Might have something?

[chimpy]

Hi I had a warning on my AVG about SkypeSetUp.exe which it removed and healed, I googled a bit and thought little of it as in the past 3-5 months AVG has picked up somethings but all linked to Steam games so nothing to worry about I thought, but decided to make sure my PC was clean and so ran a few scans.

MBAM was clean and I have just ran it again to put up a new one to show you.

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.11.01

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

XXXXXXXX :: XXXXXXXXXX-PC [administrator]

11/01/2012 01:27:09

mbam-log-2012-01-11 (01-27-09).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 205524

Time elapsed: 7 minute(s), 47 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Esetonline was also clean but I decided to run the 60 second quick scan from bitdefender and although that says it is clean something about it tells me otherwise.

I have highlighted the bit in Bold and underlined, it is the IP that the browsers are "connected" to, I googled a few and one came back looking very dodgy, something about a backdoor trojan/worm?

QuickScan 32-bit v0.9.9.103

---------------------------

Scan date: Wed Jan 11 01:18:08 2012

Machine ID: XXXXXXXXXXX

No infection found.

-------------------

Processes

---------

SansaDispatch 2980 C:\Users\panda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

Adobe Acrobat Update Service 660 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

APO Access Service (32-bit) 684 C:\Windows\System32\AERTSrv.exe

AVG Internet Security 5128 C:\Program Files\AVG\AVG10\avgcsrvx.exe

AVG Internet Security 2732 C:\Program Files\AVG\AVG10\avgnsx.exe

AVG Internet Security 2868 C:\Program Files\AVG\AVG10\avgtray.exe

AVG Internet Security 740 C:\Program Files\AVG\AVG10\avgwdsvc.exe

AVG Internet Security 3084 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

AVG Internet Security 464 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

AVG Internet Security 4904 C:\PROGRA~1\AVG\AVG10\avgrsx.exe

AVGIDSMonitor.exe 4352 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

CameraMonitor Application 928 C:\Windows\vsnp2uvc.exe

CommonSDK 1020 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

CommonSDK 304 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

CommonSDK 3892 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

Cyberlink PowerCinema 3912 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

Firefox 4420 C:\Program Files\Mozilla Firefox\firefox.exe

HD Audio Control Panel 3860 C:\Windows\RtHDVCpl.exe

iTunes 4008 C:\Program Files\iPod\bin\iPodService.exe

iTunes 2976 C:\Program Files\iTunes\iTunesHelper.exe

Java Platform SE Auto Updater 2 0 1248 C:\Program Files\Common Files\Java\Java Update\jusched.exe

Microsoft Xbox 360 Accessories 2512 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

Microsoft® CoReXT 2356 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

Microsoft® CoReXT 2568 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

Microsoft® Windows Mobile® Device Cente 3872 C:\Windows\WindowsMobile\wmdc.exe

Microsoft® Windows® Operating System 3248 C:\Windows\explorer.exe

Microsoft® Windows® Operating System 716 C:\Windows\System32\csrss.exe

Microsoft® Windows® Operating System 784 C:\Windows\System32\csrss.exe

Microsoft® Windows® Operating System 3656 C:\Windows\System32\mobsync.exe

Microsoft® Windows® Operating System 816 C:\Windows\System32\services.exe

Microsoft® Windows® Operating System 1452 C:\Windows\System32\SLsvc.exe

Microsoft® Windows® Operating System 432 C:\Windows\System32\smss.exe

Microsoft® Windows® Operating System 1944 C:\Windows\System32\spoolsv.exe

Microsoft® Windows® Operating System 1108 C:\Windows\System32\taskeng.exe

Microsoft® Windows® Operating System 772 C:\Windows\System32\wininit.exe

Microsoft® Windows® Operating System 880 C:\Windows\System32\winlogon.exe

Microsoft® Windows® Operating System 2480 C:\Windows\System32\WUDFHost.exe

MobileDeviceService 720 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

NVIDIA Driver Helper Service, Version 2 1092 C:\Windows\System32\nvvsvc.exe

NVIDIA Driver Helper Service, Version 2 1572 C:\Windows\System32\nvvsvc.exe

NVIDIA Settings 2668 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

NVIDIA User Experience Driver Component 1560 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

Opera Internet Browser 1844 C:\Program Files\Opera\opera.exe

PnkBstrA.exe 1620 C:\Windows\System32\PnkBstrA.exe

Sandboxie 636 C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe

Sandboxie 5336 C:\Program Files\Sandboxie\SandboxieRpcSs.exe

Sandboxie 3128 C:\Program Files\Sandboxie\SbieCtrl.exe

Sandboxie 1600 C:\Program Files\Sandboxie\SbieSvc.exe

Spybot - Search & Destroy 2524 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

Stereo Vision Control Panel API Server 2244 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

Windows® Internet Explorer 5040 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Internet Explorer 2388 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Internet Explorer 5340 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Internet Explorer 5704 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Internet Explorer 5812 C:\Program Files\Internet Explorer\iexplore.exe

Windows® Search 5852 C:\Windows\System32\SearchFilterHost.exe

Windows® Search 1804 C:\Windows\System32\SearchProtocolHost.exe

(verified) Microsoft® Windows® Operating System 2156 C:\Windows\System32\dwm.exe

(verified) Microsoft® Windows® Operating System 832 C:\Windows\System32\lsass.exe

(verified) Microsoft® Windows® Operating System 848 C:\Windows\System32\lsm.exe

(verified) Microsoft® Windows® Operating System 2264 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1048 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1432 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1304 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1284 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 908 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 4032 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1124 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1480 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 4988 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 836 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1980 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1972 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 2296 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1252 C:\Windows\System32\svchost.exe

(verified) Windows® Search 2396 C:\Windows\System32\SearchIndexer.exe

Network activity

----------------

Process opera.exe (1844) connected on port 6667 (IRC) --> 173.203.196.29

Process firefox.exe (4420) connected on port 443 (HTTP over SSL) --> 69.171.227.59

Process iexplore.exe (5040) connected on port 443 (HTTP over SSL) --> 209.85.147.95

Process iexplore.exe (5040) connected on port 443 (HTTP over SSL) --> 209.85.147.95

