. I know the tracking cookies are nothing to worry about, but I wasn't sure about the others, especially things relating to the Registry. CouponBar: [sBI $CB95FB49] Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC} CouponBar: [sBI $7A5ACBCB] Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4} CouponBar: [sBI $7B15781E] Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4} Microsoft.WindowsSecurityCenter.AntiVirusOverride: [sBI $3604910C] Settings (Registry change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride Microsoft.WindowsSecurityCenter.FirewallOverride: [sBI $0C94D702] Settings (Registry change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride Search-Explorer: Interface (IPugiObj) (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D} FastClick: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) MediaPlex: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) MediaPlex: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) MediaPlex: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) Right Media: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) DoubleClick: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) MediaPlex: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) Zedo: Tracking cookie (Internet Explorer: USER) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0.8) 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2011-07-10 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-11-04 advcheck.dll (1.6.5.20) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2009-01-26 Tools.dll (2.1.6.10) 2009-01-16 UninsSrv.dll (1.0.0.0) 2011-03-18 Includes\Adware.sbi (*) 2011-06-28 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2010-12-14 Includes\Dialer.sbi (*) 2011-03-08 Includes\DialerC.sbi (*) 2011-02-24 Includes\HeavyDuty.sbi (*) 2011-03-29 Includes\Hijackers.sbi (*) 2011-05-16 Includes\HijackersC.sbi (*) 2010-09-15 Includes\iPhone.sbi (*) 2010-12-14 Includes\Keyloggers.sbi (*) 2011-03-08 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2011-04-05 Includes\Malware.sbi (*) 2011-07-05 Includes\MalwareC.sbi (*) 2011-02-24 Includes\PUPS.sbi (*) 2011-05-24 Includes\PUPSC.sbi (*) 2010-01-25 Includes\Revision.sbi (*) 2011-02-24 Includes\Security.sbi (*) 2011-05-03 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2011-02-24 Includes\Spyware.sbi (*) 2011-06-14 Includes\SpywareC.sbi (*) 2010-03-08 Includes\Tracks.uti 2011-06-20 Includes\Trojans.sbi (*) 2011-06-28 Includes\TrojansC-02.sbi (*) 2011-07-05 Includes\TrojansC-03.sbi (*) 2011-07-04 Includes\TrojansC-04.sbi (*) 2011-07-04 Includes\TrojansC-05.sbi (*) 2011-07-05 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll
  4. Glinthi
    Update: I've downloaded Norton Security Suite again and everything's running fine. I still need to evaluate your other suggestions above. Don't have time right now -- need to get ready to preach this evening -- so I'll look into it tonight and update you then. I assume we're a few posts away from concluding this marathon...
  5. Glinthi
    I gotta crash, dude. I did remove the older versions of Java. I'll catch up with you tomorrow. Thanks!
  6. Glinthi
    Before, I do all the above stuff, we used to live in Sterling, KS!
  7. Glinthi
    Downloaded sucessfully. All seems right. (I didn't restart, however, after the Java install). Should I? Before I forget. Your profile says you're from MHK. Where is that?
  8. Glinthi
    I have three choices (I think) from these: 1. Windows x86 Kernel 0.86 MB jre-6u26-windows-i586-iftw-k.exe 2. Windows x86 Online 0.86 MB jre-6u26-windows-i586-iftw.exe 3. Windows x86 Offline 15.85 MB jre-6u26-windows-i586.exe Which one?
