MBfan1

OK, stale old Java out, fresh brewed new Java in. IE9 also on board. Thanks ,,,,

Ran both scans, results below. No redirects at all. Thanks ! Log file from ESET: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251 Log from Bitdefender: QuickScan Beta 32-bit v0.9.9.99 ------------------------------- Scan date: Tue Aug 09 08:23:04 2011 Machine ID: 72481AC4 No infection found. ------------------- Processes --------- DQLWinSe Application 780 C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe Adobe Photoshop Album Starter Edition 2764 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C-Major Audio 2960 C:\Windows\sttray.exe CommonSDK 1900 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe Dell Support 2880 C:\Program Files\DellSupport\DSAgnt.exe Digital Line Detection 4068 C:\Program Files\Digital Line Detect\DLG.exe Google Desktop 3776 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe Intel® Common User Interface 3240 C:\Windows\System32\hkcmd.exe Intel® Common User Interface 2288 C:\Windows\System32\igfxpers.exe Intel® Common User Interface 3664 C:\Windows\System32\igfxtray.exe Intel® Viiv Software 604 C:\Program Files\Intel\IntelDH\CCU\AlertService.exe Intel® Viiv Software 5196 C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe Intel® Viiv Software 728 C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe Intel® Viiv Software 2272 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe Intel® Viiv Software 2308 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe Intel® Viiv Software 2804 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe Intel® Hub Connect Technology 3736 C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe Intuit Update Service 2988 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe Java Platform SE Auto Updater 2 0 3604 C:\Program Files\Common Files\Java\Java Update\jusched.exe Macrovision FLEXnet Connect 3748 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe McAfee Security Scanner 2996 C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe mediaserver.exe 2700 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe Microsoft® Windows® Operating System 3792 C:\Program Files\Windows Sidebar\sidebar.exe Microsoft® Windows® Operating System 912 C:\Windows\explorer.exe Microsoft® Windows® Operating System 692 C:\Windows\System32\csrss.exe Microsoft® Windows® Operating System 636 C:\Windows\System32\csrss.exe Microsoft® Windows® Operating System 4896 C:\Windows\System32\notepad.exe Microsoft® Windows® Operating System 724 C:\Windows\System32\services.exe Microsoft® Windows® Operating System 1352 C:\Windows\System32\SLsvc.exe Microsoft® Windows® Operating System 532 C:\Windows\System32\smss.exe Microsoft® Windows® Operating System 1696 C:\Windows\System32\spoolsv.exe Microsoft® Windows® Operating System 3184 C:\Windows\System32\taskeng.exe Microsoft® Windows® Operating System 1912 C:\Windows\System32\taskeng.exe Microsoft® Windows® Operating System 680 C:\Windows\System32\wininit.exe Microsoft® Windows® Operating System 752 C:\Windows\System32\winlogon.exe Network Printer Wizard 1004 C:\Program Files\Generic\Network Printer Wizard\NPWService.exe Panda Cloud Antivirus 1508 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe Panda Cloud Antivirus 2344 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe Panda Security URL Filtering 992 C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe RAID Event Monitor 896 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe RAID Monitor 1344 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe SoftK56 Modem Driver 2256 C:\Windows\System32\drivers\XAudio.exe Updater 3536 C:\Program Files\Ask.com\Updater\Updater.exe WebEx Support Center 676 C:\Windows\System32\atashost.exe Windows® Internet Explorer 5172 C:\Program Files\Internet Explorer\iexplore.exe Windows® Search 5752 C:\Windows\System32\SearchFilterHost.exe Windows® Search 2100 C:\Windows\System32\SearchProtocolHost.exe (verified) Microsoft® Windows® Operating System 1820 C:\Program Files\Windows Media Player\wmpnetwk.exe (verified) Microsoft® Windows® Operating System 3872 C:\Program Files\Windows Media Player\wmpnscfg.exe (verified) Microsoft® Windows® Operating System 4228 C:\Windows\ehome\ehmsas.exe (verified) Microsoft® Windows® Operating System 3992 C:\Windows\ehome\ehtray.exe (verified) Microsoft® Windows® Operating System 3884 C:\Windows\System32\dwm.exe (verified) Microsoft® Windows® Operating System 776 C:\Windows\System32\lsass.exe (verified) Microsoft® Windows® Operating System 788 C:\Windows\System32\lsm.exe (verified) Microsoft® Windows® Operating System 1044 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1008 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 920 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 2152 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 2072 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 3680 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1724 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1404 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1388 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1484 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1200 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1168 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1140 C:\Windows\System32\svchost.exe (verified) Windows® Search 2184 C:\Windows\System32\SearchIndexer.exe Network activity ---------------- Process PSANHost.exe (1508) connected on port 80 (HTTP) --> 24.143.206.91 Process iexplore.exe (5172) connected on port 80 (HTTP) --> 66.235.142.20 Process iexplore.exe (5172) connected on port 80 (HTTP) --> 72.14.204.138 Process wininit.exe (680) listens on ports: 49152 (RPC) Process services.exe (724) listens on ports: 49159 (RPC) Process lsass.exe (776) listens on ports: 49155 (RPC) Process svchost.exe (1008) listens on ports: 135 (RPC) Process svchost.exe (1140) listens on ports: 49153 (RPC) Process svchost.exe (1200) listens on ports: 49154 (RPC) Process spoolsv.exe (1696) listens on ports: 47544 Process mediaserver.exe (2700) listens on ports: 9666, 9667, 50482, 50491, 58001, 58002, 58080 Process Remote UI Service.exe (2804) listens on ports: 51963, 54330 Autoruns and critical files --------------------------- c:\dell\E-Center\EULALauncher.exe C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe Adobe Photoshop Album Starter Edition C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C-Major Audio C:\Windows\sttray.exe Dell Support C:\Program Files\DellSupport\DSAgnt.exe Digital Line Detection C:\Program Files\Digital Line Detect\DLG.exe Google Desktop C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe Google Desktop c:\Program Files\Google\Google Desktop Search\googledesktopnetwork3.dll Intel® Common User Interface C:\Windows\System32\hkcmd.exe Intel® Common User Interface C:\Windows\system32\igfxdev.dll Intel® Common User Interface C:\Windows\System32\igfxpers.exe Intel® Common User Interface C:\Windows\System32\igfxtray.exe Intel® Viiv Software C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe Intel® Hub Connect Technology C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe Macrovision FLEXnet Connect C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe Malwarebytes' Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe MBBalloon.exe C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll Microsoft® Windows® Operating System C:\Windows\system32\logon.scr Panda Cloud Antivirus C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe Panda Security URL Filtering C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe QuickTime C:\Program Files\QuickTime\QTTask.exe RAID Event Monitor C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe Updater C:\Program Files\Ask.com\Updater\Updater.exe Windows® Internet Explorer C:\Windows\system32\msfeedssync.exe Windows® Internet Explorer c:\windows\system32\webcheck.dll (verified) Adobe Acrobat C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (verified) Google Update C:\Users\Frank Catena\AppData\Local\Google\Update\GoogleUpdate.exe (verified) Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe (verified) Microsoft® Windows® Operating System C:\Windows\ehome\ehtray.exe (verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Browser plugins --------------- AcroIEHelper Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll anagram C:\Windows\Downloaded Program Files\AnagramLib.dll BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll Browser Address Error Redirector C:\Program Files\BAE\BAE.dll Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll Coupons Inc., Coupon Printer Manager C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll Google Talk Plugin C:\Users\Frank Catena\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll Google Talk Plugin Video Accelerator C:\Users\Frank Catena\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll Google Toolbar for IE c:\program files\google\googletoolbar1.dll Google Update C:\Users\Frank Catena\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll Java Deployment Toolkit 6.0.260.3 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll Java Platform SE 6 U26 C:\Program Files\Java\jre6\bin\jp2ssv.dll Java Platform SE 6 U26 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll JuniperExt.exe C:\Windows\Downloaded Program Files\JuniperExt.exe JuniperSetupClientATL ActiveX Control M C:\Windows\Downloaded Program Files\JuniperSetupClient.ocx JuniperSetupClientCtrlUninstaller.exe C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe LinkedIn Contact Finder Control C:\Windows\Downloaded Program Files\LinkedInContactFinderControl.dll LizardTech DjVu C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll Macrovision FLEXnet Connect C:\Windows\Downloaded Program Files\isusweb.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\McContentMgr.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\McHealthCheck.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\McLogMgr.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\McPlugins.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\McProdMgr.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\MVT.dll McAfee Virtual Technician C:\Windows\Downloaded Program Files\Uploader.exe Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll Move Streaming Media Player C:\Users\Frank Catena\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll Network Printer Wizard C:\Program Files\Generic\Network Printer Wizard\NPWprint.dll Nortel NetDirect C:\Windows\Downloaded Program Files\NetDirect.ocx NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll Picasa C:\Program Files\Google\Picasa3\npPicasa3.