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.114

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.114

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.160

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 90.223.216.160

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 199.7.48.190 (Found this about that, http://www.threatexpert.com/report.aspx?md5=0004fe2bf4a391acce937e52634b792c but then this site states its VeriSign so I am not sure what to think http://www.ip-adress.com/ip_tracer/199.7.48.190)

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 173.194.34.159

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 199.7.59.190

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 69.63.189.16

Process iexplore.exe (5040) connected on port 80 (HTTP) --> 69.63.189.16

Process iexplore.exe (5812) connected on port 80 (HTTP) --> 90.223.216.113

Process wininit.exe (772) listens on ports: 49152 (RPC)

Process services.exe (816) listens on ports: 49156 (RPC)

Process lsass.exe (832) listens on ports: 49155 (RPC)

Process svchost.exe (1124) listens on ports: 135 (RPC)

Process svchost.exe (1252) listens on ports: 49153 (RPC)

Process svchost.exe (1304) listens on ports: 49154 (RPC)

Process svchost.exe (4032) listens on ports: 990 (FTP over SSL)

Autoruns and critical files

---------------------------

C:\Dell\E-Center\EULALauncher.exe

C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

AVG Internet Security C:\Program Files\AVG\AVG10\avgtray.exe

CameraMonitor Application C:\Windows\vsnp2uvc.exe

CommonSDK C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

Cyberlink PowerCinema C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

HD Audio Control Panel C:\Windows\RtHDVCpl.exe

HostsMan C:\Program Files\HostsMan\hm.exe

HostsServer C:\Program Files\HostsMan\hostssrv.exe

Internet Explorer C:\Program Files\Internet Explorer

iTunes C:\Program Files\iTunes\iTunesHelper.exe

Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe

Macrovision FLEXnet Connect C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

Macrovision FLEXnet Connect C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

Malwarebytes Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

Microsoft Xbox 360 Accessories C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

Microsoft® Windows Mobile® Device Cente C:\Windows\WindowsMobile\wmdc.exe

Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll

SuperAntiSpyware c:\program files\superantispyware\sasseh.dll

SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

Winamp Agent C:\Program Files\Winamp\winampa.exe

Windows® Internet Explorer c:\windows\system32\webcheck.dll

(verified) Google Update C:\Users\panda\AppData\Local\Google\Update\GoogleUpdate.exe

(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Browser plugins

---------------

AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

AVG Internet Security C:\Program Files\AVG\AVG10\avgssie.dll

BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll

Browser Address Error Redirector C:\Program Files\Dell\BAE\BAE.dll

InstallShield C:\Windows\Downloaded Program Files\isetup.dll

InstallShield C:\Windows\Downloaded Program Files\isetup.EXE

Java Deployment Toolkit 6.0.300.12 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

Java Platform SE 6 U30 C:\Program Files\Java\jre6\bin\jp2ssv.dll

Java Platform SE 6 U30 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

Java Platform SE 6 U30 c:\program files\java\jre6\bin\ssv.dll

Macrovision FLEXnet Connect C:\Windows\Downloaded Program Files\isusweb.dll

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL

Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll

NVIDIA 3D Vision C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

QUAKE LIVE C:\ProgramData\id Software\QuakeLive\npquakezero.dll

Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

Unity Player C:\Users\amanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

Winamp Application Detector C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

Windows Live Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

Windows Presentation Foundation C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\Windows\System32\ieframe.dll

(verified) bdscanonline C:\Windows\Downloaded Program Files\oscan82.ocx

(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll

(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe

(verified) ipsupd.dll C:\Windows\Downloaded Program Files\ipsupd.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll

Scan

----

MD5: d6b7814aa0d1412f0ea77845c0af7b51 C:\Dell\E-Center\EULALauncher.exe

MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

MD5: e175a3a80d3626a3eb01a378d758df8c C:\Program Files\AVG\AVG10\avgcclix.dll

MD5: 1e9839fd8f51e4836a219abcbdcbea6b C:\Program Files\AVG\AVG10\avgcertx.dll

MD5: 2f12417827653994c8d5a335da438787 C:\Program Files\AVG\AVG10\avgcfgx.dll

MD5: db359d68d8b5d7e1c0a1961916bba905 C:\Program Files\AVG\AVG10\avgchclx.dll

MD5: 1a3579ecee56c4d4d32204d8c667ca6c C:\Program Files\AVG\AVG10\avgchjwx.dll

MD5: 853ab2f2a2267fe90d1d4e9b0c8cf314 C:\Program Files\AVG\AVG10\avgchsvx.exe

MD5: f71ecab18972467500609a8fa4e98f33 C:\Program Files\AVG\AVG10\avgclitx.dll

MD5: f5f6028248ef336c221bf19519502c0e C:\Program Files\AVG\AVG10\avgcorex.dll

MD5: 2fe694541c5d0d2a874ccc222bbfc7d0 C:\Program Files\AVG\AVG10\avgcsrvx.exe

MD5: 3fa61ef87e49fface4ed58c4f1a98eb1 C:\Program Files\AVG\AVG10\avglogx.dll

MD5: e8a6413ce73fd6c7586f27443a3171c8 C:\Program Files\AVG\AVG10\avgnsx.exe

MD5: e0e0b180cfa3b1a1322ac4aea5ffbebf C:\Program Files\AVG\AVG10\avgrsx.exe

MD5: 6fbfa21869a09ede8f3a2427baebcbdb C:\Program Files\AVG\AVG10\avgse.dll

MD5: e37dbc42f405f0b804cf83ef6f08361d C:\Program Files\AVG\AVG10\avgssie.dll

MD5: bddbaa0906eb612971c0fcd6030dba14 C:\Program Files\AVG\AVG10\avgtray.exe

MD5: fc2bc51120a945f7c70376495e4e7737 C:\Program Files\AVG\AVG10\avgwdsvc.exe

MD5: 82d8dc61c24c5b4d754ccd97e78da876 C:\Program Files\AVG\AVG10\avgxpl.dll

MD5: 3ce07fb20b84734cce81cf10d1d7f803 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

MD5: 350a0c2cc411a6b0982604c8893c3e93 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe

MD5: 6397ea2e883422f04527da68a6941f26 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

MD5: 8c4ac22616e77925135c221c46dc6307 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: 11a52cf7b265631deeb24c6149309eff C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