  9. Glinthi
    BitDefender Report: QuickScan Beta 32-bit v0.9.9.96 ------------------------------- Scan date: Sat Jul 09 22:00:10 2011 Machine ID: 511C11B5 C:\WINDOWS\system32\kerberos32.dll - could not be accessed --> Process iexplore.exe (2256) No infection found. ------------------- Processes --------- Bonjour 416 C:\Program Files\Bonjour\mDNSResponder.exe Intel® Common User Interface 2040 C:\WINDOWS\system32\hkcmd.exe Intel® Common User Interface 120 C:\WINDOWS\system32\igfxpers.exe Intel® Common User Interface 2032 C:\WINDOWS\system32\igfxtray.exe Microsoft® Windows® Operating System 1404 C:\WINDOWS\system32\spoolsv.exe SoundMAX service agent 1568 C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (verified) Google Update 1724 C:\Program Files\Google\Update\GoogleUpdate.exe (verified) Java Platform SE 6 U17 912 C:\Program Files\java\jre6\bin\jqs.exe (verified) Microsoft® Windows® Operating System 1824 C:\WINDOWS\explorer.exe (verified) Microsoft® Windows® Operating System 2548 C:\WINDOWS\system32\alg.exe (verified) Microsoft® Windows® Operating System 628 C:\WINDOWS\system32\csrss.exe (verified) Microsoft® Windows® Operating System 708 C:\WINDOWS\system32\lsass.exe (verified) Microsoft® Windows® Operating System 696 C:\WINDOWS\system32\services.exe (verified) Microsoft® Windows® Operating System 580 C:\WINDOWS\system32\smss.exe (verified) Microsoft® Windows® Operating System 364 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 528 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 780 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 844 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 880 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 948 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1008 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1044 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1160 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1240 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1256 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 3272 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 652 C:\WINDOWS\system32\winlogon.exe (verified) Windows® Internet Explorer 2212 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 2256 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 2492 C:\Program Files\Internet Explorer\iexplore.exe Network activity ---------------- Process iexplore.exe (2212) connected on port 80 (HTTP) --> 184.73.254.32 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 74.125.226.103 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 74.125.226.122 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 208.81.234.106 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 64.136.52.25 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 74.217.252.37 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 107.20.249.11 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 184.84.236.249 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 66.220.149.32 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 96.17.77.82 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 69.2.103.13 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 96.16.117.95 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 96.17.77.83 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 72.14.204.96 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 66.235.142.20 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 74.122.140.122 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 69.2.103.13 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 96.17.77.48 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 69.2.103.13 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 74.125.226.155 Process iexplore.exe (2212) connected on port 80 (HTTP) --> 69.2.103.13 Process svchost.exe (948) listens on ports: 135 (RPC) Process svchost.exe (1240) listens on ports: 2869 (SSDP event notification, UPNP) Autoruns and critical files --------------------------- Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\ntbackup.