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.6.8 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll QuickTime Plug-in 7.6.8 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll Toolbar C:\Program Files\Ask.com\GenericAskToolbar.dll Windows Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\Windows\system32\ieframe.dll (verified) Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll (verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll (verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe (verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll Missing files ------------- File not found: c:\progra~1\mcafee\msk\mskapbho.dll --> HKLM\Software\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\InprocServer32\"(default)" Scan ---- MD5: bcb30677f086e0e84cfd22d1feff9bdb c:\dell\E-Center\EULALauncher.exe MD5: a5a5af3a7a1dbd4583e3bf577791287d C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdboot.dll MD5: fc9e59fe8bc4fe05382cff5c8fc59de1 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe MD5: a277716d0e98115121978c70b011325f C:\Program Files\Ask.com\GenericAskToolbar.dll MD5: 8b718e2c3ae1ea0b90bfa793f7b558a7 C:\Program Files\Ask.com\Updater\Updater.exe MD5: 1a4f60ef6da38621f1091b0cb0fa2c09 C:\Program Files\BAE\BAE.dll MD5: c11f6a1f61481e24be3fdc06ea6f7d2a C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll MD5: ff3bf05021bfecc92db81b8257eeb026 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe MD5: a21763783025dd4527b259a15177e3e3 C:\Program Files\Common Files\Intel\IntelDH\bin\CCU_ResMgr.dll MD5: 90f98f235c500d552f5efa5e16e4e56b C:\Program Files\Common Files\Intel\IntelDH\CCU\Language\ENU\CCU.dll MD5: a0b584c33f55545d56f9e71fb4e203ac C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe MD5: 444913c1ed26eead3f84e11d47ae88ae C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\nmsmc.dll MD5: ccc1802674f1092f2b79f6311f1ea158 C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\ActMgr.dll MD5: bc9b6a68efcbe604d358519f02008b43 C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\CfgData.DLL MD5: fa1df1137e83e28dd4c404373615ac43 C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\gdql_in.dll MD5: 2729491496ba9eacd95162405de5282a c:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAction\handlers\grouph.dll MD5: 1f3d4375bfc2becaa315619923feb8e5 c:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAction\handlers\pnph.dll MD5: 14103f40243e3eba575c0babf60bb52f c:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAction\handlers\qdiagh.dll MD5: 28d2da29177147d5e4ecbe3805846743 c:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAction\handlers\trgloadh.dll MD5: 2893dc7121997e370d005f9e5e3c618c c:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAction\handlers\trgregh.dll MD5: c591c298ea3bc32ab67e8dfbf0c5731c C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAction\triggers\networkt.dll MD5: 363a7fadc1ccebe74052798e867a0383 C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\GTAgnt.dll MD5: f93eba19e9d096c481a5d8aaa1b3d2fb C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe MD5: 20cff7cb48275b00a00fad864f38cb14 C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\TrgMgr.DLL MD5: 3dc635b66dd7412e1c9c3a77b8d78f25 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe MD5: 13e7cfe8e269ed15e7fc9c3ebbcb7e2b C:\Program Files\Common Files\Java\Java Update\jusched.exe MD5: 938acf2a4f7fdaff322fd36f0b14d45a C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MD5: f6c66188def298e2c3827af6fb2c0637 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll MD5: 3c03db6f66c9792c9b6e30473e847ca2 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll MD5: 41857da3ea7a2568e1aae8fedc8d8939 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll MD5: c7c30b24c8c57078654ba9574ce70e3d C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll MD5: 1bac818025403333c11817dafbcee283 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll MD5: 5fce5b36991dbaa99da9e9c62d8e60ac C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll MD5: ebcde8b48fadc6479d96a56d0a432160 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe MD5: ab2b1de1c8f31efce2384b14b3dc4260 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe MD5: 900a9d261859ec999c9c7243410c3203 C:\Program Files\Common Files\Roxio Shared\DLLShared\homeutils9.dll MD5: 743e556a998074ed7eeb99ca495b2e5d C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll MD5: 3c84fca13c4eb607478a45f2d7e16db3 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll MD5: 51778fd315c9882f1cbd932743e62a72 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe MD5: 267b3a856e9f4db1cabd4e6db71e07d2 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe MD5: 4235107caa0bce7e872c4355329fc06e C:\Program Files\DellSupport\ActMgr.dll MD5: 01d5b95d0a12a916bbdc258629113258 C:\Program Files\DellSupport\brkrsvc.exe MD5: b7d321db3d2f223ff5010d491ab6bd4b C:\Program Files\DellSupport\CfgData.DLL MD5: 64fa28c15dd71a80bef3527e1ef07df6 C:\Program Files\DellSupport\Drivers\dsunidrv.sys MD5: cc4413981c4f1234e6e884dff8b99c03 C:\Program Files\DellSupport\DSAgnt.exe MD5: 1bbc044533a77be2519497966354b763 C:\Program Files\DellSupport\gdql_d.dll MD5: 2ea4f4471281ef0e7295d12253f01df3 c:\Program Files\DellSupport\GTAction\handlers\brkrsvch.dll MD5: 896f1dae48558ce96af012c7e594ccc6 c:\Program Files\DellSupport\GTAction\handlers\grouph.dll MD5: d2c8be14bcc8a49f9411557db6028cab c:\Program Files\DellSupport\GTAction\handlers\pnph.dll MD5: a8a5453f6daa4bcacd02fbf2ef3f7c1f c:\Program Files\DellSupport\GTAction\handlers\qdiagh.dll MD5: 755ad13d0042329925e2faf3d070326d c:\Program Files\DellSupport\GTAction\handlers\trgloadh.dll MD5: 6472d141970830f856778de71eb93319 c:\Program Files\DellSupport\GTAction\handlers\trgregh.dll MD5: 448452164af599409ffb40139873e5f9 C:\Program Files\DellSupport\GTAction\triggers\DSproct.dll MD5: 413f2d5f9d802688242c23b38f767ecb C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys MD5: 3d293e0dfdfd4c17ab7e5d4e6065c0e7 C:\Program Files\DellSupport\GTAction\triggers\DSWnHnt.dll MD5: 02ef2c66653d28d964b03ef44a942bf0 C:\Program Files\DellSupport\GTAction\triggers\timert.dll MD5: d87f1fd34af36e24c4c37c8cfca9fe80 C:\Program Files\DellSupport\GTAgnt.dll MD5: 7d1913e59c79ab565a73020f8bd13b40 C:\Program Files\DellSupport\TrgMgr.DLL MD5: cb1135906d951b574f9f2498be8f11f9 C:\Program Files\Digital Line Detect\BVRPDIAG.dll MD5: f03ffc962e18f36a922e61f96be09925 C:\Program Files\Digital Line Detect\DLG.exe MD5: 85a223b8f631d8267945ef83fc9ce20e C:\Program Files\Generic\Network Printer Wizard\NPWdcp.dll MD5: 1a13bd95c74cbda94bd9e825f0f2b7f1 C:\Program Files\Generic\Network Printer Wizard\NPWlog.dll MD5: ddcc62e32b577cae5287a6ca24e2c138 C:\Program Files\Generic\Network Printer Wizard\NPWprint.dll MD5: aea3054698dc5cbfbf958670c7fa78b8 C:\Program Files\Generic\Network Printer Wizard\NPWpsm.dll MD5: a4dc215db3bbeb746d02e9a8e81035ab C:\Program Files\Generic\Network Printer Wizard\NPWService.exe MD5: feca4630228083433efd177e4a79f335 C:\Program Files\Generic\Network Printer Wizard\NPWuntp.dll MD5: cca0000b5f9f73aca4b74d60d590ac48 C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll MD5: df5f4ecacf6df29a0738ccae7e322371 C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll MD5: 6f3ada96f3e73d4ff39d0c284d5e0c9d C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll MD5: 6434b5f02751b9140deecf4e4a3bab47 c:\Program Files\Google\Google Desktop Search\googledesktopnetwork3.dll MD5: b3ccb67d0d6a3f653c43b840ff2ea324 C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll MD5: 59dac066b544f434f3ef8fbe52bcf6cf C:\Program Files\Google\Google Desktop Search\GoogleServices.DLL MD5: b6b99ed927a26a88a4bfc258a30a6db4 c:\program files\google\googletoolbar1.dll MD5: 45d7f2fabdfd500e3c35dc068b552544 C:\Program Files\Google\Picasa3\npPicasa3.dll MD5: fc215d2edfa88d57401f53a59ee1b0dd C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe MD5: a230b0fb7c20b5f0a1389d686e742b7f C:\Program Files\ImageConverter Plus\fcnv.dll MD5: 0b291b8cae05ce60ffcfec1017244694 C:\Program Files\ImageConverter Plus\FCRTL.dll MD5: 6bfcdd6356cff6cc73d43c8cea1d3dbb C:\Program Files\ImageConverter Plus\fpdf.dll MD5: d76dbb3a8cd59b172754fa8e6cd88ec1 C:\Program Files\ImageConverter Plus\gpgate.dll MD5: 71c8e6e3b536e0e843ac94f1daaf10dd C:\Program Files\ImageConverter Plus\MemHandler.dll MD5: 8fb193ca7e2e6617913a45e783712f6d C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll MD5: d2ca35a3f711e613d9399845ce9302fa C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe MD5: 0bcee844a02747dd7f1e30352e619f2e C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe MD5: 7855ea6acbad155effe6f0ba94790f50 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll MD5: bf923d9da33061282f79622e6f32815c C:\Program Files\Intel\IntelDH\bin\IntelDH.dll MD5: 80f4a5260fc8f95185313a1d229239ce C:\Program Files\Intel\IntelDH\CCU\AlertService.exe MD5: 71b40381468f510fbacb22fbbe7b63af C:\Program Files\Intel\IntelDH\CCU\AlertServicePS.dll MD5: 20f3cf19335adcab379340b1d55d66a6 C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe MD5: cb5ab280926ff4444b8ce6bb07e57a8d C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe MD5: 367163e787c1f582945c10695d47495c C:\Program Files\Intel\IntelDH\Intel Media Server\CCUPlugIn\IMSCCUPlugIn.dll MD5: e5e18097d64823afa7988685cf111657 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\contentmanager.dll MD5: 7ebdad13e14e1e67ebbf611bc7c9bbd8 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberDivX.dll MD5: 1e3ece4a292def3eecb906816e02c480 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberDV.dll MD5: 812443ada9768750f99c66a96066df62 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberDV2.dll MD5: 5cfd8ab222302d9e3d8342e3baecbbc0 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberMPEG1.dll MD5: 5907f726c299709e19ff8fc7030d17f4 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberMPEG2PS.dll MD5: bec361025551b6c5f936d8940edb0db3 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberMPEG2TS.dll MD5: a59dd7e8096f27af2793d109ebce956b C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberMPEG42.dll MD5: 212063f6cadac5e5335dc4f7c38cb14a C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberMSDVR.dll MD5: a04295d52bfc92196ae145b34870e7df C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\imggrabbers\ImgGrabberWMV.dll MD5: b8b728563e3df6f8a66e1a02b402903b C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe MD5: ca8b56e094d2506b6d6fd1093bab8a5c C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issmps.dll MD5: 34d366d8d0a3db3f4441823c2dfc9da2 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ITSIndexGenerator.dll MD5: 8e5aa8c4d15d06f1c2ec1c79e7207dd7 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe MD5: c662e361708d141e89ead0117aa837a5 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\PwrMgmt.dll MD5: 1f4e711f583a44096ee7131708dae575 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\PwrMgmtIf.dll MD5: 32ce2459b49535c6a929680e107bce55 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\RTCPFeedbackControl.dll MD5: 34a1ecb7e4c509ffb13b8cb22ec56b5a C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSAACParser.dll MD5: 28297df692bb406502c99afa1a12b608 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSAKEProxy.dll MD5: b0d5ebabe2c63c5a744a8e715d4276c7 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSCOMLoader.dll MD5: 054757feb3bb76aa093ea16b28a19aec C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSDVRMSParser.dll MD5: e340ae083867b8e89feb7d8d72d30b9b C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSGraphManager.dll MD5: 366b3bd90e2e7a1bedb2b48907b58ed2 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHTTPServer.dll MD5: 89db3cc738ef2a2d84912409d2583eed C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.dll MD5: 3f6dc449398b21c213dcdd18f460df72 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys MD5: 730238dc2c1369440b09e3028d5ac189 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSMediaParser.dll MD5: 1227e58311a23cae080858a27a1fcbba C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSMP4Parser.dll MD5: b87cc9ed78e58054371f06371681cc31 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSParseAVI.dll MD5: 94d88363980ab1d3f0e8a86aac20a29a C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSParseMPEG.dll MD5: 440745816f9823d42323dbe9fb57e28e C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSParseWMV.dll MD5: c40b0f6e6f9d33b96fe6d0da9dead6b2 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSPolicyManager.dll MD5: 27d2ff66d239b7100da993eb29cb66aa C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSSqmDeviceFeedbackProvider.dll MD5: 88795043d22443b7ff44a76c68d9ad5a C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSStreamQualityManager.dll MD5: 89cce8f3e3a5d5d57698251e2a63de5e C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSThumbnailGeneratorCOM.dll MD5: 648bb3038bbb0ed9e8e3006fa0047d2b C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSTransportManager.dll MD5: 6f10a96899440cf981884f4d7d9595b9 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\WLCommon.dll MD5: b69071eacf1ba1e08b9307ca2511528d C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\WLMediaFormatParser.dll MD5: 2ba3153309cdab7129b4b2539b58c957 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\WLSplitter.dll MD5: d2e6ef7ecb012f0be51779a5f1825236 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_client.dll MD5: e996dff0616a022c7733f482e03a5246 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_import.dll MD5: 84541e860561ffaccacf1ba85fc755f6 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaserver.dll MD5: 78293d83634046c578da917cd51b7ef4 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaspace.dll