MD5: 848bc9a0bb2361e549fd4c22d7548fb8 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

MD5: f7dd2d785280db73dc9060f80361befb C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

MD5: 8b22cf51b907e3a221267cf1e502993a C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MD5: d8e18021f91ad79ca8491cb5a5da22d4 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

MD5: 500bbc336e6273a3035ced554acb1ef6 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

MD5: f7950e8fbb9b26e1a347f00e11ea42b5 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

MD5: c440345a38fda337afb7333863cc8533 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

MD5: ff3bf05021bfecc92db81b8257eeb026 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe

MD5: 631289583481c45c7342efd57442b738 C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll

MD5: cf39a105cd553eed31e2255aff4c6742 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

MD5: 45406ffd87f6ba4345b018e303a64ff1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll

MD5: fb01d4ae207b9efdbabfc55dc95c7e31 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

MD5: c649f293b8b047a2694f3c615d09bf17 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

MD5: f6c66188def298e2c3827af6fb2c0637 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll

MD5: 39877ce56747fea382175cd57d3bba10 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll

MD5: 3c03db6f66c9792c9b6e30473e847ca2 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll

MD5: 86947f0a12a04408467305a8437140a6 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSAlbumObjects.dll

MD5: 41857da3ea7a2568e1aae8fedc8d8939 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll

MD5: c7c30b24c8c57078654ba9574ce70e3d C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll

MD5: 1bac818025403333c11817dafbcee283 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll

MD5: c551d15d5d0f875d7bf0bc4fbb6eb2d9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

MD5: 5fce5b36991dbaa99da9e9c62d8e60ac C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll

MD5: ebcde8b48fadc6479d96a56d0a432160 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

MD5: ab2b1de1c8f31efce2384b14b3dc4260 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

MD5: 1aad451ccbece62987591b35ae8037a8 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

MD5: 900a9d261859ec999c9c7243410c3203 C:\Program Files\Common Files\Roxio Shared\DLLShared\homeutils9.dll

MD5: 743e556a998074ed7eeb99ca495b2e5d C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll

MD5: 3c84fca13c4eb607478a45f2d7e16db3 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll

MD5: 6bcacab447d6d723a4047cc79e60854f C:\Program Files\Common Files\Steam\SteamService.exe

MD5: 51778fd315c9882f1cbd932743e62a72 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

MD5: 951f36219c7384c6ed6c9f44d45c5235 C:\Program Files\Common Files\System\Ole DB\oledb32.dll

MD5: 892125b60ba6c2a66f485a89c4a6b918 C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL

MD5: bf0cfc7156e22d24184cc53bc5a8a50a C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\CyberLink\PowerDVD DX\MFC71.DLL

MD5: bf67a8f7cc0e83d226fed8b4e27f8c33 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

MD5: 267b3a856e9f4db1cabd4e6db71e07d2 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

MD5: 1a4f60ef6da38621f1091b0cb0fa2c09 C:\Program Files\Dell\BAE\BAE.dll

MD5: dd833e85856bf4b2a54062f41e737617 C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll

MD5: 6e621e4c417b7434803d6da3e60ed32b C:\Program Files\HostsMan\hm.exe

MD5: 8bebac4cb105ce836d52998a3350b473 C:\Program Files\HostsMan\hostssrv.exe

MD5: a1659e4d08fe8d0f0bc61960d8c0369e C:\Program Files\Internet Explorer\ieproxy.dll

MD5: 4d0bad6e0b9a5e650fe37a05f33bf288 C:\Program Files\Internet Explorer\IEShims.dll

MD5: 904e13ba41af2e353a32cf351ca53639 C:\Program Files\Internet Explorer\iexplore.exe

MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: 33642c17c232aa272c68e446a2619899 C:\Program Files\iPod\bin\iPodService.exe

MD5: 2c542b82121066ea97b864f0f02a035c C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL

MD5: c4b5d43704b407c9b0d19ab19bb5303d C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL

MD5: 7001ed498afe9921db7231878de1ce12 C:\Program Files\iTunes\iTunesHelper.dll

MD5: d743372a621ed03a274539a88eeb3450 C:\Program Files\iTunes\iTunesHelper.exe

MD5: 3af147edc68cb34cb91b606db6304f11 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL

MD5: 9c94183a22256c35b025a900af4b5372 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL

MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

MD5: f2121482c2968cd3b53ed53acc9277a5 C:\Program Files\Java\jre6\bin\jp2ssv.dll

MD5: ccc24faa47c47e66be61bf22603c5e3a C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

MD5: e810acafa8e6d80117414b7ca036d626 c:\program files\java\jre6\bin\ssv.dll

MD5: 1365bb2a78db638870337422b54ddbac C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

MD5: 385b9a26dbe3d97b483d977c037c4bec C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

MD5: 14fc8f36bf4ac96deffd5602d90b3de6 C:\Program Files\Microsoft Office\Office14\MAPIPH.DLL

MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL

MD5: a425c3ff90de6fdb363e2e1e1dbeeffd C:\Program Files\Microsoft Office\Office14\OLMAPI32.DLL

MD5: 554446b4c9b3fd663f183f77fc74e7ca C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL

MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

MD5: ce6db25ffa35fd051c503f11db745862 c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

MD5: 968b7a2e6be07cf337a34e07d0be3ecc C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

MD5: bd4c601a0c7c2b5e06753c77b0f15cec C:\Program Files\Mozilla Firefox\components\browsercomps.dll

MD5: 25532414a7a088553527a75b31df0592 C:\Program Files\Mozilla Firefox\firefox.exe

MD5: acdda9608d9e9374227ae3981305da74 C:\Program Files\Mozilla Firefox\freebl3.dll

MD5: 8bb7bee59f0287a0ead64957db67b532 C:\Program Files\Mozilla Firefox\mozalloc.dll

MD5: 54e853f7cbb2a7114da3763bf9abd4d5 C:\Program Files\Mozilla Firefox\MOZCPP19.dll

MD5: 37ef3bb68aea271b600a1d2eec58cd2a C:\Program Files\Mozilla Firefox\MOZCRT19.dll