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll QuickTime C:\Program Files\QuickTime\qttask.exe RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe (verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe (verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll (verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Browser plugins --------------- AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll Bonjour C:\Program Files\Bonjour\mdnsNSP.dll Facebook Photo Uploader 5 C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx Flash® Player Installer/Uninstaller C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe Google Update C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll HP Smart Web Printing c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll HP Smart Web Printing c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll RealJukebox NS Plugin c:\program files\real\realplayer\Netscape6\nprjplug.dll RealNetworks RealPlayer Chrome Back C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll RealPlayer Download and Record Plugin c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll RealPlayer Version Plugin c:\program files\real\realplayer\Netscape6\nprpjplug.dll RealPlayer G2 LiveConnect-Enabled P c:\program files\real\realplayer\Netscape6\nppl3260.dll RealPlayer HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll Veetle TV Core C:\Program Files\Veetle\plugins\npVeetle.dll Veetle TV Player C:\Program Files\Veetle\Player\npvlc.dll Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll (verified) Java Platform SE 6 U17 c:\program files\java\jre6\bin\jp2ssv.dll (verified) Java Platform SE 6 U17 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Missing files ------------- File not found: C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe --> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"NortonUpdateAgent" File not found: c:\program files\constant guard protection suite\nativebho.dll --> HKLM\Software\Classes\CLSID\{B84CDBE7-1B46-494B-A188-01D4C52DEB61}\InprocServer32\"(default)" Scan ---- MD5: c2591e7bcacbde2eb6d15cff5d7432be c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll MD5: e638c845403ab63112673a0c72c07789 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll MD5: 0c316a33bbe35cd1097936393a177656 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll MD5: 0bd343c45b4eccf8d6af94d6c3adc310 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll MD5: 3978f082274f723ad5a0a8058c2417dd C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe MD5: 37bc9e0e4b3657b54037777135569d1e C:\Program Files\Bonjour\mdnsNSP.dll MD5: f2060a34c8a75bc24a9222eb4f8c07bd C:\Program Files\Bonjour\mDNSResponder.exe MD5: 42d248c8b9460f908e9d11475bad534c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll MD5: d2ada8af0ee98f3f76536015d74ee4bf C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll MD5: c228a432a5a1fd7803d5387089dd053c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: 070d588ceeb2f486a949a9b0895fc7b7 C:\Program Files\Google\Update\1.3.21.57\goopdate.dll MD5: b226054bfa3d3a1920f7b95e54f3e87d C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll MD5: a04f4ac48895774a2cf9d1c9eaaacef0 c:\program files\hp\digital imaging\bin\hpslpsvc32.dll MD5: a9d7153b413dd0a43aac72190473eeaf C:\Program Files\Internet Explorer\ieproxy.dll MD5: 6f120933f87e7dec972476170288a267 C:\Program Files\Internet Explorer\plugins\nppdf32.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: 5dd552e15419354fcd8ee92ae2660814 C:\Program Files\Internet Explorer\xpshims.dll MD5: 167235bfcb884d8b4d514767cb82fcef C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe MD5: eb068a9085ea0e7da81636520ddb6f33 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll MD5: 2c6df80a7c4c651f1fa2e34e3aff9261 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\qttask.exe MD5: 4e8238ca1046d97636e63abf173772cd c:\program files\real\realplayer\Netscape6\nppl3260.dll MD5: 56b73e1adfd768e80369c4a2e68f35df c:\program files\real\realplayer\Netscape6\nprjplug.dll MD5: e7856c9b1ae2ded52c98e69497308083 c:\program files\real\realplayer\Netscape6\nprpjplug.dll MD5: fd8dcae8aae888d8bad0e6c2daaafb6d C:\Program Files\Real\RealUpgrade\realupgrade.exe MD5: 866b027053f3a40bc36126d265c78e96 C:\Program Files\Veetle\Player\npvlc.dll MD5: c50b22c8d91a76069a993a2b5197a296 C:\Program Files\Veetle\plugins\npVeetle.dll MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL MD5: 632e0ce38fbcadeaae28077f4c9c45d5 C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe MD5: 23dc75d158d484177ffe99e23264f89f C:\WINDOWS\Downloaded Program Files\qsax.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: ac47b55b38d626b678897f195793ecab C:\WINDOWS\system32\Adobe\Director\np32dsw.dll MD5: f544eab543d0c9aaebedbf16ca13225e C:\WINDOWS\system32\CNMLM58.DLL MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\COMCTL32.dll MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll MD5: bdaaf79dd63f194434d31a74b9bb8b77 C:\WINDOWS\system32\CRYPT32.dll MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll MD5: 6100d350770a5595fbf4c96f3510badc C:\WINDOWS\system32\CSRSRV.dll MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll MD5: f5b754cdea20bbb3a31e16a776ede6d6 C:\WINDOWS\system32\ESENT.dll MD5: cf833ac004268e1c3c4bf543656200a9 C:\WINDOWS\System32\hccutils.DLL MD5: 01018f75f3f18ce629fac9689954a2ae