MD5: c865396c9f17b1c4436a7ec85aebc5fe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_upnppower.dll MD5: 925f7764fb2527be15218515d537a71b C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_aggregate.dll MD5: c5163706551ce8712bdecc4fe1b682f5 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_localdiscovery.dll MD5: 2ecab42202c49794a0989b5c12baadbd C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_sync.dll MD5: 25c072e2f41b122367ab67fecd72a0aa C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunisauth.dll MD5: b711e9b44fd1975f7648e05f74d7541f C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunists.dll MD5: 6b53432a9a7a7561cd4316cc97fbeedf C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnp.dll MD5: 4e06d5caffbb14c400938844861b0075 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnppower.dll MD5: 0083406d109b698f53cb6199a8f90195 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_xrturi.dll MD5: 167c0eea7ce4237862fa84fe1b3588f2 C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_zcardea.dll MD5: d3f692d1d6530247238a57ead18811ea C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\xmb_format-default.dll MD5: b5ecae62e7339bd15ac027876a4344e3 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCApps.dll MD5: bb32d71031687ceebc24b9e160abcba9 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe MD5: 42d5ab26fc5fcdb3c1bdaac4ac153849 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe MD5: 91b5266bc92004c63670e29998a14c34 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\RUIRes_ENU.DLL MD5: 5188d385f9a9ce89da2e07dac48565f1 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\RUIServerProps.dll MD5: 1c64d3d23d9e3a36f22d3dcbccd0cbe2 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\TRAPAPIS.dll MD5: 6b5543ba7a46fe41850e7f91567f8341 C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\URIProxy.dll MD5: 2c5168c856455cc43c4b4e1cc1920001 C:\Program Files\Internet Explorer\iexplore.exe MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: e7d55e121ff1951cb86c7e0dc6a33877 C:\Program Files\Java\jre6\bin\jp2ssv.dll MD5: 1040bd9bf3ddab7cda2346f8375480a2 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll MD5: e5ca22f495988a55e58c527f25fb21ee C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe MD5: 1365bb2a78db638870337422b54ddbac C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll MD5: c62d44164113cd26378382747fd3ce78 C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll MD5: 5eb6f21d95e728c61bcfc89f899d6bb0 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll MD5: 3909f4d2e7931fe78a0bb12711e995bc C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll MD5: 39c4fddc44de555514bd765b567939e3 C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll MD5: c6060133b61c8b78992fca8333c8e9bd C:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll MD5: 5bda680c2be14d02274f95188fef651c C:\Program Files\Panda Security\Panda Cloud Antivirus\BORLNDMM.DLL MD5: 28bc28a3edc621f7c954ea8f88fe6e2d C:\Program Files\Panda Security\Panda Cloud Antivirus\CC3290MT.DLL MD5: 1f500e6734ecc0ce409c59df6f03a05c C:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll MD5: 8d89a8459c2cd757414a07bbd64f20fa C:\Program Files\Panda Security\Panda Cloud Antivirus\pksact.dll MD5: 4766fa5dfd9db23a22bb9104d00489a3 C:\Program Files\Panda Security\Panda Cloud Antivirus\pksbdt.dll MD5: fadd4abefd712691bdb971d6b57f64e5 C:\Program Files\Panda Security\Panda Cloud Antivirus\pkssigcv.dll MD5: 627fa9aa7698a8555a2e2847f2e1fe0b C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANAlManager.dll MD5: a830e59f98827943686e90bf79fc96fa C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe MD5: 479b9f9ca5161fa0c3ee338f3bfd4317 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANLang.dll MD5: 19be833eb64ca12af9dcb733c5eaedd9 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANLiveDownloader.dll MD5: 8b01c9ab01251fbe583b79e68e210baa C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANLiveMan.dll MD5: 5197da93ba22012d869dd9ea5224c362 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModAdiag.dll MD5: 6364daa6e4d3911e3454651bcef47de6 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModADM.dll MD5: a53d3d204a8765c4d345448fda0613a4 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModAV.dll MD5: 5f3ca8c06d8ae29f82f9d7bd4be70046 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModBLA.dll MD5: 164460df7a8b740a8ef1b80fc565cce0 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModBrowser.dll MD5: 466a7d6dad2a030d8979fd2ff5eaff92 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModCtrlCfg.dll MD5: 0d20039c80a7044273bd76b5a2f50ce4 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModLive.dll MD5: fb4a34efa15804527a61db48dd4ec26e C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModProactive.dll MD5: 842d7fd6bd5de62efe4ed30084237035 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModRep.dll MD5: a0cd8964013943d06da323893505fb92 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModRol.dll MD5: 43cef80f40b5c7928042445828c27f08 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModScheduler.dll MD5: dd7cf24736d67884cb62a13ccbcfa47b C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModShield.dll MD5: 8633726818aa47acd923287a0ec23858 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModStats.dll MD5: ff4621f8528d9ab33533808480603c8c C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANModUSBVac.dll MD5: 6ae25dd408cbbc2bd56c332e4e616157 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANMSrvc.dll MD5: 8306020a3d8796c6d36475b1e9630dc4 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANProInfo.dll MD5: c79b93f7e80f6e6fcbfec53ea1786dd8 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANUpgMgr.dll MD5: 5d92f5b8da3890b7d50a54b37369f296 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenagent.dll MD5: 2105a4aa21f212186391a65d8e94e163 C:\Program Files\Panda Security\Panda Cloud Antivirus\psencmp.dll MD5: 22fa19b9fece03585796349b8db96f6a C:\Program Files\Panda Security\Panda Cloud Antivirus\psendecs.dll MD5: 941bb0bf4b242deb9bc1b88e0e7f2166 C:\Program Files\Panda Security\Panda Cloud Antivirus\psendsig.dll MD5: dd95c09de584d9639fda147ae42a9f42 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenfilter.dll MD5: bef1e0e815a013a3bc2b4527dfa43352 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenhash.dll MD5: 823a2b1f503cad230e5f8f2abb34b9f4 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenic.dll MD5: 9df87f700aeb17aabc71edaba3e202aa C:\Program Files\Panda Security\Panda Cloud Antivirus\pseniexag.dll MD5: 3f080eed341bd90ef8e6079483b01af6 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSENKrnl.dll MD5: b2ab9383b5a11305dccfff639c2a0b64 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenlc.dll MD5: d3f9f94fb0f0978eac2a5faec2c7161d C:\Program Files\Panda Security\Panda Cloud Antivirus\psenlog.dll MD5: eb5efca7b8825ef3a0222d6025755ef2 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenmark.dll MD5: 0e6dcfa9a1fcf156064919bd3f5cca60 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSENMgrb.dll MD5: ca07e846cac21f25c2fd85d8f8916171 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenobsr.dll MD5: be3ea05cd75e029e51a83b492fa442b6 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSENPLGB.DLL MD5: 8bf06215ded0e24dd8c11779b1cf5b08 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenprtglk.dll MD5: ca8e7070f1e3724b92ceffd309fbe853 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenprx.dll MD5: 1bfe71a17a79d1f131df52cc7f9147fc C:\Program Files\Panda Security\Panda Cloud Antivirus\psenqmem.dll MD5: 67d67cbaecaec9a53ad391f7a1ce2ab1 C:\Program Files\Panda Security\Panda Cloud Antivirus\psenram.dll MD5: 1508c08c1d7c52e77813834e477e2d56 C:\Program Files\Panda Security\Panda Cloud Antivirus\psensfl.dll MD5: 3976c5255b5702802a52df921f755ff3 C:\Program Files\Panda Security\Panda Cloud Antivirus\psensfn.dll MD5: c6fa34d4c886412e93181a6ea2fc68ab C:\Program Files\Panda Security\Panda Cloud Antivirus\psensrf.dll MD5: 172ea0c129bd9d5b1ef0420101c9f3bd C:\Program Files\Panda Security\Panda Cloud Antivirus\psensysmw.dll MD5: f731869a1c2960a8e97a541204ad77ce C:\Program Files\Panda Security\Panda Cloud Antivirus\PSINApAg.dll MD5: 9f74d90fafb5020e18ef4c15658f621d C:\Program Files\Panda Security\Panda Cloud Antivirus\PSINCFG.dll MD5: ba34ddf577755c86d6ce817e56ec652e C:\Program Files\Panda Security\Panda Cloud Antivirus\PSINEnAg.dll MD5: 3c5ae7fd875c4f932e7801430d9c1095 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSINEvAg.dll MD5: 3e83b388a4cbb57e01a56e725693fa5f C:\Program Files\Panda Security\Panda Cloud Antivirus\PSINUNC.dll MD5: fcbc487eec611670a846d370729c3ea6 C:\Program Files\Panda Security\Panda Cloud Antivirus\pskalloc.dll MD5: 8c1b6714b33ac3abee1c699c583b369c C:\Program Files\Panda Security\Panda Cloud Antivirus\pskas.dll MD5: 166eb6368a387e16ca4e94c5c6162a39 C:\Program Files\Panda Security\Panda Cloud Antivirus\pskavs.dll MD5: b3502307e746c2a49ad9ae0eea434cac C:\Program Files\Panda Security\Panda Cloud Antivirus\PSKCMP.dll MD5: c4e3e4d83430ded1a61ef2fa1314ea7a C:\Program Files\Panda Security\Panda Cloud Antivirus\pskfss.dll MD5: dbd76d644d539c2346fd6edd96e72fd6 C:\Program Files\Panda Security\Panda Cloud Antivirus\pskqhs.dll MD5: de6f0cf5ef9a6b1512279385f65eff8c C:\Program Files\Panda Security\Panda Cloud Antivirus\pskscs.dll MD5: 1c6197fb4ed7a1b6aa949fb8834fb95f C:\Program Files\Panda Security\Panda Cloud Antivirus\PSKSQLT.dll MD5: 1ce9a95ca45db3da65e734c49ffff90b C:\Program Files\Panda Security\Panda Cloud Antivirus\PSKVM.DLL MD5: 05b25cba9dcca729c51d6d38fc4057df C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCCfgMgr.dll MD5: 67eb865befe2f66b76d12821edda93fb C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCCfgStore.dll MD5: e1814aaf66927e3acbbf4b99752b7a49 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCDSEX.dll MD5: ddcebb48a0b5d70925e19a21b5981c22 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCDSVF.dll MD5: 7f17e85bd06bc83b8d6df8846e33b257 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCGP.dll MD5: 7b7faf09d5d8c218061429a34581ca40 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll MD5: 56bc7c79fa656824d264c4026e65cd5a C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCNotifMgr.dll MD5: 4781ada156f0eca1ee110f3c7f581a9c C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNComms.dll MD5: 957f8742e26f3475f92293f3c433a255 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCrypt.dll MD5: 64a0f803e56336349c451fde7f0f32fc C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCSA.dll MD5: 363f21e7e282f5ea810fb38bb3b4c24b C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCSysInfo.dll MD5: cc99fe214cb904b5f49d4c990ba90054 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNCUpdMgr.dll MD5: 46503c33bfdf4b5948be88bcb9cd54ac C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNEvts.dll MD5: b422c8584a651efcf2e9780ca4104ac1 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNFiles.dll MD5: d8078f9e75e82b3998157c1496f40dea C:\Program Files\Panda Security\Panda Cloud Antivirus\PSNMuid.dll MD5: bfbc8b3c02917c589dc7c88721733611 C:\Program Files\Panda Security\Panda Cloud Antivirus\psNXml.dll MD5: 1bfcd7c2c4d1d8e90ab7bbec6256cffb C:\Program Files\Panda Security\Panda Cloud Antivirus\psscan.dll MD5: 6b81d736008ceb892b724a90e443696c C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNConfigStore.dll MD5: 77a68aeddf7a396ab14096966d42dfca C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNCtrl.bpl MD5: 9bf0892939857af634a3d89ec4dee6a9 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe MD5: f6a372a62570b65c01b1f079fadfe104 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNResources.dll MD5: 19b6c453f1e6e36e49081c897afa1e37 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL MD5: 79a47d74de9a2a4cd55ed026e8152501 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNTrayBar.dll MD5: 5fbbd0ad928bb667808d1acb1a3427d4 C:\Program Files\Panda Security\Panda Cloud Antivirus\putczip.dll MD5: 326a7ab5a659481c9d7645632879c535 C:\Program Files\Panda Security\Panda Cloud Antivirus\puturar.dll MD5: dd82eb68d97944b192c7803eb585b03c C:\Program Files\Panda Security\Panda Cloud Antivirus\rtl120.bpl