MD5: 3a5236be0bc729a077a80e2e5a716843 C:\Program Files\Mozilla Firefox\mozjs.dll

MD5: 3481a993bbbcef7f83938d3bbcba53c3 C:\Program Files\Mozilla Firefox\mozsqlite3.dll

MD5: b18ac873044816fcd21f6c742eea4556 C:\Program Files\Mozilla Firefox\nspr4.dll

MD5: 3c840551b5baafc45b3f02c789d4fc77 C:\Program Files\Mozilla Firefox\nss3.dll

MD5: 15032e6af825451b861f0f941c344932 C:\Program Files\Mozilla Firefox\nssckbi.dll

MD5: c45c19f159f02a7a050c840dfccac489 C:\Program Files\Mozilla Firefox\nssdbm3.dll

MD5: 4585bff270a7f0bac15c15f131012578 C:\Program Files\Mozilla Firefox\nssutil3.dll

MD5: 3a6b10e1d909da39716dfbb921a4842c C:\Program Files\Mozilla Firefox\plc4.dll

MD5: f9375875aa40bf4756d66ff692393aac C:\Program Files\Mozilla Firefox\plds4.dll

MD5: ff030b5f429a1a8c18821e4595599c1f C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

MD5: f9ae1ad5cc7f73827b64a05a44902b07 C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

MD5: 3cf277c305780ffeb8be2f80276a9e37 C:\Program Files\Mozilla Firefox\smime3.dll

MD5: c30f05f0faa9c826b8578d0159fa7c83 C:\Program Files\Mozilla Firefox\softokn3.dll

MD5: eda70aba6202a5a152c6d8b5c5874ce9 C:\Program Files\Mozilla Firefox\ssl3.dll

MD5: 49f6273082e0341ddd4af0be02394da9 C:\Program Files\Mozilla Firefox\xpcom.dll

MD5: d2f353297cdf9197dc322f4c930009c0 C:\Program Files\Mozilla Firefox\xul.dll

MD5: fe199f882e94e11b2732d415eab80e7d C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

MD5: 0f25f4f6b94b9bddcb2f2d1805db8510 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

MD5: 7c28d81fc104d0dea13ce1c54280feb5 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

MD5: cd36276e9aa3ba997021b20e4d8fe2c8 C:\Program Files\NVIDIA Corporation\3D Vision\nvStereoApiI.dll

MD5: 04db1e60fbfb9a77af16238a209c2cdd C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

MD5: 780db9b6d1066a23aac8e228a0d1bc2e C:\Program Files\NVIDIA Corporation\Display\NvUI.dll

MD5: 5511cbc05cf0b50da6ba288c55a62c4b C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll

MD5: 9dca0e054cc51bd33e7303e6fe9b3735 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll

MD5: 44dbef6b6fc8130a20b756862084506b C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll

MD5: 3d36332478ef0026439d8ad4471e800c C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

MD5: 04f977f0d879f174e9540e462d13ea56 C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdt.dll

MD5: a4476ab9fc262c70bf0914fb0ecadb4d C:\Program Files\NVIDIA Corporation\NvUpdate\NVUPDTR.DLL

MD5: 28ba05011fa40215999121f23b770a8e C:\Program Files\Opera\Opera.dll

MD5: 734cacde3e6d1882aae2c6f8f8be4f93 C:\Program Files\Opera\opera.exe

MD5: b69af133925ef402c8714488b829db9d C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe

MD5: e70e4ddd77f03cb955c080e88e395eb9 C:\Program Files\Sandboxie\SandboxieRpcSs.exe

MD5: 7f23a48c1c051c4dbbffb8cc339b381c C:\Program Files\Sandboxie\SbieCtrl.exe

MD5: 5bb1e50c658841edd8d48f18355602f4 C:\Program Files\Sandboxie\SbieDll.dll

MD5: 3ab6cad1ddfa84cd7bc3d1a759b1e81e C:\Program Files\Sandboxie\SbieDrv.sys

MD5: 3f327523c54f3cbcf3dbd791c4aac765 C:\Program Files\Sandboxie\SbieMsg.dll

MD5: 833539963e31edd4dc0063fe9cf95701 C:\Program Files\Sandboxie\SbieSvc.exe

MD5: d617404d119b1db10366692447d8a648 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL

MD5: c030c9a39e85b6f04a8dd25d1a50258a C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

MD5: 7f1085895e499907f68df7731924122b C:\Program Files\SUPERAntiSpyware\SASENUM.SYS

MD5: 64c100dbf57c6cb6e7d5d24153f5e444 C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

MD5: ecd5517a6633826057d4f050927ddf56 c:\program files\superantispyware\sasseh.dll

MD5: 972edede23ac8d59aac0c09799c6f18a C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

MD5: 1bef98b2bd922836ccdd0f85620bc755 C:\Program Files\Winamp\winampa.exe

MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll

MD5: 0a1ff0b674e2f268799442a434a63bb3 C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

MD5: a070b8c38ceb3a30cc18d1b7c433144c C:\Program Files\WinRAR\rarext.dll

MD5: 968a05deda7fbb3ff935a99739453e89 C:\ProgramData\id Software\QuakeLive\npquakezero.dll

MD5: 853ab2f2a2267fe90d1d4e9b0c8cf314 C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

MD5: e0e0b180cfa3b1a1322ac4aea5ffbebf C:\PROGRA~1\AVG\AVG10\avgrsx.exe

MD5: 9abf687071c649609bf7e177062a9008 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

MD5: 3d3af7420b5b01f591163bb3cea89877 C:\Users\amanda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

MD5: e634a88cfa85f413e2d41476520d61bc C:\Users\panda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

MD5: d6804f089cbb6749e95124e7c4d80900 C:\Windows\AppPatch\AcLayers.DLL

MD5: 90c68ae43007fda5a44a4eccfc0a8d89 C:\Windows\Downloaded Program Files\isetup.dll

MD5: 8217d1033d425ff5770d1de9bd4a5baa C:\Windows\Downloaded Program Files\isetup.EXE

MD5: 11ebc1ef713a878a14be8d5923cd355f C:\Windows\Downloaded Program Files\isusweb.dll