C:\WINDOWS\system32\hkcmd.exe MD5: b4bf52a20bff53b74d8e037ae9f119ed C:\WINDOWS\system32\hpf3l70v.dll MD5: 69c503c004f49aee8b8e3067cc047ba7 c:\windows\system32\hpzinw12.dll MD5: 12b4549d515cb26bb8d375038017ca65 c:\windows\system32\hpzipm12.dll MD5: af61826b82de7b95d5db8ee075a172d2 C:\WINDOWS\system32\ieframe.dll MD5: c0b6195f1afda4a3061915501eb75d4a C:\WINDOWS\system32\iepeers.dll MD5: ba356bd33397936d2e292cb00f80c164 C:\WINDOWS\system32\iertutil.dll MD5: 09dc1f2a2293e5536fe31d23af3e8c05 C:\WINDOWS\system32\igfxdev.dll MD5: 996abac2332de28f3b6a179c6da20205 C:\WINDOWS\system32\igfxpers.exe MD5: 41b2b21abe8d2029afe0f6194e0a8bba C:\WINDOWS\System32\igfxres.dll MD5: 95c346bf3b8856ac84d158faa3e3f2b6 C:\WINDOWS\System32\igfxress.dll MD5: 25a2c1f0a75ab0b6508784220d1b102c C:\WINDOWS\System32\igfxsrvc.dll MD5: 3f2c8dd08549bb3419cda372f5999ffa C:\WINDOWS\system32\igfxtray.exe MD5: 73c37297c84dc0500aeef8ec130afd60 C:\WINDOWS\system32\inetcomm.dll MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll MD5: efbef826c183cf8edab324ce514d69b7 C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx MD5: 14da23d2b9310c694aba9dcae14dc059 C:\WINDOWS\system32\msfeeds.dll MD5: 22ba5235ea846eda87f68a1dcc2bfcf9 C:\WINDOWS\system32\mshtml.dll MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\netshell.dll MD5: 060d8088f95a3a4bea0f0e11a65f853d C:\WINDOWS\system32\ntbackup.exe MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll MD5: 7a6a7900b5e322763430ba6fd9a31224 C:\WINDOWS\system32\ole32.dll MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll MD5: abeedd547e939ad827b2e29dec754206 C:\WINDOWS\system32\schannel.dll MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\security.dll MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll MD5: e1d18e2fdb687dd684611f0bc2a61bff C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD58.DLL MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll MD5: bd9b4450d00d4ac891407b8c0e08de9c C:\WINDOWS\system32\SYNCOR11.DLL MD5: 78bb1e601edab917094b0260a5a57c85 C:\WINDOWS\system32\urlmon.dll MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll MD5: cc951c2212a200475a587a440e0aa804 C:\WINDOWS\system32\WININET.dll MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll MD5: 42b5427fac23bf6f1f31e466b7feb084 C:\WINDOWS\system32\winsrv.dll MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\System32\xpsp2res.dll MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll No file uploaded. Scan finished - communication took 2 sec Total traffic - 0.01 MB sent, 0.49 KB recvd Scanned 385 files and modules - 13 seconds ==============================================================================
  10. Glinthi
    ESET Scan: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=f2a6547c56cba44ea87aee42a85b4c90 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-07-10 01:55:38 # local_time=2011-07-09 09:55:38 (-0500, Eastern Daylight Time) # country="United States" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=72037 # found=2 # cleaned=2 # scan_time=3217 C:\Documents and Settings\USER\Application Data\Sun\Java\Deployment\cache\6.0\30\5eb7c1de-27ce7766 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C C:\WINDOWS\system32\kerberos32.dll a variant of Win32/Kryptik.PQF trojan (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
  11. Glinthi
    OK, man. All is looking good. On Restart, no PresentationCache... error boxes. On google and yahoo searches, no redirects. Very nice. What should I do with all of the files/programs on my desktop? I did download Revosetup, which I think removed programs off of your computer, right?
  12. Glinthi
    In conjunction with downloading/running RootRepeal a DAT file appeared on my desktop that's named: "Settings" It says it was created at 5:36:26 PM Anything?
  13. Glinthi
    RootRepeal Log: ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2011/07/09 17:36 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB1488000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF79D7000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB077F000 Size: 49152 File Visible: No Signed: - Status: - Name: uxtdapow.sys Image Path: C:\DOCUME~1\USER\LOCALS~1\Temp\uxtdapow.sys Address: 0xB06E6000 Size: 100736 File Visible: No Signed: - Status: - ==EOF==
  14. Glinthi
    Concluded the GMER scan: "GMER hasn't found any system modification."
  15. Glinthi
    After downloading updated NET Framework...restarting..."PresentationFontCache.exe...encountered problem" window poppped up. Hmmm. Am currently running another GMER scan in Normal Mode. Been running for a few minutes now without problems... Will (hopefully) post results (in a few hours).
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.