MD5: 773ebd87010a6f644869a59d98792c9c C:\Program Files\Panda Security\Panda Cloud Antivirus\vcl120.bpl MD5: 264bfcc11a0da6f0b449a40a14d15772 C:\Program Files\Panda Security\Panda Cloud Antivirus\vclx120.bpl MD5: fb83c1c5d17d9bd718a3d5dc66f73062 C:\Program Files\Panda Security\Panda Cloud Antivirus\vplatdis.dll MD5: 69581380e69c8dce30ede2a463c912ee C:\Program Files\QuickTime\QTTask.exe MD5: 76ff9f849b0b56a73082da8294821460 C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll MD5: d299be72fb0554016f69c3cf04274d7c C:\Program Files\Roxio\Drag-to-Disc\ShellRes.dll MD5: 7d1f2afe12bafc4c18c5a0e3c6866e38 c:\program files\windows defender\mprtplug.dll MD5: 31170caf2b2ff87be9a4d5f53444d166 C:\Program Files\Windows Sidebar\wlsrvc.dll MD5: 1c9b06ff129db305d8c70554f47c679b C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5FDCDB02-3BCE-48D9-82E2-07147A5C5330}\mpengine.dll MD5: fa903be3bd74552bf9963a90cc35184e C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key MD5: 988024e9da43e3deca8ddac3b1668afa C:\ProgramData\Panda Security URL Filtering\panda_url_filtering.dll MD5: c6b4496ecd35ad87f42dff320eff0cdb C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe MD5: 87bbf47f728aeee862f9823d5b4c0bbc C:\Users\Frank Catena\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll MD5: ab024203b28d695783abb365307d5d5a C:\Users\Frank Catena\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll MD5: 1dd549e2b7bea2e8ae1bae436bd39b6a C:\Users\Frank Catena\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll MD5: 8bfa91c530110ba2ecca0f3f3f36249c C:\Users\Frank Catena\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll MD5: d6804f089cbb6749e95124e7c4d80900 C:\Windows\AppPatch\AcLayers.DLL MD5: f4d241169a2635e28732ca51c3adb1ec C:\Windows\AppPatch\AcRedir.DLL MD5: 5a5dec75f662fbb8e48dd29b2d929473 C:\Windows\AppPatch\AcSpecfc.DLL MD5: a0b22cd7628dbda754fb254e55f0ac80 C:\Windows\AppPatch\iebrshim.dll MD5: 8607a3ae9c287a8e3cdf6e410a1426a7 C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll MD5: bd1e2bb8c96105353078ad23ff5489d0 C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll MD5: 937fbd23997a91af923d5e89286126bd C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll MD5: 70891f0ed183ac39be4c5e43666a35c7 C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll MD5: b74bb4fa1cb68892caf2e3a586a55e23 C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MD5: 090f0c209849df6bf42c4bc3a212ed24 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll MD5: 0c06a80dffa51e0eb9c5ce3df703bc46 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll MD5: 12500e86fafeb5cb22c0aba370cfffbd C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll MD5: 375fd11c25f5e43e0d1620fd6114baba C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll MD5: a71a91c57d2832c5d6d3f1917830bee8 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll MD5: 26d2b399e87f2df5dbce2dac24d94cff C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll MD5: d773437cf8acad89d87a830b663fd225 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll MD5: ce652d887de875b24be66901c8c05f62 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll MD5: c0770e006d0556d359f586ed86ead004 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll MD5: 7edf1a41e9c31dce28bd71d6142534cc C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll MD5: 68a84e7d86995088127f30e5d118c4e2 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll MD5: fe88e72f1b01ef8334e47ec44117559f C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll MD5: 24291b61ab7a21cdeb3fac7a03995bbe C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll MD5: e43c3d10e560dbeacfbc12bf888703a7 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll MD5: f71a731e236fb55e3585dc5391d286d3 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll MD5: 54b21273aaf8a0ba1c06494ffb21bb29 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll MD5: 515d0e89532fa76488be97427de4207f C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll MD5: 55c9b75102b54fa486a0bc5462e95fe4 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll MD5: d6f5d2245d53b5f5d3939137a7ec97ec C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll MD5: e5210eb71e2017951050550067c30093 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll MD5: e247301b09b5cffa332a00f1b7bb55f7 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll MD5: 712fa98f6794152b349fd74a702f40f7 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll MD5: b37a7c2b855fa1523a6840246c250fb2 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll MD5: 34dcf0e4754f8fa599e33aa444742481 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll MD5: 58ed45bfb06ec7c6b7d151b77247e4b3 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll MD5: 8da93d9a662e4ba18802bc6c2ccacd66 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll MD5: 5ac46a3a31bc58e512c4cafd87327922 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll MD5: 04de2774c2a6602da45e9e76d46bc071 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll MD5: 333244713f41c02de8502061c0a11622 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll MD5: 1d114e646e5cc8b6d18238eba210f9ae C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll MD5: 7e1174e9a3d17855680e144aa5d130a1 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll MD5: b334fca2f0878c2af77826211dbe55bb C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll MD5: bc204ce4cd9d08d6b178dfc77095b850 C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll MD5: b89cb7f3f1a1e2807e708f5435deb13d C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll MD5: abc4dd333a08c767c95bc2653283d00e C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MD5: 48a39ec664904919110a37ca10756bb3 C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MD5: 98ad6aacc81dc2c1de5c178fbe12db4a C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\798dad8e1b1dae489aa30b4341bcdba7\CustomMarshalers.ni.dll MD5: 0c9fffc25f797f8c7c3f99bc12cfa411 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll MD5: ed95dc7692e4bfaa3e219b6fcbe1c0f1 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7d35e4a8583c5dc077a1d43d12ad8855\System.ServiceProcess.ni.dll MD5: e43a888be303497084f56b52770390e1 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f5fa811725cbc26754b26fb9cb2bda63\System.ni.dll MD5: 752d51004a17ca2276eb367e8d2a7cfd C:\Windows\Downloaded Program Files\AnagramLib.dll MD5: 11ebc1ef713a878a14be8d5923cd355f C:\Windows\Downloaded Program Files\isusweb.dll MD5: bbfe11733312fbeae5f50dfeccf3e1de C:\Windows\Downloaded Program Files\JuniperExt.exe MD5: 8d835ab7e34542b2c820cfee23d78056 C:\Windows\Downloaded Program Files\JuniperSetupClient.ocx MD5: f9f00076d544d57072f661bb1bb5ac65 C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe MD5: 72599c9253c8dc6495bc69793dd42800 C:\Windows\Downloaded Program Files\LinkedInContactFinderControl.dll MD5: 1be4cd6e264d82163f5a346aad0c1478 C:\Windows\Downloaded Program Files\McContentMgr.dll MD5: 40cdb9687d67516251e3a876ce843701 C:\Windows\Downloaded Program Files\McHealthCheck.dll MD5: 0541ec396d772289dadbf572607138e2 C:\Windows\Downloaded Program Files\McLogMgr.dll MD5: 38e1c7407449caee7559dea5cd413007 C:\Windows\Downloaded Program Files\McPlugins.dll MD5: 0d1f44af9ee665245d9acf85dbe43810 C:\Windows\Downloaded Program Files\McProdMgr.dll MD5: 4047fd723bd7cdaab49fab542b6497d2 C:\Windows\Downloaded Program Files\MVT.dll MD5: deb0fdaf2f5ef133791160b582f0e345 C:\Windows\Downloaded Program Files\NetDirect.ocx MD5: 823451876778f382b23afe20ef2ddc20 C:\Windows\Downloaded Program Files\qsax.dll MD5: c9caf4e7d62e263073a392b00d9245f7 C:\Windows\Downloaded Program Files\Uploader.exe MD5: 6717ae12e326dd1e39f6ee183a37dc0f C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MD5: f3432e0c2d2c257d07d43fd57a0cde6a C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: 1a11a757d613f8a815b8e30025522628 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll MD5: 733da847d5c3e32c40ba831beaa8dc93 C:\Windows\sttray.exe MD5: e9b9c1b98c8d6d48407e1c1203eac659 C:\Windows\System32\adsldpc.dll MD5: c77f71aa825263541965846edd9e8729 C:\Windows\system32\advpack.dll MD5: da1b3ad3b06d5ded23f8e1a806731809 C:\Windows\System32\atashost.exe MD5: 928c90e02e05244d2290c1551df732c8 C:\Windows\system32\AVICAP32.dll MD5: f31eebc1a1c81fd04005489cc3dcdfe7 C:\Windows\system32\basesrv.dll MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll MD5: d333058925ce305e39de8d5ad2b52a46 C:\Windows\system32\CLUSAPI.DLL MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe MD5: 0c3ab6190f4e9494aea5497d104bac1f C:\Windows\System32\CNARLMNT.DLL MD5: fef86a80e37754d53d286d5f1b656d7d C:\Windows\system32\CNCC5750.DLL MD5: d6a35eb3d8e01062f8ec79d837c51717 C:\Windows\system32\CNCL5750.DLL MD5: 9e809f484259759ee2bd9db5e4ac0fd2 C:\Windows\system32\CNCLSC12.DLL MD5: e762339d442181beb9ac653b01f1c0b6 C:\Windows\system32\CNCLSD12.DLL MD5: a056ea1d9e47bd3269ebefce771248a0 C:\Windows\system32\CNCLSI12.DLL MD5: ae783143d23b268484ff79ec8a5c3830 C:\Windows\system32\CNCLST12.DLL MD5: d56d466783ca293277104b626d9c6802 C:\Windows\system32\CNCLSU12.DLL MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll MD5: 69a69e5e3e964c1a2b25802becb411db C:\Windows\system32\cnvshell.dll MD5: 93e317d7ad783d8eaee2e3500bfe889d C:\Windows\System32\credui.dll MD5: ca111717010609a03b2720fcb1634daa C:\Windows\system32\CSRSRV.dll MD5: abca209eba02cb59233614db83b4f50d C:\Windows\System32\csrss.exe MD5: a53723176d0002feb486eff8e17812f2 C:\Windows\System32\DLA\DLABMFSM.SYS MD5: d4587063acea776699251e177d719586 C:\Windows\System32\DLA\DLABOIOM.SYS MD5: c950c2e7b9ed1a4fc4a2ac7ec044f1d6 C:\Windows\System32\DLA\DLADResM.SYS MD5: 24400137e387a24410c52a591f3cfb4d C:\Windows\System32\DLA\DLAIFS_M.SYS MD5: 29a303feceb28641ecebdae89eb71c63 C:\Windows\System32\DLA\DLAOPIOM.SYS MD5: c93e33a22a1ae0c5508f3fb1f6d0a50c C:\Windows\System32\DLA\DLAPoolM.SYS MD5: 4897704c093c1f59ce58fc65e1e1ef1e C:\Windows\System32\DLA\DLAUDF_M.SYS MD5: b953498c35a31e5ac98f49adbcf3e627 C:\Windows\System32\DLA\DLAUDFAM.SYS MD5: d7675f963be522060140ecd15607bcb8 C:\Windows\system32\DLAAPI_W.DLL MD5: 85e861d0b88db2b54acb0839654c09f7 C:\Windows\system32\DNSAPI.dll MD5: 57d762f6f5974af0da2be88a3349baaa c:\windows\system32\dnsrslvr.dll MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys MD5: 8b10ce1c1f9f1d47e4deb1a547a00cd4 C:\Windows\system32\drivers\agp440.sys MD5: 3a99cb23a2d326fd532618705d6e3048 C:\Windows\system32\drivers\aliide.sys MD5: 848f27e5b27c1c253f6cefdc1a5d8f21 C:\Windows\system32\drivers\amdagp.sys MD5: 4333c133dbd71c7d7fe4fb1b83f9ee3e C:\Windows\system32\drivers\amdide.sys MD5: a779ca2c76da4fcb595e692c05e8e4eb C:\Windows\system32\drivers\atapi.sys MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys MD5: dfb94a6fc3a26972b0461ab5f1d8272b C:\Windows\system32\drivers\cmdide.sys MD5: 82b8c91d327cfecf76cb58716f7d4997 C:\Windows\system32\drivers\compbatt.sys MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys MD5: 5230cdb7e715f3a3b4a882e254cdd35d C:\Windows\System32\Drivers\DLACDBHM.SYS MD5: 77fe51f0f8d86804cb81f6ef6bfb86dd C:\Windows\System32\Drivers\DLARTL_M.SYS MD5: c00440385cf9f3d142917c63f989e244 C:\Windows\System32\Drivers\DRVMCDB.SYS MD5: ffc371525aa55d1bae18715ebcb8797c C:\Windows\System32\Drivers\DRVNDDM.SYS MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys MD5: 908ed85b7806e8af3af5e9b74f7809d4 C:\Windows\system32\DRIVERS\e1e6032.sys MD5: 6d2350bb6e77e800fc4be4e5b7a2e89a C:\Windows\system32\DRIVERS\HSX_CNXT.sys MD5: 53229dcf431d76434816cd29251168a0 C:\Windows\system32\DRIVERS\HSX_DPV.sys MD5: 31f949d452201f2f0af0c88d7db512cd C:\Windows\system32\DRIVERS\HSXHWAZL.sys MD5: e9f704ca833bd24bfaa3b4a59707633a C:\Windows\system32\drivers\iastor.sys MD5: 5f43e40c46d98e5e1e7d8a77d7bbf738 C:\Windows\system32\DRIVERS\igdkmd32.sys MD5: b7a420e4b137176234272d5ca9d51a49 C:\Windows\System32\Drivers\IntelDH.sys MD5: 1c60617d54bc9f035671a44b75d9f7cc C:\Windows\system32\drivers\intelide.sys MD5: 2f8ece2699e7e2070545e9b0960a8ed2 C:\Windows\system32\drivers\isapnp.sys MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys MD5: d4a3c7c580c4ccb5c06f2ada933ad507 C:\Windows\system32\DRIVERS\mrxsmb10.sys MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys MD5: f0ec3a4e0693a34b148723b4da31668c C:\Windows\system32\drivers\msahci.sys MD5: acc8d7fc0da793450f5f257d9ce4ff75 C:\Windows\system32\DRIVERS\nmsgopro.sys MD5: 64fa28c15dd71a80bef3527e1ef07df6 C:\Windows\system32\DRIVERS\nmsunidr.sys MD5: 055081fd5076401c1ee1bcab08d81911 C:\Windows\system32\drivers\nv_agp.sys MD5: 20b869152448f80ac49cf10264e91f5e C:\Windows\system32\drivers\pciide.sys MD5: 1656739ea9759ef1c3adc6f73e89d070 C:\Windows\system32\DRIVERS\PSINAflt.sys MD5: 072a5c1983b85504239c307d41d741be C:\Windows\system32\DRIVERS\PSINFile.sys MD5: f778579e0b47f0027cce47da1a64ef88 C:\Windows\system32\DRIVERS\psinknc.sys MD5: 0fb3436762e672800eb1c0578ac379c8 C:\Windows\system32\DRIVERS\PSINProc.sys MD5: 7534273ca15900cdd1c3b392dd6b595b C:\Windows\system32\DRIVERS\PSINProt.sys MD5: 36cf3653d367cbc72a38625543f3d4d1 C:\Windows\system32\Drivers\PzWDM.sys MD5: 0245418224cfa77bf4b41c2fe0622258 C:\Windows\system32\drivers\rdpdr.sys MD5: 103b79418da647736ee95645f305f68a C:\Windows\system32\drivers\sffdisk.sys MD5: 9cfa05fcfcb7124e69cfc812b72f9614 C:\Windows\system32\drivers\sffp_sd.sys MD5: 08072b2fb92477fc813271a84b3a8698 C:\Windows\system32\drivers\sisagp.sys MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys MD5: 9cea131b5eb0ea653f6b3ea80b54956d C:\Windows\system32\drivers\stwrt.sys MD5: 6a10afce0b38371064be41c1fbfd3c6b C:\Windows\System32\drivers\tcpip.sys MD5: 9bf343f4c878d6ad6922b2c5a4fefe0d C:\Windows\System32\drivers\tcpipreg.sys MD5: 6d72ef05921abdf59fc45c7ebfe7e8dd C:\Windows\system32\drivers\uliagpkx.sys MD5: d5929a28bdff4367a12caf06af901971 C:\Windows\system32\drivers\viaagp.sys MD5: 58c8d5ac5c3eef40e7e704a5ced7987d C:\Windows\system32\drivers\viaide.sys MD5: 701a9f884a294327e9141d73746ee279 C:\Windows\system32\drivers\wmiacpi.sys MD5: 28dc5d626e036a75a572556f0a6eb1f6 C:\Windows\System32\drivers\XAudio.exe MD5: 5a7ff9a18ff6d7e0527fe3abf9204ef8 C:\Windows\system32\DRIVERS\xaudio.sys MD5: b68fcc1f8684ab3ec4be4d0a2537d26d C:\Windows\system32\Dxtmsft.dll MD5: d12feb0e3ea6063a65a5498ed90fd790 C:\Windows\system32\Dxtrans.dll MD5: b8a21907fe2f1a113f3487d9ab60bef9 C:\Windows\system32\en-us\tQuery.dll.mui MD5: 8ce364388c8eca59b14b539179276d44 c:\windows\system32\fntcache.dll MD5: 99274a29864c8e727c046bc7bebce338 C:\Windows\System32\hccutils.DLL MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp MD5: f31d1e104c3ee503fd4b94affe2247d5 C:\Windows\System32\hkcmd.exe MD5: 0c84b6affa7486422235584110d7176f c:\windows\system32\ICAAPI.dll MD5: dca3fa9f9dd103dc39c24c85ef073db1 C:\Windows\system32\ICMP.DLL MD5: 4276f2942def2b726438da0498d65e95 C:\Windows\system32\ieapfltr.dll MD5: af3db1d3ac2ab52f910b2102447e3564 C:\Windows\system32\ieframe.dll MD5: 27e1ca843b86852f3208d322d0bbfc5d C:\Windows\system32\iepeers.dll MD5: 6419081f0f15cb860458515d1a52d560 C:\Windows\system32\iertutil.dll MD5: 1d21439053aee6641941bc63cba18e9b C:\Windows\system32\IEUI.dll MD5: 66888fb49915359980404c67303d95df C:\Windows\system32\igdumd32.dll MD5: 084df30d0f1e2d5b9186b249df728ea1 C:\Windows\system32\igfxdev.dll MD5: 62f5a5462a2d80ec33324445261cf2a7 C:\Windows\System32\igfxpers.exe MD5: 6d9d38ea7cdcb8fdd202340efd298452 C:\Windows\System32\igfxres.dll MD5: b6934fe42f355d3eabb0842452855d15 C:\Windows\System32\igfxress.dll MD5: aca64707db3436b7493d978a6002a0e0 C:\Windows\system32\igfxsrvc.dll MD5: d478378b69fb0ebcafee488b4bed620f C:\Windows\system32\igfxTMM.dll MD5: 9fc01591581597b73970e548b4d2c6e6 C:\Windows\System32\igfxtray.exe MD5: 5a005676a0252fbafec8f68162eb9f88 C:\Windows\system32\ImgUtil.dll MD5: 612c998879796b01b10961413e1bbb53 C:\Windows\system32\jscript.dll MD5: 574b473facaa0e91702b86578440b525 C:\Windows\system32\kernel32.dll MD5: 953193a9dea40348c1086d171f6440ae C:\Windows\system32\kmddsp.tsp MD5: ca0b849566776a17f35f0339be17dfd9 c:\windows\system32\ktmw32.dll MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll MD5: b17d18fd6594aaa25cbc95e799b1bf40 C:\Windows\system32\logon.scr MD5: 21a67095edc11a528f5434d28bb0ef3c C:\Windows\system32\Macromed\Flash\NPSWF32.dll MD5: d9963d39f6711e9a1c14c939c3a25605 C:\Windows\system32\MdmXSdk.dll MD5: 67d16247c56c26a4f0d79d1a7f272b8f C:\Windows\system32\MF.dll MD5: 1b593fbb763150bd225df266c69a9329 C:\Windows\system32\MFC42u.DLL MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Windows\system32\MFC71.DLL MD5: bf142d4f8c61ed3629a9cdd7ba867900 C:\Windows\system32\MFPlat.DLL MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll MD5: 2e837f3d406224df131c34bc8f71621e C:\Windows\system32\modemui.dll MD5: 56e315acfb08a177b4d01e42b9044db5 C:\Windows\System32\MPRAPI.dll MD5: 82e9a1e0bac666c4a8b6d45ec807abd6 C:\Windows\system32\msfeedssync.exe MD5: c062788870af39afbc3b5645e1381559 C:\Windows\system32\mshtml.dll MD5: c7e27483d9a6b36ee6d544fb97721196 C:\Windows\system32\mshtmled.dll MD5: aab5feaabf4cb6f76d794203831c8d94 C:\Windows\system32\Msidle.dll MD5: f3ebda850cc141768498decaad513299 C:\Windows\system32\msls31.dll MD5: 5e41139ec6efbcaffd96d46925e544ab c:\windows\system32\mspatcha.dll MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll MD5: ff41e1ac301f51e16f61ad7c0f45467c C:\Windows\System32\msshsq.dll MD5: 2fa16465f64db54b1f7f511395eb4fd7 C:\Windows\system32\NCObjAPI.DLL MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b c:\windows\system32\ncsi.dll MD5: 2f6776acefe41ee889c464ea407918f2 C:\Windows\system32\ndptsp.tsp MD5: 6bc5fcef351e4cb5a269c1e84b5a06da C:\Windows\system32\netcfgx.dll MD5: 95daecf0fb120a7b5da679cc54e37dde C:\Windows\system32\netlogon.dll MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\System32\NETRAP.dll MD5: daf60e13e96ecb67f0edaa89c6b01b8d C:\Windows\System32\notepad.exe MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd c:\windows\system32\nsisvc.dll MD5: 708fb84003732e220c23cdf207f5a329 C:\Windows\system32\ntdll.dll MD5: 862363973dcbcc31dd161ef41a69153c C:\Windows\system32\ODBC32.dll MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll MD5: de4cd76c254e143f40e62952788d3be7 C:\Windows\system32\OLEAUT32.dll MD5: f0062778f50838145ac46b384ffb4fa3 C:\Windows\system32\pcadm.dll MD5: b8d3bf818defe1da9a754f214e528221 C:\Windows\system32\pngfilt.dll MD5: e340845c8e96d107c36420065d7a5733 C:\Windows\system32\printcom.dll MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll MD5: 2dd6af8e97f59c9d39329bbc2a81f13f C:\Windows\System32\RASDLG.dll MD5: 88225070dd2f7b0b2ed51e7935078641 C:\Windows\system32\RASQEC.DLL MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b C:\Windows\system32\RESUTILS.DLL MD5: 2ab58991862153a248779174d4e4212b C:\Windows\system32\schannel.dll MD5: 1a58069db21d05eb2ab58ee5753ebe8d c:\windows\system32\schedsvc.dll MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\system32\SHDOCVW.dll MD5: 33ae914c24f546aabf281ba7b138186d C:\Windows\system32\SHELL32.dll MD5: 9176285122b7b849fec2aa1b72a8f7a8 C:\Windows\system32\SHLWAPI.dll MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\system32\SHSVCS.dll MD5: 2acfdc2ed5fadf18f8f1f7429a4c82fa C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAR0MUI_D80D7.DLL MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe MD5: bf7e4d6f60a6d9e866432855c6f8c262 c:\windows\system32\sqmapi.dll MD5: 1bf5eebfd518dd7298434d8c862f825d c:\windows\system32\srvsvc.dll MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL MD5: 0486b27a7a31edfa9f92a7f6bbc964e5 C:\Windows\system32\stapi32.dll MD5: 365828e555e9479246efd9090c41c2d7 C:\Windows\System32\sti.dll MD5: ed3f7b4548a13561278bf6018d1364a0 C:\Windows\system32\STLang.dll MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll MD5: 2a6a2c09ecc2cb495628e45f1379ece8 C:\Windows\system32\taskcomp.dll MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll MD5: 8a38b5e8493a9d103083b8620ac5f3a1 C:\Windows\System32\tdh.dll MD5: f8873d15018f411588bec02c1725bada C:\Windows\system32\tspkg.dll MD5: 47cdc7491a3dc236dde63bc355d558c9 C:\Windows\System32\udcpm.dll MD5: 0b71899e60d1265229bf3d080eab573d C:\Windows\system32\unimdmat.dll MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll MD5: 9188e90d47ba1e68e90c450473fadf5f C:\Windows\system32\urlmon.dll MD5: 0bf0bb276f17b6ad61a8694d2551ec28 C:\Windows\System32\usbmon.dll MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll MD5: 6309ca81cce581628250f86d50fa4979 C:\Windows\system32\vbscript.dll MD5: dc3ae9f1554dcd97f90983ddbdacd83d C:\Windows\system32\vsstrace.dll MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll MD5: e7d0f91e44d9d3b2116fa549bdcdb756 c:\windows\system32\WDSCORE.dll MD5: 0745d6ead386710110817fbec03f5161 C:\Windows\system32\wfapigp.dll MD5: 65283279d4ede387c988f8b753c8f7e5 C:\Windows\system32\wiadss.dll MD5: 73fe2e5fa55088a241aa2732f5d387d6 C:\Windows\system32\wiarpc.dll MD5: 17413ef7d95632d892b4c914cd7e66f9 C:\Windows\system32\WININET.dll MD5: 101ba3ea053480bb5d957ef37c06b5ed C:\Windows\System32\wininit.exe MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 C:\Windows\system32\WINSPOOL.DRV MD5: 5df01708d214fdc0075ad197f1889557 C:\Windows\system32\winsrv.dll MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll MD5: f1ecec53b9ffc30e123d14e087c49111 C:\Windows\system32\wmdrmdev.dll MD5: 015e99a7634b93e8bb0380c70f3d2cc3 C:\Windows\system32\wmp.dll MD5: 9441a231c0aa0712f7cf3b10d9cfcf76 C:\Windows\system32\wmploc.dll MD5: 648ab74d9c104fb500b6c4eedc6a8772 C:\Windows\system32\wmpmde.dll MD5: 617f9a5813e69f6e9ed94b811ec75396 C:\Windows\System32\wmpps.dll MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll MD5: 1f7002dbb4bf3b45b44bb3551b71805e C:\Windows\system32\WS2_32_Shim.dll MD5: 05c3b38db95ba5585817a4f898ee5581 C:\Windows\System32\wshqos.dll MD5: 399bb52ad0668472717498e97cf28341 c:\windows\system32\WUDFPlatform.dll MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MD5: b5b09091b0e33c396ceec8995515bd41 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll No file uploaded. Scan finished - communication took 2 sec Total traffic - 0.03 MB sent, 2.10 KB recvd Scanned 1137 files and modules - 26 seconds ==============================================================================

ESET came back clean, but the log is only two lines long. Not sure if when opening the .txt with Open Office to copy and paste here is causing that? I'll be away from the PC in question until Monday, so I'll need to pick this up again then. Thanks again for all your help ... enjoy the weekend. Frank

Complete Combofix log below - Combofix did update. PC still running fine, no redirects. Thanks again .... ComboFix 11-08-03.03 - Frank Catena 08/04/2011 8:02.4.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.1183 [GMT -4:00] Running from: c:\users\Frank Catena\Desktop\ComboFix.exe AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_72731489 . . ((((((((((((((((((((((((( Files Created from 2011-07-04 to 2011-08-04 ))))))))))))))))))))))))))))))) . . 2011-08-04 12:09 . 2011-08-04 12:09 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2011-08-04 12:09 . 2011-08-04 12:09 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2011-08-04 12:09 . 2011-08-04 12:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-02 12:21 . 2011-07-20 13:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA7F00FB-844F-4EDC-89FE-8A758BE3FCEC}\mpengine.dll 2011-07-27 14:24 . 2011-07-27 14:24 -------- d-----w- c:\users\Frank Catena\AppData\Roaming\Panda Security 2011-07-27 14:23 . 2011-07-27 14:23 -------- d-----w- c:\users\Frank Catena\AppData\Local\panda2_0dn 2011-07-27 14:23 . 2011-08-04 11:57 -------- d-----w- c:\programdata\Panda Security URL Filtering 2011-07-27 14:22 . 2011-07-27 14:22 -------- d-----w- c:\programdata\Panda Security 2011-07-27 14:22 . 2011-08-03 11:52 -------- d-----w- c:\program files\Panda Security 2011-07-23 16:06 . 2011-07-26 12:16 0 ----a-w- c:\users\Frank Catena\AppData\Local\Blonohofafahi.bin 2011-07-21 01:12 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2011-07-13 12:38 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-07-13 12:38 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-07-13 12:38 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-07-05 16:12 . 2011-07-05 16:12 143624 ----a-w- c:\windows\system32\drivers\PSINAflt.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-27 17:00 . 2010-05-18 14:40 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-06 23:52 . 