MD5: b8f613ac24cc3c706029e602e2d5ddbf C:\Windows\Downloaded Program Files\qsax.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: b503285b5d1cac5ae445d60c690dcff9 C:\Windows\RtHDVCpl.exe

MD5: e9b9c1b98c8d6d48407e1c1203eac659 c:\windows\system32\adsldpc.dll

MD5: 031da76a5a7dc13f015dd3491394865e C:\Windows\system32\advpack.dll

MD5: 330a1e4df07c2e29949ed8631cd8828e C:\Windows\System32\AERTSrv.exe

MD5: f31eebc1a1c81fd04005489cc3dcdfe7 C:\Windows\system32\basesrv.dll

MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll

MD5: b0b4c590c0cae7741da17e3dc86cc828 C:\Windows\system32\CEUTIL.dll

MD5: d333058925ce305e39de8d5ad2b52a46 c:\windows\system32\CLUSAPI.dll

MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe

MD5: 9add154cbc0ea85b55e414c35c58ceb1 C:\Windows\system32\CmdLineExt.dll

MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll

MD5: 93e317d7ad783d8eaee2e3500bfe889d c:\windows\system32\credui.dll

MD5: 187076dd5d8d4d5d23079d0741195ead C:\Windows\system32\CSRSRV.dll

MD5: abca209eba02cb59233614db83b4f50d C:\Windows\System32\csrss.exe

MD5: 3dfeec45e5f22993216083fb777719d5 C:\Windows\system32\d2d1.dll

MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6 C:\Windows\system32\d3d10.dll

MD5: 29e4ea31c6debe5efb384eefa4f1ef63 C:\Windows\system32\d3d10_1.dll

MD5: 556f1cbe9ba19e2ccd6f8d9af71af5c7 C:\Windows\system32\d3d10_1core.dll

MD5: 9c7094f537782a82b6a29b4a7172e180 C:\Windows\system32\d3d10core.dll

MD5: 85e861d0b88db2b54acb0839654c09f7 C:\Windows\system32\DNSAPI.dll

MD5: 57d762f6f5974af0da2be88a3349baaa C:\Windows\System32\dnsrslvr.dll

MD5: 4ebdd20afc19aaecba2893d128dd5ecd C:\Windows\system32\dpx.dll

MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys

MD5: 8b10ce1c1f9f1d47e4deb1a547a00cd4 C:\Windows\system32\drivers\agp440.sys

MD5: dc67a153fdb8105b25d05334b5e1d8e2 C:\Windows\system32\drivers\aliide.sys

MD5: 848f27e5b27c1c253f6cefdc1a5d8f21 C:\Windows\system32\drivers\amdagp.sys

MD5: 835c4c3355088298a5ebd818fa31430f C:\Windows\system32\drivers\amdide.sys

MD5: 3c4b9850a2631c2263507400d029057b C:\Windows\system32\DRIVERS\atksgt.sys

MD5: 1c8d965bbcaa9ee5defdb54743437086 C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

MD5: c59c9bc3f0612bd207ccdc5d8cb9ce39 C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

MD5: c5559de2ec66cede15a1664f6d183d8e C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

MD5: ae5e9667fa40206796d1bd5bd0427a8a C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

MD5: 4e796d3d2c3182b13b3e3b5a2ad4ef0a C:\Windows\system32\DRIVERS\avgldx86.sys

MD5: 5639de66b37d02bd22df4cf3155fba60 C:\Windows\system32\DRIVERS\avgmfx86.sys

MD5: d1baf652eda0ae70896276a1fb32c2d4 C:\Windows\system32\DRIVERS\avgrkx86.sys

MD5: aaf0ebcad95f2164cffb544e00392498 C:\Windows\system32\DRIVERS\avgtdix.sys

MD5: cf6a67c90951e3e763d2135dede44b85 C:\Windows\system32\DRIVERS\bcmwl6.sys

MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys

MD5: e79cbb2195e965f6e3256e2c1b23fd1c C:\Windows\system32\drivers\cmdide.sys

MD5: 82b8c91d327cfecf76cb58716f7d4997 C:\Windows\system32\drivers\compbatt.sys

MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys

MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys

MD5: 7505290504c8e2d172fa378cc0497bcc C:\Windows\system32\DRIVERS\e1e6032.sys

MD5: 0084046c084d68e494f8cf36bcf08186 C:\Windows\system32\drivers\intelide.sys

MD5: ce44cc04262f28216dd4341e9e36a16f C:\Windows\system32\DRIVERS\intelppm.sys

MD5: 2f8ece2699e7e2070545e9b0960a8ed2 C:\Windows\system32\drivers\isapnp.sys

MD5: 4127e8b6ddb4090e815c1f8852c277d3 C:\Windows\system32\DRIVERS\lirsgt.sys

MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys

MD5: 4fccb34d793b116423209c0f8b7a3b03 C:\Windows\system32\DRIVERS\mrxsmb10.sys

MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys

MD5: d420bc42a637ac3cc4f411220549c0dc C:\Windows\system32\drivers\msahci.sys

MD5: 055081fd5076401c1ee1bcab08d81911 C:\Windows\system32\drivers\nv_agp.sys

MD5: 847b1755f7757f825305a1ffe6dac3e9 C:\Windows\system32\DRIVERS\nvlddmkm.sys

MD5: a1108084b0d2fc43dcc401735770e2a3 C:\Windows\system32\DRIVERS\nvmfdx32.sys

MD5: 4a5fcab82d9bf6af8a023a66802fe9e9 C:\Windows\system32\drivers\nvstor.sys

MD5: fa7b8eca6e845b244b7e30a9dcd82c6c C:\Windows\system32\DRIVERS\nvstor32.sys

MD5: 1636d43f10416aeb483bc6001097b26c C:\Windows\system32\drivers\pciide.sys

MD5: 0245418224cfa77bf4b41c2fe0622258 C:\Windows\system32\drivers\rdpdr.sys

MD5: f8f53c5449f15b23d4c61d51d2701da8 C:\Windows\system32\drivers\RTKVHDA.sys

MD5: 51cf56aa8bcc241f134b420b8f850406 C:\Windows\system32\drivers\sffdisk.sys

MD5: 96ded8b20c734ac41641ce275250e55d C:\Windows\system32\drivers\sffp_mmc.sys

MD5: 8b08cab1267b2c377883fc9e56981f90 C:\Windows\system32\drivers\sffp_sd.sys

MD5: 08072b2fb92477fc813271a84b3a8698 C:\Windows\system32\drivers\sisagp.sys

MD5: f8e7411b26530e34d1ddc82f8a6b741a C:\Windows\system32\DRIVERS\snp2uvc.sys

MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys

MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys

MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys

MD5: 814a1c66fbd4e1b310a517221f1456bf C:\Windows\System32\drivers\tcpip.sys

MD5: 6d72ef05921abdf59fc45c7ebfe7e8dd C:\Windows\system32\drivers\uliagpkx.sys

MD5: 119a487b94fcb54d5154ebfbfa124755 C:\Windows\System32\drivers\UMDF\WpdFs.dll

MD5: 83cafcb53201bbac04d822f32438e244 C:\Windows\System32\Drivers\usbaapl.sys

MD5: 325dbbacb8a36af9988ccf40eac228cc C:\Windows\system32\DRIVERS\usbuhci.sys

MD5: d5929a28bdff4367a12caf06af901971 C:\Windows\system32\drivers\viaagp.sys

MD5: f3b4762eb85a2aff4999401f14c3262b C:\Windows\system32\drivers\viaide.sys

MD5: 701a9f884a294327e9141d73746ee279 C:\Windows\system32\drivers\wmiacpi.sys

MD5: ee9144207ee0211eb5656ba6808ac4a0 C:\Windows\system32\DRIVERS\xusb21.sys

MD5: 6843926aff733d46a04f9d4e1c1a6b14 C:\Windows\system32\DWrite.dll

MD5: aaae543c535ed596ecad2ab8761c2c6f C:\Windows\system32\dxgi.dll

MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\system32\Dxtmsft.dll

MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\system32\Dxtrans.dll

MD5: a4ec6b9766e2a7faa77283697bc5c307 C:\Windows\System32\E_FLBCAE.DLL

MD5: b8a21907fe2f1a113f3487d9ab60bef9 C:\Windows\system32\en-us\tQuery.dll.mui

MD5: 8ce364388c8eca59b14b539179276d44 c:\windows\system32\fntcache.dll

MD5: 77ebf3e9386daa51551af429052d88d0 C:\Windows\system32\giveio.sys

MD5: 05b6a5ce1c7767c32df35966107cb1ec C:\Windows\system32\hhctrl.ocx

MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp

MD5: 0c84b6affa7486422235584110d7176f c:\windows\system32\ICAAPI.dll

MD5: dca3fa9f9dd103dc39c24c85ef073db1 C:\Windows\system32\ICMP.DLL

MD5: ee9d715af1b928982f417238b9914484 C:\Windows\system32\ieapfltr.dll

MD5: 691e93028b8723e05b4a637be77380dd C:\Windows\System32\ieframe.dll

MD5: 1416ab557be700fa117323b6b8f32882 C:\Windows\system32\iertutil.dll

MD5: 274e38af453fa9e079b1d5a85f5f0921 C:\Windows\system32\IEUI.dll

MD5: 68563ac389f92ee79f1c714288ba1dce C:\Windows\system32\ImgUtil.dll

MD5: 4b65b4f93f63aa6dc1042a8aed99d093 C:\Windows\system32\jscript.dll

MD5: 82586704868e3abb382cae303b41e8b7 C:\Windows\System32\jscript9.dll

MD5: 574b473facaa0e91702b86578440b525 C:\Windows\system32\kernel32.dll

MD5: 74c2f29cc612b2b34231bebd824d2fb2 C:\Windows\system32\keyiso.dll

MD5: 953193a9dea40348c1086d171f6440ae C:\Windows\system32\kmddsp.tsp

MD5: ca0b849566776a17f35f0339be17dfd9 c:\windows\system32\ktmw32.dll

MD5: 19ffad68a02af1bf0bc336ee26cd6767 c:\windows\system32\l2gpstore.dll

MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll

MD5: de3745a51b7ac7fedc356a83f76c8023 C:\Windows\system32\Macromed\Flash\NPSWF32.dll

MD5: ef24642d5fb52a1eef56de9e47cbb993 C:\Windows\system32\MFC42.DLL

MD5: 1b593fbb763150bd225df266c69a9329 C:\Windows\system32\MFC42u.dll

MD5: 1fd3f9722119bdf7b8cff0ecd1e84ea6 C:\Windows\system32\MFC71.DLL

MD5: bf142d4f8c61ed3629a9cdd7ba867900 C:\Windows\system32\mfplat.dll

MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll

MD5: 9b89b3bb79ea1acf041f40a7b6fc5827 C:\Windows\System32\mobsync.exe

MD5: 56e315acfb08a177b4d01e42b9044db5 C:\Windows\System32\MPRAPI.dll

MD5: 554ed6988e44fdf18941429e8b2cb652 C:\Windows\system32\MSDART.DLL

MD5: 7940c04ce581288a3498d57ec4ee47d2 C:\Windows\System32\msfeeds.dll

MD5: 66c0aee61d1c5c35bf1b4642a153b114 C:\Windows\system32\MSHTML.dll

MD5: aab5feaabf4cb6f76d794203831c8d94 C:\Windows\system32\Msidle.dll

MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll

MD5: 5e41139ec6efbcaffd96d46925e544ab c:\windows\system32\mspatcha.dll

MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll

MD5: ff41e1ac301f51e16f61ad7c0f45467c C:\Windows\System32\msshsq.dll

MD5: 2310a32bb0164552a311bfa02102a3d6 C:\Windows\system32\msvcp60.dll

MD5: 2fa16465f64db54b1f7f511395eb4fd7 C:\Windows\system32\NCObjAPI.DLL

MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b c:\windows\system32\ncsi.dll

MD5: 2f6776acefe41ee889c464ea407918f2 C:\Windows\system32\ndptsp.tsp

MD5: 6bc5fcef351e4cb5a269c1e84b5a06da C:\Windows\system32\netcfgx.dll

MD5: 95daecf0fb120a7b5da679cc54e37dde C:\Windows\system32\netlogon.dll

MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\System32\NETRAP.dll

MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd c:\windows\system32\nsisvc.dll

MD5: 708fb84003732e220c23cdf207f5a329 C:\Windows\system32\ntdll.dll

MD5: 64ffb7acb668a18ba45c645a28c8cd11 C:\Windows\system32\nvapi.dll

MD5: 125d7807ad8b86fccdedf1521b8b7351 C:\Windows\system32\nvd3dum.dll

MD5: fe980b7b6c967be02b9892496d2f1072 C:\Windows\system32\NVSVC.DLL

MD5: 3543046f8f23d9109f403c8176c3a07d C:\Windows\system32\NVSVCR.DLL

MD5: 7c732aff202dcd06c3d262966d71604c C:\Windows\System32\nvvsvc.exe

MD5: dbb2dbed63b4ff6a53e79e1461eedb4f C:\Windows\system32\nvwgf2um.dll

MD5: 862363973dcbcc31dd161ef41a69153c C:\Windows\system32\ODBC32.dll

MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll

MD5: dc15ab7168c0309d8f04fd95b6240422 C:\Windows\system32\OLEACC.dll

MD5: b218342214d9bba0f54ea12ba2e9278c C:\Windows\system32\OLEAUT32.dll

MD5: f0062778f50838145ac46b384ffb4fa3 C:\Windows\system32\pcadm.dll

MD5: a1dd33d16f277ce34124ee52ab2c0f14 C:\Windows\System32\PnkBstrA.exe

MD5: b2b117bd8d1ea80536cdd91797ef4a0a C:\Windows\System32\portabledeviceclassextension.dll

MD5: b288ff7c1987a736726e87c79148c360 C:\Windows\system32\PortableDeviceWiaCompat.dll

MD5: e340845c8e96d107c36420065d7a5733 C:\Windows\system32\printcom.dll

MD5: 08f9134a2215b7ed985409a4df60ac60 C:\Windows\system32\psbase.dll

MD5: daa1b96073c79c84f8d28fbf55580415 C:\Windows\system32\pstorec.dll

MD5: 6d01259214d1e815613eca3cd81679ec C:\Windows\system32\pstorsvc.dll

MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll

MD5: 11fbb8cb6865b7ba387095398eb91ed4 C:\Windows\system32\RAPI.dll

MD5: 3379989f06b31347792836dcf028a325 C:\Windows\system32\rapiproxystub.dll

MD5: b1e4d190cd21cc75ae38562400dd5345 C:\Windows\system32\rapistub.dll

MD5: 2dd6af8e97f59c9d39329bbc2a81f13f C:\Windows\System32\RASDLG.dll

MD5: 88225070dd2f7b0b2ed51e7935078641 C:\Windows\system32\RASQEC.DLL

MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b C:\Windows\system32\RESUTILS.DLL

MD5: 2ab58991862153a248779174d4e4212b C:\Windows\system32\schannel.dll

MD5: 1a58069db21d05eb2ab58ee5753ebe8d c:\windows\system32\schedsvc.dll

MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\system32\SHDOCVW.dll

MD5: 33ae914c24f546aabf281ba7b138186d C:\Windows\system32\SHELL32.dll

MD5: 9176285122b7b849fec2aa1b72a8f7a8 C:\Windows\system32\SHLWAPI.dll

MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\system32\SHSVCS.dll

MD5: 5d6401db90ec81b71f8e2c5c8f0fef23 C:\Windows\system32\speedfan.sys

MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe

MD5: bf7e4d6f60a6d9e866432855c6f8c262 c:\windows\system32\sqmapi.dll

MD5: 1bf5eebfd518dd7298434d8c862f825d c:\windows\system32\srvsvc.dll

MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL

MD5: 365828e555e9479246efd9090c41c2d7 C:\Windows\System32\sti.dll

MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll

MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll

MD5: bfa034aac103d8a6f591ac9364688339 C:\Windows\system32\t2embed.dll

MD5: 2a6a2c09ecc2cb495628e45f1379ece8 C:\Windows\system32\taskcomp.dll

MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe

MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll

MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll

MD5: f8873d15018f411588bec02c1725bada C:\Windows\system32\tspkg.dll

MD5: e45051c374f845edf3db02a35ba13193 C:\Windows\system32\umb.dll

MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll

MD5: 814638f572f497d96b17bf254113d9a4 C:\Windows\system32\urlmon.dll

MD5: 0bf0bb276f17b6ad61a8694d2551ec28 C:\Windows\System32\usbmon.dll

MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll

MD5: af25ecaa3d7f85dc13e348a6f79ad40d C:\Windows\system32\vss_ps.dll

MD5: dc3ae9f1554dcd97f90983ddbdacd83d c:\windows\system32\vsstrace.dll

MD5: 83c2f5076e1b4a63c04f2b14ee7cad47 C:\Windows\system32\wbem\wbemdisp.dll

MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll

MD5: 917422e1b95a72b0328b301bacbf1b07 C:\Windows\system32\wcescommproxy.dll

MD5: e7d0f91e44d9d3b2116fa549bdcdb756 c:\windows\system32\WDSCORE.dll

MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\system32\webcheck.dll

MD5: 0745d6ead386710110817fbec03f5161 C:\Windows\system32\wfapigp.dll

MD5: 73fe2e5fa55088a241aa2732f5d387d6 C:\Windows\system32\wiarpc.dll

MD5: 02f98b5c0e397ad06124d84428cf8f1a C:\Windows\system32\WININET.dll

MD5: 101ba3ea053480bb5d957ef37c06b5ed C:\Windows\System32\wininit.exe

MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 C:\Windows\System32\WINSPOOL.DRV

MD5: 9a7a3bc8dc7e7ecaba2478ced4c38cbd C:\Windows\system32\winsrv.dll

MD5: e5a905bdd0007868fb87007c13324479 C:\Windows\system32\WINUSB.DLL

MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll

MD5: 617f9a5813e69f6e9ed94b811ec75396 C:\Windows\System32\wmpps.dll

MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll

MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll

MD5: 09c7859269563c240ab2aaab574483dd C:\Windows\System32\WUDFHost.exe

MD5: 399bb52ad0668472717498e97cf28341 c:\windows\system32\WUDFPlatform.dll

MD5: 4b72b5b342ada4de8deea39cce465b58 C:\Windows\system32\WUDFx.dll

MD5: 77f595dee5ffacea72b135b1fce1312e C:\Windows\system32\XINPUT1_3.dll

MD5: 1908cc7673f72601affdca022689cedf c:\windows\system32\XmlLite.dll

MD5: 8ae3273ec161cc98573f0e095cf0c790 C:\Windows\vsnp2uvc.exe

MD5: d5d7c7cbdd63c5938c83846b313fcf3b C:\Windows\WindowsMobile\BthASPlugin.dll

MD5: 523df3b590d8a353a49235b1b7c571ad C:\Windows\windowsmobile\dtptdns.dll

MD5: 8f97d374ad1857e1eed85a79f29a1d3d c:\windows\windowsmobile\rapimgr.dll

MD5: 8c8c82633a7e90a33e8d7d9617b2b46c c:\windows\windowsmobile\TCP2UDP.dll

MD5: 59e19bd13c3bdb857646b9e436ba27f7 c:\windows\windowsmobile\wcescomm.dll

MD5: 96b3c4e20f02ca16aa1e3e425bffcc8b C:\Windows\WindowsMobile\wmdc.exe

MD5: e270b78c30a4795978b8067e6a2252a2 C:\Windows\WindowsMobile\wmdsyncman.dll

MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll

MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll

MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll

MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll

MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll

MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

MD5: b5b09091b0e33c396ceec8995515bd41 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll

No file uploaded.

Scan finished - communication took 1 sec

Total traffic - 0.02 MB sent, 1.58 KB recvd

Scanned 905 files and modules - 60 seconds

==============================================================================

As I am not experiencing any issues that I can notice should I still go ahead and post the DDS logs?

I just really need to make sure my PC is clean as I have started to buy online.

Thank you in advance

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[chimpy]

Hi, Thanks, I got another "warning" from AVG which was healed, that one was "";"C:\Program Files\Steam\steamapps\common\global agenda live\Binaries\GlobalAgenda.exe";"Corrupted executable file";"Moved to Virus Vault", I googled to see if anyone else had posted about it but found nothing, I removed the game as I had forgotten I had had it (Never really played it either)

Only other odd thing was sandboxie now refusing to understand that FF is not already running so I have hand to create a sandbox with a different name to get it to work.

This is the new MBAM log

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.18.06

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

XXXXXXXXXXXXXXXXXXXX [administrator]

19/01/2012 02:34:14

mbam-log-2012-01-19 (02-34-14).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 204886

Time elapsed: 8 minute(s), 12 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

And the DDS logs

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30

Run by amanda at 2:44:42 on 2012-01-19

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.2046.1017 [GMT 0:00]

.

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\AERTSrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\mobsync.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Windows\vsnp2uvc.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Users\panda\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

C:\Program Files\FinePixViewerS\QuickDCF2.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskeng.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\PROGRA~1\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.sky.com

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [HostsMan] "c:\program files\hostsman\hm.exe" -s

uRun: [HostsServer] "c:\program files\hostsman\hostssrv.exe" --start

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [dscactivate] c:\program files\dell support center\gs_agent\custom\dsca.exe

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [snp2uvc] c:\windows\vsnp2uvc.exe

mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewers\QuickDCF2.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105

IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{698A83BA-AE1B-4EE8-82B2-53B069F7BEC2} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{EEA90EAB-20F1-4644-884B-6D0592D529E7} : DhcpNameServer = 163.244.4.254 163.244.76.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\amanda\appdata\roaming\mozilla\firefox\profiles\jgi178he.default\

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\id software\quakelive\npquakezero.dll

FF - plugin: c:\users\amanda\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-2-29 8944]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-2-29 55024]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-3-26 21504]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2008-6-9 1153368]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-11-20 240232]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]

R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-11-23 131856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-01-12 00:18:47 -------- d-----w- C:\85cff1293f2327d06ed12cc5a1da

2012-01-12 00:09:40 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-01-12 00:09:40 278528 ----a-w- c:\windows\system32\schannel.dll

2012-01-12 00:09:39 9728 ----a-w- c:\windows\system32\lsass.exe

2012-01-12 00:09:39 72704 ----a-w- c:\windows\system32\secur32.dll

2012-01-12 00:09:39 377344 ----a-w- c:\windows\system32\winhttp.dll

2012-01-12 00:09:39 1259008 ----a-w- c:\windows\system32\lsasrv.dll

2012-01-11 05:14:56 23552 ----a-w- c:\windows\system32\mciseq.dll

2012-01-11 05:14:56 189952 ----a-w- c:\windows\system32\winmm.dll

2012-01-11 05:14:55 376320 ----a-w- c:\windows\system32\winsrv.dll

2012-01-11 05:14:53 66560 ----a-w- c:\windows\system32\packager.dll

2012-01-11 05:14:51 1205064 ----a-w- c:\windows\system32\ntdll.dll

2012-01-11 05:14:50 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2012-01-11 05:14:45 1314816 ----a-w- c:\windows\system32\quartz.dll

2012-01-11 05:14:44 497152 ----a-w- c:\windows\system32\qdvd.dll

2012-01-11 01:18:00 -------- d-----w- c:\users\amanda\appdata\roaming\QuickScan

2011-12-20 11:21:11 -------- d-----w- c:\program files\Sandboxie

.

==================== Find3M ====================

.

2011-12-17 23:25:55 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-12-13 09:45:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-12-10 15:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll

2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-25 15:56:04 49152 ----a-w- c:\windows\system32\csrsrv.dll

.

============= FINISH: 2:46:08.30 ===============

Thank you.

[chimpy]

Hi Have you had time to take a look at this yet?

Thanks.

[screen317]

Hi,

I don't see any malware here. I would take up the SandBoxie issue with SandBoxie.

[chimpy]

Thank you, so the Skype and Steam "warnings" that AVG picked up were possibly FPs?

I contacted Sandboxie and they have no idea why it does not work correctly.

[screen317]

They look like false positives to me, unless they are corrupted. But if they are working fine then there shouldn't be any issue.

I'm afraid I wont be able to troubleshot their software better than they can. Sorry about that.

Anything else I can help you with?

[screen317]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!