2011-03-04 19:08 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 23:52 . 2011-03-04 19:08 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-22 13:00 . 2011-05-26 12:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-24 23:14 . 2010-03-18 12:28 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-06-22 12:57 . 2011-03-28 14:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-31 17:55 . 2009-11-16 22:12 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2011-04-14 18:01 . 2010-07-05 21:11 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-05-17 17:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-02-09 98304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-09 106496] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-02-09 81920] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920] "CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744] "NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2006-09-26 423424] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-31 30192] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 17920] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "MBBalloon"="c:\program files\HOTALBUMMyBOX\MBBalloon.exe" [2007-11-30 789144] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616] "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-05-17 231592] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-3-12 50688] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-31 30192] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 PzWDM;PzWDM;c:\windows\system32\Drivers\PzWDM.sys [2008-08-25 15172] S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2011-04-28 126024] S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-08-03 43912] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-10-29 208896] S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608] S2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\DRIVERS\nmsgopro.sys [2006-09-27 28672] S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [2006-10-19 7424] S2 NPWService;NPWService;c:\program files\Generic\Network Printer Wizard\NPWService.exe [2009-01-15 462848] S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2011-07-05 143624] S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2011-04-28 99400] S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2011-04-28 111176] S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2011-04-28 112712] S3 IntelDH;IntelDH Driver;c:\windows\system32\Drivers\IntelDH.sys [2007-03-12 5504] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2011-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2627265198-3619167298-3848510191-1001Core.job - c:\users\Frank Catena\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-18 01:40] . 2011-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2627265198-3619167298-3848510191-1001UA.job - c:\users\Frank Catena\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-18 01:40] . 2011-08-03 c:\windows\Tasks\User_Feed_Synchronization-{B68EAEE2-B409-448E-8067-96E6B3FF8C8D}.job - c:\windows\system32\msfeedssync.exe [2008-09-20 07:33] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070312 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com Trusted Zone: turbotax.com TCP: DhcpNameServer = 192.168.1.1 DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} - hxxps://ssl.verizonbusiness.com/nortel_cacheable/NetDirect.cab FF - ProfilePath - c:\users\Frank Catena\AppData\Roaming\Mozilla\Firefox\Profiles\ko4ujyl7.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p= FF - user.js: yahoo.homepage.dontask - true . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-08-04 08:09 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(3704) c:\programdata\Panda Security URL Filtering\panda_url_filtering.dll . Completion time: 2011-08-04 08:11:44 ComboFix-quarantined-files.txt 2011-08-04 12:11 ComboFix2.txt 2011-08-03 12:21 ComboFix3.txt 2011-08-02 13:26 . Pre-Run: 150,529,662,976 bytes free Post-Run: 150,504,095,744 bytes free . - - End Of File - - 3578B4C2D8D74097F0DD0AE0C733BDDE

Just checked the .txt - that is the complete report. The machine did an auto reboot at the end of the combofix run, not sure if that caused the truncation? Should I rerun Combofix? Machine appears back to normal - no redirects Thanks, Frank

Thanks ... Here's the combofix log - Frank C:\combofixComboFix 11-08-03.02 - Frank Catena 08/03/2011 13:38:17.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.1175 [GMT -4:00] Running from: C:\Users\Frank Catena\Desktop\ComboFix.exe Command switches used :: C:\Users\Frank Catena\Desktop\CFScript.txt AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "C:\Windows\System32\Drivers\72731489.sys"

I thought you would say that ...Rebooted and all is fine. Will have the .txt posted in a bit. Different crisis to attend to now ,,, Thanks ,,, Frank

Thanks for the reply ...A bit of a problem ... Having to reply from a different computer. Deleted toolbar and I ran combofix again. When I try to launch a browser to send the info Firefox pops a warning that says "c:\program files\Mozilla Firefox\firefox.exe Illegal operation attempted on a registry key that has been marked for deletion" Frank

D-FRED-BROWN - Thanks for your help ... Computer performance was not effected by the redirect. The redirects only happened maybe 25% of the time. The logs you requested are below ... I appreciate your help. 2011/08/02 08:58:05.0722 5672 TDSS rootkit removing tool 2.5.13.0 Jul 29 2011 17:24:11 2011/08/02 08:58:06.0006 5672 ================================================================================ 2011/08/02 08:58:06.0006 5672 SystemInfo: 2011/08/02 08:58:06.0006 5672 2011/08/02 08:58:06.0006 5672 OS Version: 6.0.6002 ServicePack: 2.0 2011/08/02 08:58:06.0006 5672 Product type: Workstation 2011/08/02 08:58:06.0006 5672 ComputerName: FRANKCATENA-PC 2011/08/02 08:58:06.0007 5672 UserName: Frank Catena 2011/08/02 08:58:06.0007 5672 Windows directory: C:\Windows 2011/08/02 08:58:06.0007 5672 System windows directory: C:\Windows 2011/08/02 08:58:06.0007 5672 Processor architecture: Intel x86 2011/08/02 08:58:06.0007 5672 Number of processors: 2 2011/08/02 08:58:06.0007 5672 Page size: 0x1000 2011/08/02 08:58:06.0007 5672 Boot type: Normal boot 2011/08/02 08:58:06.0007 5672 ================================================================================ 2011/08/02 08:58:06.0550 5672 Initialize success 2011/08/02 08:58:15.0558 5744 ================================================================================ 2011/08/02 08:58:15.0558 5744 Scan started 2011/08/02 08:58:15.0558 5744 Mode: Manual; 2011/08/02 08:58:15.0558 5744 ================================================================================ 2011/08/02 08:58:16.0198 5744 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/08/02 08:58:16.0282 5744 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/08/02 08:58:16.0371 5744 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/08/02 08:58:16.0439 5744 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/08/02 08:58:16.0494 5744 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/08/02 08:58:16.0586 5744 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/08/02 08:58:16.0640 5744 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys 2011/08/02 08:58:16.0701 5744 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/08/02 08:58:16.0755 5744 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys 2011/08/02 08:58:16.0805 5744 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys 2011/08/02 08:58:16.0840 5744 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys 2011/08/02 08:58:16.0884 5744 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/08/02 08:58:16.0932 5744 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/08/02 08:58:16.0985 5744 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/08/02 08:58:17.0049 5744 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/08/02 08:58:17.0142 5744 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/02 08:58:17.0182 5744 atapi (a779ca2c76da4fcb595e692c05e8e4eb) C:\Windows\system32\drivers\atapi.sys 2011/08/02 08:58:17.0298 5744 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/08/02 08:58:17.0360 5744 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/02 08:58:17.0415 5744 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/08/02 08:58:17.0459 5744 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/08/02 08:58:17.0520 5744 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/08/02 08:58:17.0583 5744 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/08/02 08:58:17.0630 5744 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/08/02 08:58:17.0654 5744 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/08/02 08:58:17.0702 5744 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/08/02 08:58:17.0763 5744 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/02 08:58:17.0813 5744 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/08/02 08:58:17.0861 5744 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/08/02 08:58:17.0914 5744 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/08/02 08:58:17.0969 5744 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys 2011/08/02 08:58:18.0010 5744 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 2011/08/02 08:58:18.0051 5744 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/08/02 08:58:18.0106 5744 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/08/02 08:58:18.0193 5744 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/08/02 08:58:18.0301 5744 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/08/02 08:58:18.0373 5744 DLABMFSM (a53723176d0002feb486eff8e17812f2) C:\Windows\system32\DLA\DLABMFSM.SYS 2011/08/02 08:58:18.0407 5744 DLABOIOM (d4587063acea776699251e177d719586) C:\Windows\system32\DLA\DLABOIOM.SYS 2011/08/02 08:58:18.0479 5744 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS 2011/08/02 08:58:18.0538 5744 DLADResM (c950c2e7b9ed1a4fc4a2ac7ec044f1d6) C:\Windows\system32\DLA\DLADResM.SYS 2011/08/02 08:58:18.0568 5744 DLAIFS_M (24400137e387a24410c52a591f3cfb4d) C:\Windows\system32\DLA\DLAIFS_M.SYS 2011/08/02 08:58:18.0620 5744 DLAOPIOM (29a303feceb28641ecebdae89eb71c63) C:\Windows\system32\DLA\DLAOPIOM.SYS 2011/08/02 08:58:18.0643 5744 DLAPoolM (c93e33a22a1ae0c5508f3fb1f6d0a50c) C:\Windows\system32\DLA\DLAPoolM.SYS 2011/08/02 08:58:18.0699 5744 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS 2011/08/02 08:58:18.0733 5744 DLAUDFAM (b953498c35a31e5ac98f49adbcf3e627) C:\Windows\system32\DLA\DLAUDFAM.SYS 2011/08/02 08:58:18.0787 5744 DLAUDF_M (4897704c093c1f59ce58fc65e1e1ef1e) C:\Windows\system32\DLA\DLAUDF_M.SYS 2011/08/02 08:58:18.0906 5744 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/08/02 08:58:18.0964 5744 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\Windows\system32\Drivers\DRVMCDB.SYS 2011/08/02 08:58:18.0980 5744 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS 2011/08/02 08:58:19.0053 5744 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys 2011/08/02 08:58:19.0114 5744 dsunidrv (64fa28c15dd71a80bef3527e1ef07df6) C:\Program Files\DellSupport\Drivers\dsunidrv.sys 2011/08/02 08:58:19.0216 5744 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/02 08:58:19.0355 5744 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys 2011/08/02 08:58:19.0431 5744 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/08/02 08:58:19.0498 5744 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/08/02 08:58:19.0553 5744 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/08/02 08:58:19.0660 5744 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/08/02 08:58:19.0702 5744 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/08/02 08:58:19.0782 5744 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/02 08:58:19.0867 5744 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/08/02 08:58:19.0902 5744 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/08/02 08:58:19.0956 5744 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/02 08:58:20.0017 5744 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/08/02 08:58:20.0095 5744 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/02 08:58:20.0155 5744 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/08/02 08:58:20.0261 5744 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/08/02 08:58:20.0331 5744 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/08/02 08:58:20.0380 5744 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/08/02 08:58:20.0407 5744 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/08/02 08:58:20.0444 5744 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/02 08:58:20.0483 5744 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/08/02 08:58:20.0545 5744 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys 2011/08/02 08:58:20.0610 5744 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 2011/08/02 08:58:20.0656 5744 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/08/02 08:58:20.0696 5744 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/08/02 08:58:20.0790 5744 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/08/02 08:58:20.0867 5744 iaStor (e9f704ca833bd24bfaa3b4a59707633a) C:\Windows\system32\drivers\iastor.sys 2011/08/02 08:58:20.0916 5744 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/08/02 08:58:20.0994 5744 igfx (5f43e40c46d98e5e1e7d8a77d7bbf738) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/08/02 08:58:21.0058 5744 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/08/02 08:58:21.0128 5744 IntelDH (b7a420e4b137176234272d5ca9d51a49) C:\Windows\system32\Drivers\IntelDH.sys 2011/08/02 08:58:21.0180 5744 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys 2011/08/02 08:58:21.0224 5744 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/02 08:58:21.0326 5744 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/02 08:58:21.0398 5744 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/08/02 08:58:21.0455 5744 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/08/02 08:58:21.0498 5744 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/08/02 08:58:21.0536 5744 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys 2011/08/02 08:58:21.0595 5744 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/08/02 08:58:21.0661 5744 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/08/02 08:58:21.0762 5744 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/08/02 08:58:21.0820 5744 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/08/02 08:58:21.0854 5744 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/08/02 08:58:21.0919 5744 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/02 08:58:21.0988 5744 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/02 08:58:22.0069 5744 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/08/02 08:58:22.0132 5744 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/08/02 08:58:22.0199 5744 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/08/02 08:58:22.0261 5744 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/08/02 08:58:22.0347 5744 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2011/08/02 08:58:22.0403 5744 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/08/02 08:58:22.0471 5744 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/08/02 08:58:22.0539 5744 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/02 08:58:22.0583 5744 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/08/02 08:58:22.0603 5744 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/02 08:58:22.0651 5744 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/08/02 08:58:22.0741 5744 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/08/02 08:58:22.0823 5744 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/02 08:58:22.0897 5744 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/08/02 08:58:22.0938 5744 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/08/02 08:58:22.0978 5744 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/02 08:58:23.0004 5744 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/02 08:58:23.0033 5744 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/02 08:58:23.0087 5744 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys 2011/08/02 08:58:23.0125 5744 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/08/02 08:58:23.0223 5744 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/08/02 08:58:23.0296 5744 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/08/02 08:58:23.0362 5744 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/02 08:58:23.0443 5744 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/02 08:58:23.0502 5744 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/08/02 08:58:23.0561 5744 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/08/02 08:58:23.0633 5744 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/08/02 08:58:23.0690 5744 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/08/02 08:58:23.0720 5744 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/08/02 08:58:23.0785 5744 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/02 08:58:23.0850 5744 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/08/02 08:58:23.0920 5744 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/02 08:58:23.0957 5744 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/02 08:58:24.0013 5744 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/02 08:58:24.0061 5744 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/08/02 08:58:24.0124 5744 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/02 08:58:24.0202 5744 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/02 08:58:24.0271 5744 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/08/02 08:58:24.0352 5744 nmsgopro (acc8d7fc0da793450f5f257d9ce4ff75) C:\Windows\system32\DRIVERS\nmsgopro.sys 2011/08/02 08:58:24.0371 5744 nmsunidr (64fa28c15dd71a80bef3527e1ef07df6) C:\Windows\system32\DRIVERS\nmsunidr.sys 2011/08/02 08:58:24.0408 5744 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/08/02 08:58:24.0470 5744 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/02 08:58:24.0530 5744 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/08/02 08:58:24.0585 5744 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/08/02 08:58:24.0627 5744 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/08/02 08:58:24.0661 5744 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2011/08/02 08:58:24.0707 5744 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2011/08/02 08:58:24.0761 5744 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys 2011/08/02 08:58:24.0895 5744 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/08/02 08:58:24.0946 5744 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/08/02 08:58:25.0000 5744 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/08/02 08:58:25.0041 5744 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/08/02 08:58:25.0101 5744 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/08/02 08:58:25.0137 5744 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys 2011/08/02 08:58:25.0177 5744 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/08/02 08:58:25.0228 5744 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/08/02 08:58:25.0379 5744 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/02 08:58:25.0428 5744 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/08/02 08:58:25.0499 5744 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/02 08:58:25.0532 5744 PSINAflt (1656739ea9759ef1c3adc6f73e89d070) C:\Windows\system32\DRIVERS\PSINAflt.sys 2011/08/02 08:58:25.0565 5744 PSINFile (072a5c1983b85504239c307d41d741be) C:\Windows\system32\DRIVERS\PSINFile.sys 2011/08/02 08:58:25.0597 5744 PSINKNC (f778579e0b47f0027cce47da1a64ef88) C:\Windows\system32\DRIVERS\psinknc.sys 2011/08/02 08:58:25.0635 5744 PSINProc (0fb3436762e672800eb1c0578ac379c8) C:\Windows\system32\DRIVERS\PSINProc.sys 2011/08/02 08:58:25.0675 5744 PSINProt (7534273ca15900cdd1c3b392dd6b595b) C:\Windows\system32\DRIVERS\PSINProt.sys 2011/08/02 08:58:25.0724 5744 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys 2011/08/02 08:58:25.0795 5744 PzWDM (36cf3653d367cbc72a38625543f3d4d1) C:\Windows\system32\Drivers\PzWDM.sys 2011/08/02 08:58:25.0869 5744 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/08/02 08:58:25.0923 5744 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/08/02 08:58:26.0023 5744 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/02 08:58:26.0141 5744 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/02 08:58:26.0256 5744 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/02 08:58:26.0314 5744 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/02 08:58:26.0378 5744 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/02 08:58:26.0420 5744 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/02 08:58:26.0461 5744 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/02 08:58:26.0518 5744 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/02 08:58:26.0576 5744 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys 2011/08/02 08:58:26.0597 5744 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/02 08:58:26.0651 5744 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/08/02 08:58:26.0744 5744 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/02 08:58:26.0795 5744 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/08/02 08:58:26.0884 5744 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/02 08:58:26.0935 5744 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/08/02 08:58:26.0981 5744 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/08/02 08:58:27.0037 5744 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/08/02 08:58:27.0099 5744 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 2011/08/02 08:58:27.0124 5744 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/02 08:58:27.0183 5744 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/02 08:58:27.0206 5744 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/08/02 08:58:27.0238 5744 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys 2011/08/02 08:58:27.0266 5744 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/08/02 08:58:27.0333 5744 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/08/02 08:58:27.0446 5744 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/08/02 08:58:27.0500 5744 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/08/02 08:58:27.0565 5744 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/08/02 08:58:27.0625 5744 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/02 08:58:27.0694 5744 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/02 08:58:27.0792 5744 STHDA (9cea131b5eb0ea653f6b3ea80b54956d) C:\Windows\system32\drivers\stwrt.sys 2011/08/02 08:58:27.0866 5744 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/08/02 08:58:27.0921 5744 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/08/02 08:58:27.0960 5744 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/08/02 08:58:27.0998 5744 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/08/02 08:58:28.0087 5744 Tcpip (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\drivers\tcpip.sys 2011/08/02 08:58:28.0171 5744 Tcpip6 (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/02 08:58:28.0209 5744 tcpipreg (9bf343f4c878d6ad6922b2c5a4fefe0d) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/02 08:58:28.0248 5744 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/08/02 08:58:28.0304 5744 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/08/02 08:58:28.0368 5744 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/02 08:58:28.0401 5744 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/08/02 08:58:28.0523 5744 TSHWMDTCP (3f6dc449398b21c213dcdd18f460df72) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys 2011/08/02 08:58:28.0625 5744 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/02 08:58:28.0681 5744 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/08/02 08:58:28.0723 5744 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/02 08:58:28.0770 5744 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/08/02 08:58:28.0827 5744 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/02 08:58:28.0882 5744 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/02 08:58:28.0930 5744 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/08/02 08:58:28.0963 5744 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/08/02 08:58:29.0002 5744 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/08/02 08:58:29.0037 5744 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/08/02 08:58:29.0092 5744 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/02 08:58:29.0131 5744 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/08/02 08:58:29.0173 5744 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/02 08:58:29.0236 5744 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/02 08:58:29.0282 5744 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/08/02 08:58:29.0334 5744 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/02 08:58:29.0375 5744 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/08/02 08:58:29.0420 5744 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/02 08:58:29.0467 5744 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/02 08:58:29.0547 5744 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/02 08:58:29.0603 5744 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/08/02 08:58:29.0645 5744 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys 2011/08/02 08:58:29.0717 5744 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/08/02 08:58:29.0755 5744 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys 2011/08/02 08:58:29.0796 5744 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/08/02 08:58:29.0860 5744 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/08/02 08:58:29.0921 5744 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/08/02 08:58:29.0978 5744 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/08/02 08:58:30.0052 5744 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/08/02 08:58:30.0120 5744 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/02 08:58:30.0136 5744 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/02 08:58:30.0197 5744 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/08/02 08:58:30.0249 5744 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/02 08:58:30.0316 5744 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 2011/08/02 08:58:30.0465 5744 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/02 08:58:30.0542 5744 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/08/02 08:58:30.0618 5744 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/02 08:58:30.0736 5744 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/02 08:58:30.0787 5744 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys 2011/08/02 08:58:30.0829 5744 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/08/02 08:58:30.0860 5744 Boot (0x1200) (c91a89ad6d781c51898a11818323f073) \Device\Harddisk0\DR0\Partition0 2011/08/02 08:58:30.0866 5744 Boot (0x1200) (fa0216b005036c9d0192877771dcaef2) \Device\Harddisk0\DR0\Partition1 2011/08/02 08:58:30.0878 5744 ================================================================================ 2011/08/02 08:58:30.0878 5744 Scan finished 2011/08/02 08:58:30.0878 5744 ================================================================================ 2011/08/02 08:58:30.0893 5680 Detected object count: 0 2011/08/02 08:58:30.0894 5680 Actual detected object count: 0 ComboFix 11-08-02.02 - Frank Catena 08/02/2011 9:10.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.859 [GMT -4:00] Running from: c:\users\Frank Catena\Downloads\ComboFix.exe AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Frank Catena\AppData\Local\{06AFED68-4C11-4B9F-BBBE-9796DEEE33DF} c:\users\Frank Catena\AppData\Local\{06AFED68-4C11-4B9F-BBBE-9796DEEE33DF}\chrome.manifest c:\users\Frank Catena\AppData\Local\{06AFED68-4C11-4B9F-BBBE-9796DEEE33DF}\chrome\content\_cfg.js c:\users\Frank Catena\AppData\Local\{06AFED68-4C11-4B9F-BBBE-9796DEEE33DF}\chrome\content\overlay.xul c:\users\Frank Catena\AppData\Local\{06AFED68-4C11-4B9F-BBBE-9796DEEE33DF}\install.rdf c:\users\Frank Catena\AppData\Roaming\Microsoft\Windows\Recent\Girlfriends SEPT-10.xls.URL c:\users\Frank Catena\GoToAssistDownloadHelper.exe . . ((((((((((((((((((((((((( Files Created from 2011-07-02 to 2011-08-02 ))))))))))))))))))))))))))))))) . . 2011-08-02 13:18 . 2011-08-02 13:18 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2011-08-02 13:18 . 2011-08-02 13:18 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2011-08-02 13:18 . 2011-08-02 13:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-02 12:21 . 2011-07-20 13:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA7F00FB-844F-4EDC-89FE-8A758BE3FCEC}\mpengine.dll 2011-07-27 14:24 . 2011-07-27 14:24 -------- d-----w- c:\users\Frank Catena\AppData\Roaming\Panda Security 2011-07-27 14:23 . 2011-07-27 14:23 -------- d-----w- c:\program files\Toolbar Cleaner 2011-07-27 14:23 . 2011-07-27 14:23 -------- d-----w- c:\users\Frank Catena\AppData\Local\panda2_0dn 2011-07-27 14:23 . 2011-08-02 12:02 -------- d-----w- c:\programdata\Panda Security URL Filtering 2011-07-27 14:22 . 2011-07-27 14:22 -------- d-----w- c:\programdata\Panda Security 2011-07-27 14:22 . 2011-07-27 14:23 -------- d-----w- c:\program files\Panda Security 2011-07-23 16:06 . 2011-07-26 12:16 0 ----a-w- c:\users\Frank Catena\AppData\Local\Blonohofafahi.bin 2011-07-21 01:12 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2011-07-13 12:38 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-07-13 12:38 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-07-13 12:38 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-07-05 16:12 . 2011-07-05 16:12 143624 ----a-w- c:\windows\system32\drivers\PSINAflt.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-27 17:00 . 2010-05-18 14:40 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-06 23:52 . 2011-03-04 19:08 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 23:52 . 2011-03-04 19:08 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-22 13:00 . 2011-05-26 12:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-24 23:14 . 2010-03-18 12:28 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-06-22 12:57 . 2011-03-28 14:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-31 17:55 . 2009-11-16 22:12 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2011-04-14 18:01 . 2010-07-05 21:11 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2011-06-24 17:37 86696 ----a-w- c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-05-17 17:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-02-09 98304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-09 106496] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-02-09 81920] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920] "CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744] "NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2006-09-26 423424] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-31 30192] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 17920] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "MBBalloon"="c:\program files\HOTALBUMMyBOX\MBBalloon.exe" [2007-11-30 789144] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656] "PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616] "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-05-17 231592] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-3-12 50688] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-31 30192] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 PzWDM;PzWDM;c:\windows\system32\Drivers\PzWDM.sys [2008-08-25 15172] S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2011-04-28 126024] S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2010-08-03 43912] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-10-29 208896] S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608] S2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\DRIVERS\nmsgopro.sys [2006-09-27 28672] S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [2006-10-19 7424] S2 NPWService;NPWService;c:\program files\Generic\Network Printer Wizard\NPWService.exe [2009-01-15 462848] S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2011-07-05 143624] S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2011-04-28 99400] S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2011-04-28 111176] S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2011-04-28 112712] S3 IntelDH;IntelDH Driver;c:\windows\system32\Drivers\IntelDH.sys [2007-03-12 5504] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 72731489 *Deregistered* - 72731489 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2011-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2627265198-3619167298-3848510191-1001Core.job - c:\users\Frank Catena\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-18 01:40] . 2011-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2627265198-3619167298-3848510191-1001UA.job - c:\users\Frank Catena\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-18 01:40] . 2011-08-01 c:\windows\Tasks\User_Feed_Synchronization-{B68EAEE2-B409-448E-8067-96E6B3FF8C8D}.job - c:\windows\system32\msfeedssync.exe [2008-09-20 07:33] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4070312 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com Trusted Zone: turbotax.com TCP: DhcpNameServer = 192.168.1.1 DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6} - hxxps://ssl.verizonbusiness.com/nortel_cacheable/NetDirect.cab FF - ProfilePath - c:\users\Frank Catena\AppData\Roaming\Mozilla\Firefox\Profiles\ko4ujyl7.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p= FF - user.js: yahoo.homepage.dontask - true . - - - - ORPHANS REMOVED - - - - . HKCU-Run-rjwGgQaLHJ.exe - c:\programdata\rjwGgQaLHJ.exe HKLM-Run-UDC Integration - (no file) AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\uninstall_activeX.exe AddRemove-HDMI - c:\windows\system32\igxpun.exe AddRemove-ImageConverter Plus_is1 - c:\program files\ImageConverter Plus\unins000.exe AddRemove-ReaJPEG Pro_is1 - c:\program files\ReaSoft\ReaJPEG Pro\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-08-02 09:23 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2627265198-3619167298-3848510191-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{13ED6092-BEFE-ADFF-8473-15CE3325612D}*] "hahbeifkgigifdpl"=hex:6a,61,6a,63,70,6c,6c,70,69,62,6a,6c,6c,62,62,64,6c,70, 67,69,00,fa "iafaodnmnmiifiaaio"=hex:6a,61,6a,63,70,6c,6c,70,69,62,6a,6c,6c,62,62,64,6c,70, 67,69,00,70 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2011-08-02 09:26:06 ComboFix-quarantined-files.txt 2011-08-02 13:25 . Pre-Run: 149,682,475,008 bytes free Post-Run: 149,821,472,768 bytes free . - - End Of File - - 01AB4C59A9B2998E6F6D24A962BFA041 Results of screen317's Security Check version 0.99.7 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! Panda Cloud Antivirus McAfee Security Scan Plus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Toolbar Cleaner 1.0 Java 6 Update 18 Java 6 Update 26 Java SE Runtime Environment 6 Java 6 Update 3 Java 6 Update 7 Out of date Java installed! Adobe Flash Player 10.3.181.26 Adobe Reader 8.1.3 Japanese Fonts Support For Adobe Reader 8 Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Panda Security Panda Cloud Antivirus PSANHost.exe Panda Security Panda Cloud Antivirus PSUNMain.exe Panda Security Panda Cloud Antivirus PSANToManager.exe Windows Defender MSASCui.exe ``````````End of Log````````````

Hi, I have been seeing occasional browser redirects. Panda AV found a virus about a week ago but the redirects continue. Below is a MB quick scan log and then a DDS.txt Thanks for your help .... Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7324 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 7/31/2011 1:20:19 PM mbam-log-2011-07-31 (13-20-19).txt Scan type: Quick scan Objects scanned: 208751 Time elapsed: 7 minute(s), 11 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26 Run by at 13:21:28 on 2011-07-31 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.632 [GMT -4:00] . AV: Panda Cloud Antivirus *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59} SP: Panda Cloud Antivirus *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Program Files\Intel\IntelDH\CCU\AlertService.exe C:\Windows\system32\atashost.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe C:\Program Files\Generic\Network Printer Wizard\NPWService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Windows\sttray.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe