Jump to content

Recommended Posts

I believe I have a virus. I'm attaching the information I retrieved from instructions listed on this forum post: http://forums.malwarebytes.org/index.php?showtopic=69723

I've attached the zip file with Ark.txt & Attach.txt & Here is the info for DDS.txt

.

DDS (Ver_2011-06-12.02) - NTFSx86

Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_23

Run by OmniSource at 6:34:35 on 2011-06-16

Microsoft

files.zip

Link to post
Share on other sites

Hello zeropoint and welcome to Malwarebytes! :welcome:

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

***Note: In order for ComboFix to run properly AVG must be uninstalled. Please go here and follow the instructions to uninstall AVG.

You can reinstall it after the computer is clean.

-------------

What types of problems you are experiencing? Any insight would be a big help. :)

-------------

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:

1) Run Spybot-S&D

2) Go to the Mode menu, and make sure Advanced Mode is selected

3) On the left hand side, choose Tools -> Resident

4) Uncheck Resident TeaTimer and OK any prompts

You can re-enable TeaTimer once your system is clean.

-------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

Also, please let me know if any problems still remain.

-------------

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

-------------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-------------

In your next reply, please include:

  • C:\ComboFix.txt
  • ESET Online Scan log
  • Security Check checkup.txt

How is your computer running now?

Link to post
Share on other sites

Hi D-Fred-Brown,

Thanks for helping me...I was out of town and just hopped on my computer, so I'm ready to get this virus off my computer. The two main issues I am experiencing is that when I turn on the computer I get an error that says something like "Disk Error" Press Control Alt Del to restart. Then when I do that sometimes it will bring up another error that says something like SATA 1 installed SATA 2 installed SATA 3 Not Installed SATA 4 Not Installed, then I have to shut it down again and restart it. When it finally lets me in it takes about 5 minute to get to the login scree and then another 5 minutes to logon.

I will follow your instructions. Thanks again!

Ellany

Link to post
Share on other sites

Thanks for helping me...I was out of town and just hopped on my computer, so I'm ready to get this virus off my computer.

No worries, take all the time you need. :)

Hopefully those preliminary steps I have outlined will correct the issues you have described. ;)

Link to post
Share on other sites

Hello again. :)

I see you have the Coupons.com Coupon Printer application installed.

This program is classified by many as adware and a potentially unwanted program. Please see this link for further details.

I suggest that you uninstall the Coupon Printer by following these instructions. However, the decision is totally up to you. :)

--------

I see you have IObit installed on your computer.

IObit Security 360 is a rogue security program known to cause system problems and that had stolen material from other computer security companies to use in their own program.

IOBit Steals Malwarebytes

Link to post
Share on other sites

I don't have the issue upon starting up the computer anymore (yay!) But this error comes up "dll multilanguage file [English.Ing] does not exist"

Here is the report from ESET:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6526

# api_version=3.0.2

# EOSSerial=fcb7f62e06b02448bd964e365d59bbfa

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-06-21 04:47:22

# local_time=2011-06-20 11:47:22 (-0600, Central Daylight Time)

# country="United States"

# lang=9

# osver=6.0.6000 NT

# compatibility_mode=1797 16775145 100 94 0 44211033 240900 0

# compatibility_mode=5892 16776573 100 100 0 145228812 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=260616

# found=13

# cleaned=13

# scan_time=10358

C:\@Business\ArchivedFiles\Agape\Graphics\couples.html HTML/ScrInject.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\virusfiles.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\final_backup_oym_old\businesscallreplay.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\final_backup_oym_old\quiz.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\final_backup_oym_old\FinancialInfidelity\index.aspx HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\@Business\Online\WordpressTemplates\wordpresstemplate\Martina\header.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\@Business\Online\WordpressTemplates\wordpresstemplate\Praven\header.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Users\OmniSource\AppData\Local\{CBC7B2F2-D480-477E-BC04-59BBD6402625}\chrome\content\overlay.xul.vir probably a variant of Win32/Agent.NVQFFQI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\Main\DreamProject\themes\grunge-style\template.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\Main\DreamProject\themes\music-lovers\template.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\TempFiles\ownyourmoneybackup-6-21-10\businesscallreplay.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\TempFiles\ownyourmoneybackup-6-21-10\quiz.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\TempFiles\ownyourmoneybackup-6-21-10\FinancialInfidelity\index.aspx HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

Link to post
Share on other sites

Ignore the error I mentioned in previous post. I removed gotomeeting and it got rid of the problem.

I don't have the issue upon starting up the computer anymore (yay!) But this error comes up "dll multilanguage file [English.Ing] does not exist"

Here is the report from ESET:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6526

# api_version=3.0.2

# EOSSerial=fcb7f62e06b02448bd964e365d59bbfa

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-06-21 04:47:22

# local_time=2011-06-20 11:47:22 (-0600, Central Daylight Time)

# country="United States"

# lang=9

# osver=6.0.6000 NT

# compatibility_mode=1797 16775145 100 94 0 44211033 240900 0

# compatibility_mode=5892 16776573 100 100 0 145228812 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=260616

# found=13

# cleaned=13

# scan_time=10358

C:\@Business\ArchivedFiles\Agape\Graphics\couples.html HTML/ScrInject.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\virusfiles.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\final_backup_oym_old\businesscallreplay.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\final_backup_oym_old\quiz.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\@Business\ArchivedFiles\Belinda\final_backup_oym_old\FinancialInfidelity\index.aspx HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\@Business\Online\WordpressTemplates\wordpresstemplate\Martina\header.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\@Business\Online\WordpressTemplates\wordpresstemplate\Praven\header.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Users\OmniSource\AppData\Local\{CBC7B2F2-D480-477E-BC04-59BBD6402625}\chrome\content\overlay.xul.vir probably a variant of Win32/Agent.NVQFFQI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\Main\DreamProject\themes\grunge-style\template.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\Main\DreamProject\themes\music-lovers\template.php PHP/Kryptik.AB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\TempFiles\ownyourmoneybackup-6-21-10\businesscallreplay.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\TempFiles\ownyourmoneybackup-6-21-10\quiz.html JS/TrojanDownloader.HackLoad.AG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\OmniSource\Desktop\TempFiles\ownyourmoneybackup-6-21-10\FinancialInfidelity\index.aspx HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

Link to post
Share on other sites

Ignore the error I mentioned in previous post. I removed gotomeeting and it got rid of the problem.

Glad to hear! :)

Please use the Internet Explorer and run a BitDefender Online scan from Here

  • Please check I agree with the Terms and Conditions and click Start Here
  • You will need to allow an Active X install for the scan to run.
  • Leave the scanning options at default and click Start Scan

Please post the results in your next reply.

Link to post
Share on other sites

Here is part 1 of BitDefender Report:

Processes

---------

AntiVir Desktop 3476 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

AntiVir Desktop 2024 C:\Program Files\Avira\AntiVir Desktop\avguard.exe

AntiVir Desktop 332 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

AntiVir Desktop 1768 C:\Program Files\Avira\AntiVir Desktop\sched.exe

APO Access Service (32-bit) 2012 C:\Windows\System32\AERTSrv.exe

Apple Mobile Device Service 2040 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Bonjour 252 C:\Program Files\Bonjour\mDNSResponder.exe

Carbonite InfoCenter 3380 C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

Carbonite Secure Backup Engine 264 C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

CommonSDK 2860 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

DisplayKEY eSYNC 2112 C:\dKEYUSBCradle\ProxyDaemon.exe

DisplayKEY eSYNC 868 C:\dKEYUSBCradle\SyncService.exe

Firefox 4060 C:\Program Files\Mozilla Firefox\firefox.exe

Firefox 6060 C:\Program Files\Mozilla Firefox\plugin-container.exe

Flash Player Helper 3012 C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe

Google Update 1324 C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe

HD Audio Control Panel 3344 C:\Windows\RtHDVCpl.exe

HP Smart Web Printing 4624 C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

HP Smart Web Printing 3996 C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

KODAK Share Button App 1040 C:\Program Files\Kodak\KODAK Share Button App\Listener.exe

LMIGuardianSvc 1568 C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

Logitech Webcam Software 2336 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

LogMeIn 760 C:\Program Files\LogMeIn\x86\ramaint.exe

Malwarebytes' Anti-Malware 3440 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

Malwarebytes' Anti-Malware 5568 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

Micro Niche Finder Background Download 2372 C:\Program Files\Micro Niche Finder\bggoogle.exe

Microsoft LifeChat 3368 C:\Program Files\Microsoft LifeChat\LifeChat.exe

Microsoft SQL Server 3024 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

Microsoft SQL Server 3076 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

Microsoft SQL Server 2380 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

Microsoft

Link to post
Share on other sites

Here is part 2 of BitDefender:

Scan

----

MD5: 308cd512fe41cffdd1a28fb7d7cdc8b0 C:\dKEYUSBCradle\ProxyDaemon.exe

MD5: bcedd554380a4fd469927a4a87f8f48b C:\dKEYUSBCradle\stunnel-4.10.exe

MD5: aeeee0bdb4d83596fbcf1810f6eacbdc C:\dKEYUSBCradle\SyncService.exe

MD5: edfca3682bcfe788bfcabf4d7e22805a C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll

MD5: 1ba6d822a6ba2402bc5df7f65955d3a8 C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

MD5: 42729c3de75a7a51fc6f9ef6546c9199 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

MD5: 782549d437044527706069ae20a7dfb0 C:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll

MD5: c6e4eee8da73f25d6c5090ee4a0111c1 C:\Program Files\Avira\AntiVir Desktop\aecore.dll

MD5: ee0477f95aaf614c5cb14f324ca48c3d C:\Program Files\Avira\AntiVir Desktop\aeemu.dll

MD5: 99fc44836c9faa66d3dd7f6264c2996b C:\Program Files\Avira\AntiVir Desktop\aegen.dll

MD5: 3cd3f5187353323222ca64f55ce4a43d C:\Program Files\Avira\AntiVir Desktop\aehelp.dll

MD5: e3759f0546a19c911a05512405cb04bf C:\Program Files\Avira\AntiVir Desktop\aeheur.dll

MD5: 790089c290444a135daeae08c3b7fa24 C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll

MD5: f88786d93f21d95623f6a7c3eb09031d C:\Program Files\Avira\AntiVir Desktop\aepack.dll

MD5: a0d0d6e981ccbd7f80f31531af0f26c0 C:\Program Files\Avira\AntiVir Desktop\aerdl.dll

MD5: ea8d2dcbadb11928df166a5683d7b524 C:\Program Files\Avira\AntiVir Desktop\aesbx.dll

MD5: 864e4cec9f60c25a8a93ad3784da2e64 C:\Program Files\Avira\AntiVir Desktop\aescn.dll

MD5: a99cdae73fd41da37309a79934b2bd95 C:\Program Files\Avira\AntiVir Desktop\aescript.dll

MD5: 100caaf3542fb51feca9c09db1cb940d C:\Program Files\Avira\AntiVir Desktop\aevdf.dll

MD5: ddf0d660e994d0bb912f37dca7afe8f7 C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll

MD5: dc4075c135ef78f6bc8674bb4c87e0b5 C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL

MD5: c983e62b6fb74457d173ba93f66f6068 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

MD5: f5b4c2f35a9d78eabf83978217c421a2 C:\Program Files\Avira\AntiVir Desktop\avguard.exe

MD5: 92ea86876dfde3b9f6b4b6443c8b11fb C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL

MD5: bf1e084c7907b6ed52c26f847e3b725b c:\program files\avira\antivir desktop\ccgen.dll

MD5: f05a5753c308425749b37acd39a5f760 c:\program files\avira\antivir desktop\ccgenrc.dll

MD5: e65e277c50bd5967b5e92c7744dba7bc c:\program files\avira\antivir desktop\ccguard.dll

MD5: 54ceee9d7aa46f3311d247bf57bbee36 c:\program files\avira\antivir desktop\cclic.dll

MD5: 400ab97179f05ba68b755d8971f262f2 c:\program files\avira\antivir desktop\ccmsg.dll

MD5: 7d541c5e5cdfb46d68ac60012c5d7acd c:\program files\avira\antivir desktop\ccupdate.dll

MD5: a93a23d1d8922fe1e625d9884c275ff5 c:\program files\avira\antivir desktop\ccupdrc.dll

MD5: 47766f6b79a25af04ed3f6f2b02aa4cb C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll

MD5: 92d9eb35797530fedc07b1d75533f68e C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll

MD5: 7464c6694036b42ba237eb723a34d0f4 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll

MD5: b4837fe56d76b2e9ea90e5365cf6a2be C:\Program Files\Avira\AntiVir Desktop\sched.exe

MD5: 13a86ff71b5e57da8c9a6e2316ce1eaa C:\Program Files\Avira\AntiVir Desktop\schedr.dll

MD5: 902c61f27c86b4a0c0bff31f154ddbeb C:\Program Files\Avira\AntiVir Desktop\shlext.dll

MD5: 5f2917842d9fbb4cb11f76b0c00a1f5b C:\Program Files\Bonjour\mdnsNSP.dll

MD5: 673cf4f6bb1fbe09331b526802fbb892 C:\Program Files\Bonjour\mDNSResponder.exe

MD5: 107d247082c7fff0d457e6300456dd3e C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll

MD5: e581146b4e24601d3b3c60e960de4e3b C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

MD5: 1919d9624f2fd2409e80ab2348ec83fd C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

MD5: 70d7be78061126dd0c3accdb7e129017 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

MD5: 51f56206cd868f367b30cff21238dcf9 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

MD5: f6c66188def298e2c3827af6fb2c0637 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll

MD5: 3c03db6f66c9792c9b6e30473e847ca2 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll

MD5: 41857da3ea7a2568e1aae8fedc8d8939 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll

MD5: c7c30b24c8c57078654ba9574ce70e3d C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll

MD5: 1bac818025403333c11817dafbcee283 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll

MD5: 5fce5b36991dbaa99da9e9c62d8e60ac C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll

MD5: ebcde8b48fadc6479d96a56d0a432160 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

MD5: ab2b1de1c8f31efce2384b14b3dc4260 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

MD5: 900a9d261859ec999c9c7243410c3203 C:\Program Files\Common Files\Roxio Shared\DLLShared\homeutils9.dll

MD5: 743e556a998074ed7eeb99ca495b2e5d C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll

MD5: 3c84fca13c4eb607478a45f2d7e16db3 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll

MD5: 51778fd315c9882f1cbd932743e62a72 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

MD5: d9a0ce26ada5bd15b1b03a752ddf14a6 C:\Program Files\Coupons.com\tbCoup.dll

MD5: 1a4f60ef6da38621f1091b0cb0fa2c09 C:\Program Files\Dell\BAE\BAE.dll

MD5: 245f62a2aa67f4a61f10174bf1017327 C:\Program Files\DellSupport\brkrsvc.exe

MD5: 413f2d5f9d802688242c23b38f767ecb C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

MD5: 67cd76601ec20c560f00931fe51c652a C:\Program Files\Dimdim\Plugin\Application\npDimDimControl.dll

MD5: 5c0017440391f8de44094e70a611d2cb C:\Program Files\File Helper\1.2.0.1\FileHelper.exe

MD5: 69404dcc89ddd6236e057430583edac7 C:\Program Files\FileSquasher\FileSquasher.dll

MD5: 82e121e24cdec5f8bf6da931e56fdb5f C:\Program Files\FileZilla FTP Client\fzshellext.dll

MD5: 28dfb457a392e782baa80e780552a8f7 C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

MD5: 432226e3e9c09a73f389a65dec49bb2f C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

MD5: cd403892f553586c70ff1e1a8de294bd c:\program files\google\google toolbar\googletoolbar_32.dll

MD5: f13572d2a69ee7686c8bf69a3198b0b1 C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\gtn.dll

MD5: 2b6d566b536e695d9f40f5c19ae758b6 C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

MD5: a5f28c8e37b3d4f310f1b52f4db4b47f C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe

MD5: 070d588ceeb2f486a949a9b0895fc7b7 C:\Program Files\Google\Update\1.3.21.57\goopdate.dll

MD5: b226054bfa3d3a1920f7b95e54f3e87d C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

MD5: ce0fcec4d4d860f36d972759b11eaf0f c:\program files\hp\digital imaging\bin\hpqcxs08.dll

MD5: 159fac880722b49645e056a558b03e26 c:\program files\hp\digital imaging\bin\hpqddcmn.dll

MD5: 7da3211ac63edd90b8eca1ca1abfd43b c:\program files\hp\digital imaging\bin\hpqddsvc.dll

MD5: 14229263aa19c704e0d6d2e7404a8455 c:\program files\hp\digital imaging\bin\hpslpsvc32.dll

MD5: d389c7bd09a403857465509d20aa6e3c C:\Program Files\HP\Digital Imaging\Smart Web Printing\ClipBookDBComponent.dll

MD5: c285b5064f4fccc95e0354345681d906 C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

MD5: a24bb1432cd4f6e202dbb5428ea97a0d C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

MD5: b33ffec7dc55d0445897433c82ceef29 C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll

MD5: b8e4d2756905157f0d034e1355c42d10 C:\Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll

MD5: 6614a034bb3286ffbcf964267c14e93c C:\Program Files\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll

MD5: 6589c90ffc8eb543586a3099d09261f4 C:\Program Files\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll

MD5: 4d11cc63a775093112c14c4a7178366a C:\Program Files\Internet Explorer\ieproxy.dll

MD5: 03fc3a444eb934f85e963ead57d79f99 C:\Program Files\Internet Explorer\IEShims.dll

MD5: 9f52fbe99c749e3f32c75124f09f1b03 C:\Program Files\Internet Explorer\iexplore.exe

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: 32cdedd15e2d1a557cd54552ae78ff86 C:\Program Files\iPod\bin\iPodService.exe

MD5: 9a9c661b8e3c3302376d8303ee85e3b0 C:\Program Files\iTunes\iTunesMiniPlayer.dll

MD5: a8ba96a05c3cb16eda8b93caf710b780 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll

MD5: 3eef31cff3e5572979ed8a1b55a07ead C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll

MD5: 7559e4fda009669309e599474d852527 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

MD5: 67e74163c6178aa696e2b4a726770a02 C:\Program Files\Java\jre6\bin\jp2ssv.dll

MD5: ea8fcf30d2961369435c84ce3b3063f1 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

MD5: 3c4ef6babb0baad08903ee6e2b65e6d6 C:\Program Files\jZip\jZipShell.dll

MD5: e206e5fbfd7a0031b56e5bd975edae0b C:\Program Files\jZip\WebmailPlugin.dll

MD5: c5d16bdcd6de6793ce8cb8676e3c2176 C:\Program Files\Kodak\KODAK Share Button App\Listener.exe

MD5: 3ae6dd25185658394b70d3a2c8d6ac4e C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll

MD5: fdea00d7b13211fec24e411fda43d9ba C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

MD5: 8a2557f1def1ed2792315c5523afd575 C:\Program Files\LogMeIn\x86\LogMeIn.dll

MD5: 7d7fc26cf8979325ec2e437fb1ba9039 C:\Program Files\LogMeIn\x86\LogMeInSystray.dll

MD5: e67977626735c9033aa6eb264329ce98 C:\Program Files\LogMeIn\x86\ramaint.exe

MD5: b306e4f32697f22c8ccce79a9ff06806 C:\Program Files\LogMeIn\x86\rntfywnd.dll

MD5: 0b85e5d913d862e57abb4f9721b14d74 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

MD5: 1365bb2a78db638870337422b54ddbac C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

MD5: f06ca6475b7a538db9dc3f7b896b97e4 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

MD5: 84271ba3b94323704f00730b7e6caeef C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll

MD5: ec60491a5ff57700f10fe0403f7dcad4 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

MD5: 3a1c7eca862568d7271a6f032a097f0e C:\Program Files\Micro Niche Finder\bggoogle.exe

MD5: f086b948ef39444c674c560787344487 C:\Program Files\Micro Niche Finder\MSVCR71.dll

MD5: 4635935fc972c582632bf45c26bfcb0e C:\Program Files\Micro Niche Finder\srvany.exe

MD5: 074bd3b7cd21ea7e0013d62caee4dacf C:\Program Files\Micro Niche Finder\VFP9R.DLL

MD5: 72cf503ed5085888009577aada63f6a3 C:\Program Files\Micro Niche Finder\VFP9RENU.dll

MD5: 493e320044c616cb184b8cfcf923bb1c C:\Program Files\Microsoft LifeChat\LifeChat.exe

MD5: 11da24e40264b9fcb14b8477e25ed09a C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL

MD5: c3e42cbf8215171a524d123a54ae3233 c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

MD5: c06ea83f6fc2959e897c117255b6b1d5 c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe

MD5: b2ec3e1deac5f0a764bd3486d213a0af C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

MD5: d2f4f32b59440011174b4f8137af4e0c C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

MD5: ea4a161b432ca2204a281293eb866cc3 c:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll

MD5: e111ced19d6a9ff9bba5c219d0c5a3ce c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll

MD5: 0398080b5ac3a16f2d314b6cc75060ad c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll

MD5: 7e7bc43fdfdde4ca95be1513a9bdcd02 C:\Program Files\Mozilla Firefox\components\browsercomps.dll

MD5: e83508d9a0f0d0d8449317dc6a4c5e02 C:\Program Files\Mozilla Firefox\firefox.exe

MD5: 95b99d7c415449faeae642255f9f5a86 C:\Program Files\Mozilla Firefox\freebl3.dll

MD5: 9d9fdca1ea28ede048e99b99b7e0ef5d C:\Program Files\Mozilla Firefox\mozalloc.dll

MD5: 636d2f44e0724fadc4f711e5225615ae C:\Program Files\Mozilla Firefox\MOZCPP19.dll

MD5: abf1c2a7cf3b43e2d481c14019dfa41e C:\Program Files\Mozilla Firefox\MOZCRT19.dll

MD5: 5d7ffcc9deb5bb08417ceae51d2afed4 C:\Program Files\Mozilla Firefox\mozjs.dll

MD5: fb1d53fd3be9ba1ca856b46302896e8e C:\Program Files\Mozilla Firefox\mozsqlite3.dll

MD5: 64027d23eed51e74f695470622b7ba46 C:\Program Files\Mozilla Firefox\nspr4.dll

MD5: 10eb50bef8b826c10534b7540e67feac C:\Program Files\Mozilla Firefox\nss3.dll

MD5: 8b2f57de183b741f3ba3b0d0320a4c67 C:\Program Files\Mozilla Firefox\nssckbi.dll

MD5: a4964c95a9ceeb1f101a697e9e79c356 C:\Program Files\Mozilla Firefox\nssdbm3.dll

MD5: 2e60538b761ba2cb8b34c9833b3ea00e C:\Program Files\Mozilla Firefox\nssutil3.dll

MD5: 37a4f08d9c3553da583ca7ced1fddfe9 C:\Program Files\Mozilla Firefox\plc4.dll

MD5: 45ffabca094e6ed6e6214530a7ef9746 C:\Program Files\Mozilla Firefox\plds4.dll

MD5: 3b2cc09944488db5ed5dfdc315c9ab57 C:\Program Files\Mozilla Firefox\plugin-container.exe

MD5: 5dcd085ad9edd8b0bd097e3d5748b532 C:\Program Files\Mozilla Firefox\plugins\LMIProxyHelper.exe

MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

MD5: 44cd19d98995cb3056f406113b175820 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

MD5: 9a6101f29e2e9d41b99cbcc8f106e8fe C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

MD5: e55be7a502b3a78f32ba3a208f6874b7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

MD5: acd6480ab0f33851630f7783660b4ebb C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll

MD5: 5914d0dcea6471f6c4be69a8a941a37d C:\Program Files\Mozilla Firefox\plugins\ractrlkeyhook.dll

MD5: e1102cedf0c818984c2aca2a666d4c5f C:\Program Files\Mozilla Firefox\plugins\unicows.dll

MD5: 29fe789054c24b4b87c9171435261ec5 C:\Program Files\Mozilla Firefox\smime3.dll

MD5: da3635c5f94f638eba72ea767348ce29 C:\Program Files\Mozilla Firefox\softokn3.dll

MD5: dc555cc963f13626672d6f4b4883a557 C:\Program Files\Mozilla Firefox\ssl3.dll

MD5: 007236381f7a2a0e20a2813f8b3c5bf7 C:\Program Files\Mozilla Firefox\xpcom.dll

MD5: 56b4b5181549f6e07672a498d3046674 C:\Program Files\Mozilla Firefox\xul.dll

MD5: 2d55c8aa289f2d6ec3d7722dc89ce625 C:\Program Files\PowerISO\PWRISOSH.DLL

MD5: 7c89ad4aed037f7ab24fdc96242877cf C:\Program Files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_32.dll

MD5: 853f3a20d30a6465d555b9f0de1d7327 C:\Program Files\Siber Systems\AI RoboForm\roboform.dll

MD5: ad4a9bb85d997101d901c3a2b544f53d C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

MD5: 9f8326be85045dcacfff992d289312d7 C:\Program Files\Skyhook Wireless\Loki ActiveX Component\versions\3.1.0.05\loki.dll

MD5: b976c3cadd6e97436cb28bf9e1c75e85 C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

MD5: 50f97e500548de3125af531070750c69 C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll

MD5: 5248e02efbcb64d328647cd00e384b85 C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

MD5: ef39aceb466a7b7bad047b4ec0347b8a c:\program files\stardock\fences\DesktopDock.dll

MD5: 134b24ce18d93e4499c3404dadc2affb C:\Program Files\Stardock\Fences\FencesMenu.dll

MD5: 83829dbc347d8262409147f1489eb71c c:\program files\windows defender\MpClient.dll

MD5: 4158fbebdfc5f8e577d7191d78eb4d7a C:\Program Files\Windows Defender\MpOav.dll

MD5: 0eebcbcfe7dd5378bac3ec1eec046a5f c:\program files\windows defender\mprtplug.dll

MD5: 0d5ad0e71ff5ddac5dd2f443b499abd0 c:\program files\windows defender\mpsvc.dll

MD5: 4aeed1fbb53f915cbe30671793776a80 C:\Program Files\Windows Media Player\wmpband.dll

MD5: acb2e63d50157e3ea7140f29d9e76a48 C:\Program Files\Windows Media Player\wmpnetwk.exe

MD5: 20ef9002cff89c4c1077e4415ec7297b C:\Program Files\Windows Media Player\wmpnscfg.exe

MD5: 71e979899a9ffddb0d1d80153192db86 C:\Program Files\Windows Media Player\wmpnssci.dll

MD5: fea8442082a47633272d409c376836c1 C:\Program Files\Xobni\XobniService.exe

MD5: 76512d6e61849c472e61038ffe7124ae C:\ProgramData\Dimdim\Updater\next.exe

MD5: 9adc528c580c5717b2616315b3eae83b C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{62ADEBFD-D378-4D64-A96E-A43C2FBF1028}\mpengine.dll

MD5: 0bb95cba0d71acebe9d51c68c40bf080 C:\Users\OmniSource\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll

MD5: 1be4d00995fdd31b5b65e5d1cf0c5fe9 C:\Users\OmniSource\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

MD5: 34c084b321ea0308c58eed1cf6b5fb02 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\engine@conduit.com\components\RadioWMPCore.dll

MD5: a2d7de5d57bb3bbbe9af175caaac5c32 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe

MD5: 467047b30d07ae3c6cb7dba0615f17f0 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardianDll.dll

MD5: 7663dfe012280cc7b31aeb3e4608bd08 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardianEvt.dll

MD5: 96b568f3551a5cc4cc6fe4ac4fc8733e C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll

MD5: a2c1855c23f722db2765612696bcc7c1 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\LogMeInClient@logmein.com\plugins\ractrlkeyhook.dll

MD5: 3abd800a494fbffb6b4eec620a4f4f50 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

MD5: a5277f5ce69f855c125ba70276382876 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll

MD5: ec1ffe9a32613780e7184dfddda1ca9e C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff4.dll

MD5: 34c084b321ea0308c58eed1cf6b5fb02 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCore.dll

MD5: abc4e39cd3cfbf8ab2617d48a08a1480 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\imtcp_xpcom.dll

MD5: 34c084b321ea0308c58eed1cf6b5fb02 C:\Users\OmniSource\AppData\Roaming\Mozilla\Firefox\Profiles\73c0y5ku.default\extensions\{c59f6d2e-9e08-4757-94fb-b89d9e71a420}\components\RadioWMPCore.dll

MD5: cd5b686271e56f81e865b86cc55fa649 C:\Windows\AppPatch\AcSpecfc.DLL

MD5: 50ccad4e15a92dac210b61816ef5da60 C:\Windows\assembly\GAC_32\Utilities\1.9.5.12910__6298d2d1fcfb5d85\Utilities.dll

MD5: 09841a0302bbbd24b95bb3f8b34a73e7 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll

MD5: 95ea8f63f63e39c2f9d94cc7a96053bd C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ae77b2b91367f11d340cf3bf2428af59\System.ServiceProcess.ni.dll

MD5: e5bf83c6f9d1412c8fd2ca27d9e6c335 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll

MD5: fbdb72dd5eedb1d4a308716b68911e77 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll

MD5: 3f4413dcd8d3bbabf08f68f25e6d60e1 C:\Windows\Downloaded Program Files\isusweb.dll

MD5: 63dd94f93549d96d5675f6e9cd3f3b24 C:\Windows\Downloaded Program Files\JuniperExt.exe

MD5: 8c62b5144e8f5b67018cbc441f6b8a8b C:\Windows\Downloaded Program Files\JuniperSetupClient.ocx

MD5: 398df5b07990ec0ba0e102f0a90f8a52 C:\Windows\Downloaded Program Files\qboax10.dll

MD5: 23dc75d158d484177ffe99e23264f89f C:\Windows\Downloaded Program Files\qsax.dll

MD5: 693e4c15cee5d6487d7913a2701b5e40 C:\Windows\ehome\ehmsas.exe

MD5: 8ea277bda2730c9b34add67cdd593d64 C:\Windows\ehome\ehRecvr.exe

MD5: 2e0953919779a44bf9dfb7b07c58535a C:\Windows\ehome\ehtray.exe

MD5: 82eb124c0e22b8b4b801fff7854ace90 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

MD5: f282d4edd85d53e20d902cc92190c5f5 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: b503285b5d1cac5ae445d60c690dcff9 C:\Windows\RtHDVCpl.exe

MD5: 34e388a395fedba1d0511ed39bbf4074 C:\Windows\servicing\TrustedInstaller.exe

MD5: a9cb04fabbb885c98ec3620e0540ed47 C:\Windows\System32\ACTIVEDS.dll

MD5: 7812ed1e5f39f057c725ed9efae19529 C:\Windows\system32\ACTXPRXY.DLL

MD5: 07154b27860b999cc70eb6f7a1528794 C:\Windows\system32\Adobe\Director\np32dsw.dll

MD5: f100ee264165cac6a784a313d47a2819 C:\Windows\System32\AdobePDF.dll

MD5: b86be8e7d6709018c73e4b5e1c070f65 C:\Windows\System32\adsldpc.dll

MD5: 9178b1c1c55dad01bd65a162a39ae6c3 C:\Windows\system32\ADVAPI32.dll

MD5: 330a1e4df07c2e29949ed8631cd8828e C:\Windows\System32\AERTSrv.exe

MD5: e69fb0e3112c40fdc0ef7d21a52dc951 C:\Windows\System32\alg.exe

MD5: 75edbaaca7d5f2b3b165b8dab3e1542e C:\Windows\system32\apphelp.dll

MD5: cfa455816879f06f1c4e5bbf9e8aef7d c:\windows\system32\appinfo.dll

MD5: 79af9e0350c87c26c6e6d2253ad69572 C:\Windows\system32\asycfilt.dll

MD5: 273c8f1b99ac38525a74077f704f218f C:\Windows\system32\ATL71.DLL

MD5: 03f14f32fa71f9da9fa60cc0000eacd4 C:\Windows\System32\audioeng.dll

MD5: 663c2340c3061a99d1c58f8094f66cec C:\Windows\System32\audioses.dll

MD5: e760fc1bd68f7f6f1b17eb4e8d9480b0 c:\windows\system32\audiosrv.dll

MD5: 501956fa7ff3e5277beb396e4f5c6f23 C:\Windows\system32\authui.dll

MD5: f3aa50fabe35385a7a1613e75b95565d C:\Windows\system32\AUTHZ.dll

MD5: b3ff96d8591ff8608bb53214ff0a8b49 C:\Windows\system32\AVRT.dll

MD5: 8cd98a8ec9cadaf4e051cdcac15c96c4 C:\Windows\system32\basesrv.dll

MD5: 1c90e67a15d7b35909af8a808a1eccff C:\Windows\system32\BCRYPT.dll

MD5: 96b73cc64bd905ea6cc4e44384abd8c9 c:\windows\system32\bfe.dll

MD5: 670657722a32645d708e562e2ad818b1 C:\Windows\system32\bitsigd.dll

MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll

MD5: beb6470532b7461d7bb426e3facb424f C:\Windows\System32\browser.dll

MD5: ec4a360ba892320da05ba504ea7390bc C:\Windows\system32\BROWSEUI.dll

MD5: 267398f636881c34ee6e852308530c95 C:\Windows\system32\bthprops.cpl

MD5: 712ec0f1bfd0bbce6811ff870c4c03e5 C:\Windows\system32\Bubbles.scr

MD5: 54bf0dcec92854f8faec362ab2bc8600 C:\Windows\system32\Cabinet.dll

MD5: b08a1feeea9bb6475c03203dcf470691 C:\Windows\system32\certcli.dll

MD5: b1d4f4b30a7c4f32062c957ec3fbed8e C:\Windows\system32\certenroll.dll

MD5: 0600e04315fe543802a379d5d23c8be0 C:\Windows\System32\certprop.dll

MD5: 930349946ff183f06fc78351e11b7a9a C:\Windows\system32\CFGMGR32.dll

MD5: df43158d5e043553cac6bfe28f90e545 C:\Windows\system32\CLBCatQ.DLL

MD5: 1b84fd0937d3b99af9ba38ddff3daf54 C:\Windows\System32\CLFS.sys

MD5: 9fb0c935d2fc55ec1dc648d6a085e66c C:\Windows\system32\CLUSAPI.DLL

MD5: 349cd4318e6e351c9bb72ee13b7ca807 C:\Windows\system32\cmd.exe

MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll

MD5: 7f3415d246e2ae6e8cfd6a561016a91f C:\Windows\system32\comdlg32.dll

MD5: 92e4ad213bbca2895b836f913ef85478 C:\Windows\system32\comsvcs.dll

MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\Windows\System32\corpol.dll

MD5: 8c312de50b90f7c22349e6db1d9538e3 C:\Windows\system32\credssp.dll

MD5: 6a6e9935532f74a074bdd7c3d84a4376 C:\Windows\System32\credui.dll

MD5: 3233f31ff7046a5c54a312b6687c5376 C:\Windows\system32\CRYPT32.dll

MD5: 2079c0b313846b4564380dbedad00e5e C:\Windows\system32\cryptdll.dll

MD5: d351dfcaf085b4771580e3f256f8f6e0 C:\Windows\system32\cryptnet.dll

MD5: 1c26fb097170a2a91066d1e3a24366e3 c:\windows\system32\cryptsvc.dll

MD5: 7c206778460f2ed59e81474a197458a7 C:\Windows\system32\CRYPTUI.dll

MD5: d7787d202fb15b2ae6b08a1af57f91dd C:\Windows\system32\cscapi.dll

MD5: 2f8a776ff2087357ddeb9992e06eecaa C:\Windows\system32\CSRSRV.dll

MD5: 117b7c8a8b026a5dce5e3180ed05e823 C:\Windows\System32\csrss.exe

MD5: e72a22dcf0733ac06695acd2268f6eb3 C:\Windows\System32\d3d9.dll

MD5: 91b7835dd98543fb3443b95af18f8d53 C:\Windows\system32\D3DIM700.DLL

MD5: d306ea7436ac1587463a89be29b456fb C:\Windows\System32\davclnt.dll

MD5: aaa5518dee99d976a6fe6be691f64bd0 C:\Windows\system32\dbghelp.dll

MD5: 29ef7a2ee634dd701571e781de5e7e91 C:\Windows\system32\DDRAW.dll

MD5: e0d584aa76c7d845ba9f3a788260528f C:\Windows\system32\DFSR.exe

MD5: dc45739bc22d528d2b3e50d3f6761750 C:\Windows\system32\dhcpcsvc.DLL

MD5: b1143be81dd6ae13943b806261ce91a0 C:\Windows\system32\dhcpcsvc6.DLL

MD5: 4ddf005065b3a1e25c9a69801c306d1e C:\Windows\system32\dimsjob.dll

MD5: 1cf533790d3d883a7ab671040fb18a93 C:\Windows\system32\DNSAPI.dll

MD5: eecba1dd142bf8693c476be8f32fe253 c:\windows\system32\dnsrslvr.dll

MD5: be3d1e84378de1f4c448fd59541581e9 C:\Windows\System32\dot3svc.dll

MD5: 032c90ad677bf7b7a8013d6087c7a921 c:\windows\system32\dps.dll

MD5: 84fc6df81212d16be5c4f441682feccc C:\Windows\system32\drivers\acpi.sys

MD5: 15e655baa989444f56787ef558823643 C:\Windows\system32\DRIVERS\AegisP.sys

MD5: 5d24caf8efd924a875698ff28384db8b C:\Windows\system32\drivers\afd.sys

MD5: 8b10ce1c1f9f1d47e4deb1a547a00cd4 C:\Windows\system32\drivers\agp440.sys

MD5: e32a92e1574a467f7c762922f6162d76 C:\Windows\system32\drivers\aliide.sys

MD5: 848f27e5b27c1c253f6cefdc1a5d8f21 C:\Windows\system32\drivers\amdagp.sys

MD5: b52b576cb0099a62f87214f371031561 C:\Windows\system32\drivers\amdide.sys

MD5: e86cf7ce67d5de898f27ef884dc357d8 C:\Windows\system32\DRIVERS\asyncmac.sys

MD5: e03e8c99d15d0381e02743c36afc7c6f C:\Windows\system32\drivers\atapi.sys

MD5: 47b879406246ffdced59e18d331a0e7d C:\Windows\system32\DRIVERS\avgntflt.sys

MD5: 5fedef54757b34fb611b9ec8fb399364 C:\Windows\system32\DRIVERS\avipbb.sys

MD5: 913cd06fbe9105ce6077e90fd4418561 C:\Windows\system32\DRIVERS\bowser.sys

MD5: 6c3a437fc873c6f6a4fc620b6888cb86 C:\Windows\system32\DRIVERS\cdfs.sys

MD5: 8d1866e61af096ae8b582454f5e4d303 C:\Windows\system32\DRIVERS\cdrom.sys

MD5: c177dd90b5dc1dcaa96ccece752e6f0f C:\Windows\system32\drivers\cmdide.sys

MD5: 722936afb75a7f509662b69b5632f48a C:\Windows\system32\drivers\compbatt.sys

MD5: 699ef0fd9ae72b7f5ad756e382c73e0e C:\Windows\system32\DRIVERS\dfmirage.sys

MD5: a7179de59ae269ab70345527894ccd7c C:\Windows\System32\Drivers\dfsc.sys

MD5: 841af4c4d41d3e3b2f244e976b0f7963 C:\Windows\system32\drivers\disk.sys

MD5: d93fa484bb62fbe7e5ef335c5415d3cf C:\Windows\system32\DRIVERS\Dot4Prt.sys

MD5: 599742c4260fb3e8edb3be148b8ce856 C:\Windows\system32\DRIVERS\dot4usb.sys

MD5: ee472cd2c01f6f8e8aa1fa06ffef61b6 C:\Windows\system32\drivers\drmkaud.sys

MD5: dfeabb7cfffadea4a912ab95bdc3177a C:\Windows\system32\DRIVERS\dsunidrv.sys

MD5: b95202efd0464d226e7542c1e319c028 C:\Windows\System32\drivers\dxgkrnl.sys

MD5: 04944f4fc4f0477185f5d26ae0ddb90e C:\Windows\system32\DRIVERS\e1e6032.sys

MD5: 0efc7531b936ee57fdb4e837664c509f C:\Windows\System32\drivers\ecache.sys

MD5: 65773d6115c037ffd7ef8280ae85eb9d C:\Windows\system32\drivers\fileinfo.sys

MD5: c226dd0de060745f3e042f58dcf78402 C:\Windows\system32\drivers\filetrace.sys

MD5: a6a8da7ae4d53394ab22ac3ab6d3f5d3 C:\Windows\system32\drivers\fltmgr.sys

MD5: 0db613a7e427b5663563677796fd5258 C:\Windows\system32\DRIVERS\HDAudBus.sys

MD5: 3c64042b95e583b366ba4e5d2450235e C:\Windows\system32\DRIVERS\hidusb.sys

MD5: 6d2350bb6e77e800fc4be4e5b7a2e89a C:\Windows\system32\DRIVERS\HSX_CNXT.sys

MD5: 53229dcf431d76434816cd29251168a0 C:\Windows\system32\DRIVERS\HSX_DPV.sys

MD5: ed98350ecd4a5a9c9f1e641c09872bb2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys

MD5: 1c9ee072baa3abb460b91d7ee9152660 C:\Windows\system32\DRIVERS\i8042prt.sys

MD5: 997e8f5939f2d12cd9f2e6b395724c16 C:\Windows\system32\drivers\iastor.sys

MD5: bbace0293b73bf8c7cb591f2d06f26fa C:\Windows\system32\DRIVERS\igdkmd32.sys

MD5: 59b00efb24ead979becf413703bb1fac C:\Windows\system32\DRIVERS\intelide.sys

MD5: ce44cc04262f28216dd4341e9e36a16f C:\Windows\system32\DRIVERS\intelppm.sys

MD5: 880c6f86cc3f551b8fea2c11141268c0 C:\Windows\system32\DRIVERS\ipfltdrv.sys

MD5: 10077c35845101548037df04fd1a420b C:\Windows\system32\DRIVERS\ipnat.sys

MD5: a82f328f4792304184642d6d397bb1e3 C:\Windows\system32\drivers\irenum.sys

MD5: 2f8ece2699e7e2070545e9b0960a8ed2 C:\Windows\system32\drivers\isapnp.sys

MD5: b076b2ab806b3f696dab21375389101c C:\Windows\system32\DRIVERS\kbdclass.sys

MD5: ed61dbc6603f612b7338283edbacbc4b C:\Windows\system32\DRIVERS\kbdhid.sys

MD5: fd015b4f95daa2b712f0e372a116fbad C:\Windows\system32\DRIVERS\lltdio.sys

MD5: 42885bb44b6e065b8575a8dd6c430c52 C:\Windows\system32\drivers\luafv.sys

MD5: 1a7db7a00a4b0d8da24cd691a4547291 C:\Windows\system32\DRIVERS\LVPr2Mon.sys

MD5: 37072ec9299e825f4335cc554b6fac6a C:\Windows\system32\DRIVERS\lvrs.sys

MD5: c3d02260beb2b48dea1efdfca91e4b69 C:\Windows\system32\DRIVERS\lvuvc.sys

MD5: 3d2c13377763eeac0ca6fb46f57217ed C:\Windows\system32\drivers\mbam.sys

MD5: 21755967298a46fb6adfec9db6012211 C:\Windows\system32\drivers\modem.sys

MD5: 7446e104a5fe5987ca9e4983fbac4f97 C:\Windows\system32\DRIVERS\monitor.sys

MD5: 5fba13c1a1841b0885d316ed3589489d C:\Windows\system32\DRIVERS\mouclass.sys

MD5: b569b5c5d3bde545df3a6af512cccdba C:\Windows\system32\DRIVERS\mouhid.sys

MD5: 01f1e5a3e4877c931cbb31613fec16a6 C:\Windows\System32\drivers\mountmgr.sys

MD5: 6e7a7f0c1193ee5648443fe2d4b789ec C:\Windows\System32\drivers\mpsdrv.sys

MD5: 1d8828b98ee309d65e006f0829e280e5 C:\Windows\system32\drivers\mrxdav.sys

MD5: 2681302b63b318cbea6c82902ac5428c C:\Windows\system32\drivers\msahci.sys

MD5: 207df26dbb2537c20276da0e15892274 C:\Windows\system32\drivers\msisadrv.sys

MD5: 4dca456d4d5723f8fa9c6760d240b0df C:\Windows\system32\DRIVERS\msiscsi.sys

MD5: 892cedefa7e0ffe7be8da651b651d047 C:\Windows\system32\drivers\MSKSSRV.sys

MD5: ae2cb1da69b2676b4cee2a501af5871c C:\Windows\system32\drivers\MSPCLOCK.sys

MD5: f910da84fa90c44a3addb7cd874463fd C:\Windows\system32\drivers\MSPQM.sys

MD5: 7dbaa028f625aa46b95dda4fbe4b602b C:\Windows\system32\DRIVERS\mssmbios.sys

MD5: c826dd1373f38afd9ca46ec3c436a14e C:\Windows\system32\drivers\MSTEE.sys

MD5: fa7aa70050cf5e2d15de00941e5665e5 C:\Windows\System32\Drivers\mup.sys

MD5: 227c11e1e7cf6ef8afb2a238d209760c C:\Windows\system32\drivers\ndis.sys

MD5: 81659cdcbd0f9a9e07e6878ad8c78d3f C:\Windows\system32\DRIVERS\ndistapi.sys

MD5: 5de5ee546bf40838ebe0e01cb629df64 C:\Windows\system32\DRIVERS\ndisuio.sys

MD5: 397402adcbb8946223a1950101f6cd94 C:\Windows\system32\DRIVERS\ndiswan.sys

MD5: 356dbb9f98e8dc1028dd3092fceeb877 C:\Windows\system32\DRIVERS\netbios.sys

MD5: e3a168912e7eefc3bd3b814720d68b41 C:\Windows\System32\DRIVERS\netbt.sys

MD5: c64e8ef4c6322b09b6ee570a8ba41e26 C:\Windows\system32\DRIVERS\netr28u.sys

MD5: b488dfec274de1fc9d653870ef2587be C:\Windows\system32\drivers\nsiproxy.sys

MD5: 055081fd5076401c1ee1bcab08d81911 C:\Windows\system32\drivers\nv_agp.sys

MD5: 55526cd7b311236aab3f73434cbc651e C:\Windows\system32\DRIVERS\nvlddmkm.sys

MD5: 1d162e52fb691eb555a476b04b4bff3f C:\Windows\system32\DRIVERS\nwifi.sys

MD5: 2c8bae55247c4e09352e870292e4d1ab C:\Windows\system32\DRIVERS\pacer.sys

MD5: 84be786f33fdbd8765e05df3b7f5b9e6 C:\Windows\System32\drivers\partmgr.sys

MD5: bdd96f9cf34d58958aff1be6ef4c8020 C:\Windows\system32\drivers\pci.sys

MD5: b2fc76090ef1003463ccb07cabb35cff C:\Windows\system32\drivers\pciide.sys

MD5: d2b3e2b7426dc23e185fbc73c8936c12 C:\Windows\system32\drivers\qwavedrv.sys

MD5: bd7b30f55b3649506dd8b3d38f571d2a C:\Windows\System32\DRIVERS\rasacd.sys

MD5: 68b0019fee429ec49d29017af937e482 C:\Windows\system32\DRIVERS\rasl2tp.sys

MD5: ccf4e9c6cbbac81437f88cb2ae0b6c96 C:\Windows\system32\DRIVERS\raspppoe.sys

MD5: c04dec5ace67c5247b150c4223970bb7 C:\Windows\system32\DRIVERS\raspptp.sys

MD5: 54129c5d9581bbec8bd1ebd3ba813f47 C:\Windows\system32\DRIVERS\rdbss.sys

MD5: 794585276b5d7fca9f3fc15543f9f0b9 C:\Windows\System32\DRIVERS\RDPCDD.sys

MD5: 0245418224cfa77bf4b41c2fe0622258 C:\Windows\system32\drivers\rdpdr.sys

MD5: 980b56e2e273e19d3a9d72d5c420f008 C:\Windows\system32\drivers\rdpencdd.sys

MD5: 97e939d2128fec5d5a3e6e79b290a2f4 C:\Windows\system32\DRIVERS\rspndr.sys

MD5: f8f53c5449f15b23d4c61d51d2701da8 C:\Windows\system32\drivers\RTKVHDA.sys

MD5: 84734fa344b64c52424c93dc4d61a79a C:\Windows\system32\DRIVERS\RTL8192su.sys

MD5: 450accd77ec5cea720c1cdb9e26b953b C:\Windows\system32\drivers\sermouse.sys

MD5: 51cf56aa8bcc241f134b420b8f850406 C:\Windows\system32\drivers\sffdisk.sys

MD5: 96ded8b20c734ac41641ce275250e55d C:\Windows\system32\drivers\sffp_mmc.sys

MD5: 8b08cab1267b2c377883fc9e56981f90 C:\Windows\system32\drivers\sffp_sd.sys

MD5: 8f3f406f7212a929d22751218305a13a C:\Windows\system32\DRIVERS\silabenm.sys

MD5: 0c6876192fb8a1e26edbf4903b5c052c C:\Windows\system32\DRIVERS\silabser.sys

MD5: 08072b2fb92477fc813271a84b3a8698 C:\Windows\system32\drivers\sisagp.sys

MD5: 46baf398809a0f3b2d3300a1760e4b91 C:\Windows\system32\DRIVERS\smb.sys

MD5: 3b80b4383c9bce13279c8482734b32b2 C:\Windows\system32\DRIVERS\swenum.sys

MD5: 2c1f7005aa3b62721bfdb307bd5f5010 C:\Windows\System32\drivers\tcpip.sys

MD5: 5ce0c4a7b12d0067dad527d72b68c726 C:\Windows\System32\drivers\tcpipreg.sys

MD5: 964248aef49c31fa6a93201a73ffaf50 C:\Windows\system32\drivers\tdpipe.sys

MD5: 7d2c1ae1648a60fce4aa0f7982e419d3 C:\Windows\system32\drivers\tdtcp.sys

MD5: ab4fde8af4a0270a46a001c08cbce1c2 C:\Windows\system32\DRIVERS\tdx.sys

MD5: 849ed71967d45f15c3e0abfc633fdf2a C:\Windows\system32\DRIVERS\termdd.sys

MD5: 29f0eca726f0d51f7e048bdb0b372f29 C:\Windows\System32\DRIVERS\tssecsrv.sys

MD5: 6348da98707ceda8a0dfb05820e17732 C:\Windows\system32\DRIVERS\udfs.sys

MD5: 6d72ef05921abdf59fc45c7ebfe7e8dd C:\Windows\system32\drivers\uliagpkx.sys

MD5: 3fb78f1d1dd86d87bececd9dffa24dd9 C:\Windows\system32\DRIVERS\umbus.sys

MD5: 466e13539d9920c5ad84f3132acf9ef5 C:\Windows\System32\drivers\UMDF\WpdFs.dll

MD5: b0ba9caffe9b0555ec0317f30cb79cd2 C:\Windows\system32\DRIVERS\usbccgp.sys

MD5: c9fcd05b0a80ea08c2768e5a279b14de C:\Windows\system32\DRIVERS\usbehci.sys

MD5: 5e44f7d957f7560da06bfe6b84b58a35 C:\Windows\system32\DRIVERS\usbhub.sys

MD5: b1f95285c08ddfe00c0b955462637ec7 C:\Windows\system32\DRIVERS\usbscan.sys

MD5: 7887ce56934e7f104e98c975f47353c5 C:\Windows\system32\DRIVERS\USBSTOR.SYS

MD5: d864735b0bfcb65440960a0b7cc1a38d C:\Windows\system32\DRIVERS\usbuhci.sys

MD5: 0a6b81f01bc86399482e27e6fda7b33b C:\Windows\System32\Drivers\usbvideo.sys

MD5: 17a8f877314e4067f8c8172cc6d9101c C:\Windows\System32\drivers\vga.sys

MD5: d5929a28bdff4367a12caf06af901971 C:\Windows\system32\drivers\viaagp.sys

MD5: 689547ce911998d1e0da7a5992e025fc C:\Windows\system32\drivers\viaide.sys

MD5: fd16fac15f9f165ac19a618e7b391f5c C:\Windows\system32\drivers\volmgr.sys

MD5: 420c48e593b9520c2dee45d671f923e1 C:\Windows\System32\drivers\volmgrx.sys

MD5: 80dc0c9bcb579ed9815001a4d37cbfd5 C:\Windows\system32\drivers\volsnap.sys

MD5: 6798c1209a53b5a0ded8d437c45145ff C:\Windows\system32\DRIVERS\wanarp.sys

MD5: 17eac0d023a65fa9b02114cc2baacad5 C:\Windows\system32\drivers\wmiacpi.sys

MD5: 2d27171b16a577ef14c1273668753485 C:\Windows\system32\DRIVERS\wpdusb.sys

MD5: 84620aecdcfd2a7a14e6263927d8c0ed C:\Windows\system32\drivers\ws2ifsl.sys

MD5: a2aafcc8a204736296d937c7c545b53f C:\Windows\system32\DRIVERS\WUDFRd.sys

MD5: 28dc5d626e036a75a572556f0a6eb1f6 C:\Windows\System32\drivers\XAudio.exe

MD5: 5a7ff9a18ff6d7e0527fe3abf9204ef8 C:\Windows\system32\DRIVERS\xaudio.sys

MD5: 68ac082734363e6ba813e7eaa353db13 C:\Windows\system32\dsound.dll

MD5: ce9d2b921137e648ab0fa9b9940a3ad3 C:\Windows\system32\dssenh.dll

MD5: 3cc7841f318c99819be3a9736c9a7ba1 C:\Windows\system32\DUser.dll

MD5: e87b968f3d49117445893eb0503fe34f C:\Windows\System32\dwm.exe

MD5: 5c8d22f3e0b49216c9d2e71bdf202218 C:\Windows\system32\dwmapi.dll

MD5: 8ab84cd4df5591d7e59667bf90943372 C:\Windows\system32\dwmredir.dll

MD5: 127ee5a4320bedabca55e580736fc419 C:\Windows\system32\DXVA2.DLL

MD5: fc34ca580010dabfec1ea854ba94aa01 c:\windows\system32\eappcfg.dll

MD5: f99ad9dc3b8ca26c211d92c030787a5c C:\Windows\system32\eapphost.dll

MD5: f9fecfeedcc32e55093fc9f3f5a09739 c:\windows\system32\eappprxy.dll

MD5: 90a0a875642e18618010645311b4e89e c:\windows\system32\eapsvc.dll

MD5: 3226fda08988526e819e364e8cce4cee c:\windows\system32\emdmgmt.dll

MD5: eb6f35234ad9d628184b6afad129b23a C:\Windows\system32\en-us\tQuery.dll.mui

MD5: 7b4971c3d43525175a4ea0d143e0412e C:\Windows\System32\ES.DLL

MD5: 1692212e48cfa7e3b4647ecce6308b46 c:\windows\system32\ESENT.dll

MD5: 56369fec5ce6699c191a4b65af575108 C:\Windows\system32\EVR.dll

MD5: d517acaf8252713960aa0e0bb41614d1 C:\Windows\system32\ExplorerFrame.dll

MD5: aea13cdeb45b92235b07b36db22ee09f C:\Windows\system32\faultrep.dll

MD5: e43bce1a77d6fd4ed5f8e0482b9e7df1 C:\Windows\system32\fdPHost.dll

MD5: 47d3305c6986ec21a25b023779881015 C:\Windows\system32\FeClient.dll

MD5: 5ed6bb7cb8726bb1e5ee479fb9e61a18 c:\windows\system32\FirewallAPI.dll

MD5: a9542ff2e9a82cf100e5729ec79068f0 C:\Windows\system32\FLTLIB.DLL

MD5: 0e99592e68dd44610b473b7a024fa32d C:\Windows\system32\FunDisc.dll

MD5: 8b6ce5b87ba3a6a61cfb927428d2c498 C:\Windows\system32\fwpuclnt.dll

MD5: a5d1de63b11448213bf34e14fea6f117 c:\windows\system32\FwRemoteSvr.DLL

MD5: 71a0dc633d1d76744441efd4b7fb230f C:\Windows\system32\GDI32.dll

MD5: 0dfc9ea99681bf966f794af7c39495f2 C:\Windows\system32\GPAPI.dll

MD5: bcf6589c42d8f6a20f33ef133ffe0524 c:\windows\system32\gpsvc.dll

MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp

MD5: 312ba286eb3be9eae82da427ed2c0284 C:\Windows\System32\hnetcfg.dll

MD5: 50f69b362fa8c08e7d447842dbedad99 C:\Windows\System32\HotStartUserAgent.dll

MD5: 0a0c8331e26f1ec7741cce6a91e9167d C:\Windows\System32\hpf3l082.dll

MD5: 986f5143b56b8e4889cac91ea81583dd C:\Windows\system32\hpwwiax5.dll

MD5: 2969d26eee289be7422aa46fc55f4e38 C:\Windows\system32\HPZinw12.dll

MD5: bafc9706bdf425a02b66468ab2605c59 C:\Windows\system32\HPZipm12.dll

MD5: 261612679999991eecaeef98ace2856c c:\windows\system32\HTTPAPI.dll

MD5: 04a677ae406ef88e4afe0fc0ee3f2908 c:\windows\system32\ICAAPI.dll

MD5: 099a616ed6645394b87440e64842c5bc C:\Windows\system32\icm32.dll

MD5: dca3fa9f9dd103dc39c24c85ef073db1 C:\Windows\system32\ICMP.DLL

MD5: f87eed552081bbbfcf721a689c8c87cb C:\Windows\system32\iepeers.dll

MD5: 8e968aafb813afbb1354619a008702ce C:\Windows\system32\IEUI.dll

MD5: 2309320e453a7004b65c4d4075c1e7d6 C:\Windows\system32\igfxdev.dll

MD5: 4456e314e60177b03e5cbe64cd6a337e c:\windows\system32\ikeext.dll

MD5: 5d53724e96f6b907355e616ffe08eb83 C:\Windows\system32\imagehlp.dll

MD5: 6e30d310bc7d1684b1ce7407f9a1638d C:\Windows\system32\imapi2.dll

MD5: ee12864398f1c3bf5bee91f6af9842e1 C:\Windows\system32\IMM32.DLL

MD5: d352372b597befe442af4aeffbbf001b C:\Windows\system32\inetmib1.dll

MD5: 0f0c15a3d8f98a9cae53235cdfa9a695 C:\Windows\System32\inetpp.dll

MD5: 88cf5281ed9880d74dc9011cf8b5262d C:\Windows\system32\ipbusenum.dll

MD5: 3b7336fc377803d3bda3139df1343b2d C:\Windows\system32\IPHLPAPI.DLL

MD5: ecc9ad72cfc4ab41cf6a9bcc11f9fef6 C:\Windows\System32\iphlpsvc.dll

MD5: 9a82bf4c90b00a63150a606a1e2fd82b C:\Windows\System32\ipnathlp.dll

MD5: 5ebdec613bd377ce9a85382be5c6b83b c:\windows\system32\ipsecsvc.dll

MD5: 8acf956d9154e893e789881430c12632 C:\Windows\system32\iscsiexe.dll

MD5: ac8371be69bb6afe86f3407d8a569fa2 C:\Windows\system32\jsproxy.dll

MD5: f4afbeb2bd4972f57c53cb8d54561c4e C:\Windows\system32\kerberos.dll

MD5: bb792054bd990ec05d9e260d50fead39 C:\Windows\system32\kernel32.dll

MD5: 74c2f29cc612b2b34231bebd824d2fb2 C:\Windows\system32\keyiso.dll

MD5: e051555f2157272cdec7eae174692770 C:\Windows\system32\kmddsp.tsp

MD5: d40aa05e29bf6ed29b139f044b461e9b C:\Windows\system32\kmsvc.dll

MD5: 38d84e4d1f7514b883d2858c54e81441 c:\windows\system32\ktmw32.dll

MD5: 2fa7ef1006dc44cb3c86e727d432d827 c:\windows\system32\l2gpstore.dll

MD5: 7391c09a8f9d9033d03c2f5921be02b4 C:\Windows\system32\libeay32.dll

MD5: 157b45a254cda1e1311c07c981ab2203 C:\Windows\system32\libssl32.dll

MD5: 7450dbcf754391dd6363fffd5ef0e789 C:\Windows\System32\lltdsvc.dll

MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll

MD5: afd7c3bedac3e4ce0ea34d83bfabc2d1 C:\Windows\System32\LMIport.dll

MD5: 7c322e5360a3698df40b21bea6a0f760 C:\Windows\system32\LMIRfsClientNP.dll

MD5: e37137cb0031440061eb3bf14ec6ac74 C:\Windows\System32\localspl.dll

MD5: 7be32e67440bb5b2205c5402a2fbde25 C:\Windows\system32\LPK.DLL

MD5: 67fefd286869a5ec50257ac62dcba2b7 C:\Windows\system32\LSASRV.dll

MD5: c731b1fe449d4e9cea358c9d55b69be9 C:\Windows\System32\lsass.exe

MD5: 77f52395637906269b91264ffe576b51 C:\Windows\System32\lsm.exe

MD5: 678f50cbc5537150cfdcca7944130b6d C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe

MD5: 4b381e429a2982dde8c0aeaae75a65e9 C:\Windows\system32\Macromed\Flash\NPSWF32.dll

MD5: bf8426a8e3f3856389e26e94a8f1b588 C:\Windows\system32\Mcx2Svc.dll

MD5: cb7bce033ea4262a875e7dbc329025ec C:\Windows\system32\MF.dll

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Windows\system32\MFC71.DLL

MD5: 3283de6f4b572ce2e1710f336489aa28 C:\Windows\system32\mfplat.dll

MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll

MD5: 848e745a842f903fd521db585ab00d97 C:\Windows\system32\midimap.dll

MD5: 77958e07e2a98c7db5f98c04de3440b6 C:\Windows\system32\milcore.dll

MD5: c53ca84bf1c9e20aa1b0a8d7d5e28426 C:\Windows\system32\MLANG.dll

MD5: 9dfa3a459af0954aa85b4f7622ad87bb c:\windows\system32\mmcss.dll

MD5: b55a6bea7ea9087dc72485d5e028ebcb C:\Windows\system32\MMDevAPI.DLL

MD5: 60c518cc84c7d9887860aaf99c32566d C:\Windows\system32\modemui.dll

MD5: 75aeb9ba69d36aff80011b74f27912af C:\Windows\system32\MPR.dll

MD5: 2600a4854b435d3c15a28369ccd0b1f3 C:\Windows\System32\MPRAPI.dll

MD5: 6c1a43c589ee8011a1ebfd51c01b77ce C:\Windows\System32\mprdim.dll

MD5: 563ed845885c6a7c09a7715d8bd0585c c:\windows\system32\mpssvc.dll

MD5: 02ba9c898969ca850c84ddf867378c27 C:\Windows\system32\MSACM32.dll

MD5: 49f6bf22fa9dad48e5e6964b1775eebf C:\Windows\system32\msacm32.drv

MD5: 6cfca2a5b71c1cb908049dbc6bf6c6d1 C:\Windows\system32\mscms.dll

MD5: 1bb128a09911a936e8efc30c3f6c597c C:\Windows\system32\MSCONFIG.exe

MD5: f352e76e220eb21a0c29734b66048dde C:\Windows\system32\MSCTF.dll

MD5: 0f04702c1599e632eb9c6e5aa7352f77 C:\Windows\system32\MsCtfMonitor.dll

MD5: bc64a92d821efea8bab8e8caf1b668bc C:\Windows\System32\msdtc.exe

MD5: 45c537fe5dde9a0146aeff76e615737d c:\windows\system32\msdtckrm.dll

MD5: 1d63cdf43e5a16e44a4d8bf4ff479783 C:\Windows\system32\msfeeds.dll

MD5: 8d9813566860d6b18a79dca2aa520b6c C:\Windows\system32\msfeedssync.exe

MD5: 8d5fb97ae3d30ccdd8c9d8af447c7d09 C:\Windows\system32\mshtml.dll

MD5: a68164a7bd62adee8abdb3b88561e2c9 C:\Windows\system32\msi.dll

MD5: a5aad78a599fdd93d87745439ff37da9 C:\Windows\system32\Msidle.dll

MD5: b038d40785fa669bd8c3e0252909b4c2 C:\Windows\system32\msiexec.exe

MD5: b3a75c58eceee466cfb5a53a229de353 C:\Windows\system32\msimtf.dll

MD5: eb7c2eda87e0f1bdbd25fa22b0b9574e c:\windows\system32\mspatcha.dll

MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll

MD5: 9b4a8b14bfe0588ac73d238f3daeb13e C:\Windows\system32\msscb.dll

MD5: b9d6f987566f13e99e10ae0e0c680a2b C:\Windows\System32\msshsq.dll

MD5: 8e4bb3a80000d4612441cc55f1c1348e C:\Windows\system32\mssph.dll

MD5: 0a11439975160b11e6af7a4a3e50cdfd C:\Windows\system32\mssprxy.dll

MD5: 9debf50fbe47c24e19c78bd5ebc7d970 C:\Windows\system32\mssrch.dll

MD5: 860ff6aaaed22428a6e86fc5244cb038 C:\Windows\system32\msstrc.dll

MD5: 8cdfb72d8c79cbae6f3488aacfdf8a5f C:\Windows\system32\mssvp.dll

MD5: 8574672c47a3b034983e29316f8ff2b6 C:\Windows\System32\mstask.dll

MD5: ad306e253c5593b55564ae4b3ba5feba C:\Windows\system32\MSUTB.dll

MD5: c5213ac0cd7d4a6be4bbaba0b18b9be5 C:\Windows\system32\msv1_0.dll

MD5: 75287677bb8bc9a16c32ce8a72f485a0 C:\Windows\system32\msvcrt.dll

MD5: 6c421fc03219a0e6834c780774caf527 C:\Windows\system32\MSVFW32.dll

MD5: 54e9576169a248ad62a1eb9773225826 C:\Windows\system32\mswsock.dll

MD5: 473df61261c234a4a4c577f3631b9327 C:\Windows\System32\msxml6.dll

MD5: 5e72dcff9fb2374642043899a1c2e446 C:\Windows\system32\napinsp.dll

MD5: ab26eb32f91d3f04e14101b62eb47589 C:\Windows\System32\NaturalLanguage6.dll

MD5: 1e4b805a21583c9baec3758aa6bca1cd C:\Windows\system32\NCObjAPI.DLL

MD5: 121afd967914292d5cbf7bee9572be71 C:\Windows\system32\ncrypt.dll

MD5: 85508a59e3b0d12d4737184a11c5f8e2 c:\windows\system32\ncsi.dll

MD5: 1fdfc86e6effc8cfee05105a1b757d54 C:\Windows\system32\ndptsp.tsp

MD5: e3afca30714898baae6f12b52627761c C:\Windows\system32\NETAPI32.dll

MD5: fde35ae1e3a1f21ae1e31674295f31e9 C:\Windows\system32\netcfgx.dll

MD5: 889a2c9f2aaccd8f64ef50ac0b3d553b C:\Windows\system32\netlogon.dll

MD5: 90a4dae28b94497f83bea0f2a3b77092 c:\windows\system32\netman.dll

MD5: 7c5c3d9ceee838856b828ab6f98a2857 c:\windows\system32\netprofm.dll

MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\System32\NETRAP.dll

MD5: f4ff57be16bed8a8bd45d0db14e6125d C:\Windows\System32\netshell.dll

MD5: 0f0da05c44e911301028d9cec6294ebb C:\Windows\system32\NLAapi.dll

MD5: c424117a562f2de37a42266894c79aeb c:\windows\system32\nlasvc.dll

MD5: 29adc97527e30540944f1735b2795c3d C:\Windows\System32\NLSData0009.dll

MD5: 5cd3f8485a88cf0f035cff5576d66029 C:\Windows\system32\NSI.dll

MD5: 23b8201a363de0e649fc75ee9874dee2 c:\windows\system32\nsisvc.dll

MD5: 04e4c2069d7254e3fbb90d5b519ab53c C:\Windows\system32\ntdll.dll

MD5: 83942d329d01b8aa9721fef668e1e1a6 C:\Windows\system32\NTDSAPI.dll

MD5: 7fce5c54f97a995f09b6d448cf51f834 C:\Windows\System32\ntlanman.dll

MD5: bbde9db609d0657be77af63cc392f6b0 C:\Windows\system32\NTMARTA.DLL

MD5: 05145613c47bf084976c2c762cd19a61 C:\Windows\system32\ntshrui.dll

MD5: fc60ac3ec99f15e78d566d356c4550be C:\Windows\system32\nvapi.dll

MD5: 04d51f3044ba9710ba36dbbba7120f85 C:\Windows\system32\nvd3dum.dll

MD5: fc8f76b15cd61fa44769344c0d185da1 C:\Windows\system32\NVSVC.DLL

MD5: 0316b676a0f4768dbc8a191f65b4a066 C:\Windows\System32\nvvsvc.exe

MD5: cce6fb960f8985bf500ce9cb0b2ef4cf C:\Windows\system32\ole32.dll

MD5: 40ac3601aca74a015c4e0db0727929ca C:\Windows\system32\OLEACC.dll

MD5: 7924bcce665ac92fc04cd45a46fe3e3d C:\Windows\system32\OLEAUT32.dll

MD5: 5607b5fba62a238d68cd1b5b0383728c C:\Windows\system32\oledlg.dll

MD5: df54915b3dd106854f18c678beb2977d C:\Windows\system32\olepro32.dll

MD5: ccc726cb37b87869cf0f4d4ce70f7cae c:\windows\system32\OneX.DLL

MD5: 016d01d3b8fb976a193c7434bed8dccf C:\Windows\system32\p2psvc.dll

MD5: 0066eb51c3e53e026d5cc65422809341 C:\Windows\system32\pcadm.dll

MD5: d8c5c215c932233a4f1d7f368f4e4e65 c:\windows\system32\pcasvc.dll

MD5: 45507357ef7a803dab92896d57074020 C:\Windows\system32\pdh.dll

MD5: fddcbd831b0bb80b6c80fa29b3839679 C:\Windows\system32\perfdisk.dll

MD5: af2f0222c114c1e917fd54b8eb40ce33 C:\Windows\system32\perfproc.dll

MD5: cd05a38d166beade18030bafc0c0a939 C:\Windows\system32\pla.dll

MD5: 5ed1bc5287c8f8a3da10403152e7bd8b C:\Windows\System32\PlaySndSrv.dll

MD5: be37415bbeb27a0797088868c498ed54 C:\Windows\system32\pnidui.dll

MD5: c0dc476e89558242848572f9ade1d685 C:\Windows\system32\pnrpnsp.dll

MD5: c5bfc12e10afa0c80c8912ba6bbfe44c C:\Windows\system32\PortableDeviceApi.dll

MD5: 5ab4c4205ad35964e0efa21ea5201beb C:\Windows\System32\portabledeviceclassextension.dll

MD5: d05dc087abae3927cee384af9fe184e9 C:\Windows\system32\PortableDeviceTypes.dll

MD5: 3cdec51291f735c5c276b957239017a3 C:\Windows\system32\POWRPROF.dll

MD5: d37ed6c2721764e3d08c975dd977a5ee C:\Windows\system32\printcom.dll

MD5: 213112e152e68f0e4705e36f052a2880 c:\windows\system32\profsvc.dll

MD5: 8dbec5fa50ebedec23d7c1574131ada5 C:\Windows\system32\propdefs.dll

MD5: 96bc076d1ba9fee72709fc72dc025270 C:\Windows\system32\PROPSYS.dll

MD5: f3ee19cc0ee760195d846c03826f998f C:\Windows\system32\pxc25pm.dll

MD5: 56de7aeb7435fee1edb8a83030026884 C:\Windows\System32\QAgent.dll

MD5: 1cdbb5d002fe2bc5300aa20550d8a52e C:\Windows\system32\qagentRT.dll

MD5: da551697e34d2b9943c8b1c8eaffe89a c:\windows\system32\qmgr.dll

MD5: 373bb8d77133cbb854b039f23d474c46 C:\Windows\system32\query.dll

MD5: 409f5d96ad20efabdfa9c8fa52a2d69b C:\Windows\system32\QUtil.dll

MD5: ca61bdfd3713a7ce75f2812afc431594 C:\Windows\system32\qwave.dll

MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll

MD5: 4e579f380701d9bf0669ed61e8ec5951 C:\Windows\system32\RASAPI32.dll

MD5: f14f4aab9f54d099fe99192bdb100ac9 C:\Windows\System32\rasauto.dll

MD5: 8f23a0c652c9205a919476d1e62d3c65 C:\Windows\System32\raschap.dll

MD5: da20a42f514addd91f0e4d1533cb6aa0 C:\Windows\System32\RASDLG.dll

MD5: 9bcbdca7312a0806ce7d8976c314a988 C:\Windows\system32\rasman.dll

MD5: 11d65e29bc9d1e4114d18fe68194394c c:\windows\system32\rasmans.dll

MD5: 81294812d4d6884ca4e2deb5e0747d48 C:\Windows\system32\rasppp.dll

MD5: 1ca27b5452b59ad895888d51c7c38e59 C:\Windows\system32\RASQEC.DLL

MD5: 7818d574cb625d272babda8c5338e23a C:\Windows\system32\rastapi.dll

MD5: ed1ce465d0d897889fabeae3ed9215cf C:\Windows\System32\rastls.dll

MD5: 9a043808667c8c1893da7275af373f0e C:\Windows\system32\regsvc.dll

MD5: ba767b42633e32719018f0d02ac01c59 C:\Windows\system32\RESUTILS.DLL

MD5: 4ff455520b17d15e9191c5bc7d8148fe C:\Windows\system32\RICHED20.dll

MD5: 627295da2eaf37602ea961b6c042348a C:\Windows\system32\riched32.dll

MD5: 9f5d9dbbc7613712a8778385b6fb12ca C:\Windows\system32\RPCRT4.dll

MD5: a90247cd20c2db51c264eacc00a3039f C:\Windows\system32\rsaenh.dll

MD5: 039e4e0488f4e1a985139a24d0359ac3 C:\Windows\system32\SAMLIB.dll

MD5: 22054e4e3cf6174cfce6ab2776da22a0 C:\Windows\system32\SAMSRV.dll

MD5: 565b4b9e5ad2f2f18a4f8aafa6c06bbb C:\Windows\System32\SCardSvr.dll

MD5: 80e2839d05ca5970a86d7be2a08bff61 C:\Windows\system32\scecli.dll

MD5: d39db142b8a0c56616136dd0a1028fc1 C:\Windows\system32\SCESRV.dll

MD5: 886cec884b5be29ab9828b8ab46b11f7 c:\windows\system32\schedsvc.dll

MD5: f7b6bf02240d0a764adf8c8966735552 C:\Windows\System32\SDRSVC.dll

MD5: 16f140c5899082ebfac36a5be50f51f9 C:\Windows\System32\SearchFilterHost.exe

MD5: cba6d7dce8d7f10c541bed38dd6a7eab C:\Windows\System32\SearchIndexer.exe

MD5: 6f120db4262ada8525c36b0a93936074 C:\Windows\System32\SearchProtocolHost.exe

MD5: 8388c4133ddbe62ad7bc3ec9f14271ed c:\windows\system32\seclogon.dll

MD5: 68410cf6fb13ced160ef0149eabfc35c C:\Windows\system32\Secur32.dll

MD5: 0a990afb9f2726323d61c8ecb8b70b17 C:\Windows\system32\security.dll

MD5: 34350ae2c1d33d21c7305f861bd8dad8 c:\windows\system32\sens.dll

MD5: 329cf3c97ce4c19375c8abcabae258b0 C:\Windows\System32\services.exe

MD5: 78878235da4df0d116e86837a0a21df8 C:\Windows\system32\sessenv.dll

MD5: 3d7fe2e7923eea92e68062bba3377067 C:\Windows\system32\SETUPAPI.dll

MD5: 4db158bc772fd434036487dcb7825625 C:\Windows\system32\sfc_os.dll

MD5: a4b7d7f3675b7c4490c066a4829cb26d C:\Windows\system32\shdocvw.dll

MD5: 438ae83490959c0f5a6be97dafea68d2 C:\Windows\system32\SHLWAPI.dll

MD5: b264dfa21677728613267fe63802b332 C:\Windows\system32\SHSVCS.dll

MD5: ae43f1eea8cb7bd6d372f5a08b00849d C:\Windows\system32\slc.dll

MD5: a1dcd30534835cb67733ad00175125a6 C:\Windows\System32\SLsvc.exe

MD5: 56da296e7b376a727e7bdc5ac7fbee02 C:\Windows\system32\SLUINotify.dll

MD5: b39f1844ad6c656f64acd32caee72caa c:\windows\system32\SLWGA.dll

MD5: caa75757bb3695478c23cb0624342a61 C:\Windows\System32\smss.exe

MD5: 73347eca7a6d327ba43c40cb56bca659 C:\Windows\system32\spool\PRTPROCS\W32X86\hpfpp082.dll

MD5: d323794050f95168f96d2560bf6ab6ec C:\Windows\system32\spool\PRTPROCS\W32X86\LMIproc.dll

MD5: 976b09666d0a076ecc3f330891da0dad C:\Windows\System32\SPOOLSS.DLL

MD5: da612ef2556776df2630b68bf2d48935 C:\Windows\System32\spoolsv.exe

MD5: edf5249a8dc8b453d54033e6a98807bf C:\Windows\System32\srchadmin.dll

MD5: 53d1482fc1aa36ac015a85e6cf2146bd c:\windows\system32\srvsvc.dll

MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL

MD5: 8d3e4baff8b3997138c38eb1b600519a c:\windows\system32\ssdpsrv.dll

MD5: 9253c752dc9b5ceeaa7747e165b75eeb C:\Windows\system32\stobject.dll

MD5: 10da15933d582d2fedcf705efe394b09 C:\Windows\System32\svchost.exe

MD5: 749ada8d6c18a08adfede69cbf5db2e0 C:\Windows\System32\swprv.dll

MD5: c19ba7dad3ab3afe6322248047560122 C:\Windows\system32\SXS.DLL

MD5: 78f9800fa0e89da51747aeeac8b422db C:\Windows\System32\SyncCenter.dll

MD5: e2f160fdeaa1b980c1bb577ab67f7e38 C:\Windows\system32\SYNCENG.dll

MD5: 4b9bfc279106fde746f4a2e50e858e92 C:\Windows\system32\syncui.dll

MD5: 8f2b5fede18bd3c4c926cbf88e6f1264 c:\windows\system32\sysmain.dll

MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll

MD5: 0096145148541f8008d2dccb67cde599 C:\Windows\system32\t2embed.dll

MD5: ef3dd33c740fc2f82e7e4622f1c49289 c:\windows\system32\tapisrv.dll

MD5: 096b4acc6e513d400b79bbe986a12ac3 C:\Windows\system32\taskcomp.dll

MD5: 1226e9fae5b8508801ec974e3c9d9c14 C:\Windows\System32\taskeng.exe

MD5: af5ee37a862936a727a766466a1d4586 C:\Windows\system32\taskschd.dll

MD5: 68fa52794ae9acc61bde16fe0956b414 C:\Windows\System32\tbssvc.dll

MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll

MD5: 079fdc65148018e64dfccea671e8308c C:\Windows\System32\tcpmon.dll

MD5: 1512bb9b328dab003e71efcfe19542c6 C:\Windows\System32\tdh.dll

MD5: fad71c1e8e4047b154e899ae31eb8caa c:\windows\system32\termsrv.dll

MD5: a702a2ed07645100c2cad8e0adb87e9d C:\Windows\system32\thumbcache.dll

MD5: ba174723b7998bc2332d657de720a9d3 C:\Windows\system32\timedate.cpl

MD5: f41f8b01eedf74b99c06b0be2d002aa9 C:\Windows\System32\TMM.dll

MD5: a2403f76129c7d192ea9752f28df5f72 C:\Windows\system32\TQUERY.DLL

MD5: 6bba0582c0025d43729a1112d3b57897 c:\windows\system32\trkwks.dll

MD5: 07a6b9b0227e2faad4df420b7230e790 C:\Windows\system32\tspkg.dll

MD5: 24a333f4f14dcfb6ff6d5a1b9e5d79dd C:\Windows\system32\UI0Detect.exe

MD5: b886d818b9265518a1a6d4aee43c8159 C:\Windows\system32\umb.dll

MD5: 747bb4c31f3b6e8d1b5ed0ad61518cb5 c:\windows\system32\umpnpmgr.dll

MD5: 254836a3ca138824c1ba0fa544bf2b78 C:\Windows\system32\unimdm.tsp

MD5: 0b71899e60d1265229bf3d080eab573d C:\Windows\system32\unimdmat.dll

MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll

MD5: b41dd8277022e22ce64bdd97f248d29c C:\Windows\system32\upnp.dll

MD5: 8eb871a3deb6b3d5a85eb6ddfc390b59 c:\windows\system32\upnphost.dll

MD5: 2e3166b370d65d61c05b2e3a662f6eef C:\Windows\System32\usbmon.dll

MD5: 63b4f59d7c89b1bf5277f1ffefd491cd C:\Windows\system32\USER32.dll

MD5: cd5f587157b0150fb6955d939bdab825 C:\Windows\system32\USERENV.dll

MD5: 22027835939f86c3e47ad8e3fbde3d11 c:\windows\system32\userinit.exe

MD5: 456fb859236c9074acf6c3b6243d8b46 C:\Windows\system32\USP10.dll

MD5: f79d0d7c9004474cb42746d9b2c30a2b c:\windows\system32\uxsms.dll

MD5: e340d47578b8cb8a86d3578ea50a3b83 C:\Windows\system32\uxtheme.dll

MD5: c9d0bafee0d0a2681f048ca61bc0da96 C:\Windows\System32\vds.exe

MD5: d8c819157eba10401fd25fb48184ef24 C:\Windows\system32\VERSION.dll

MD5: c4bdae7c768da235c24009cddf165b9e C:\Windows\system32\vss_ps.dll

MD5: 38cce934026691ea652c9955bb8aa04a C:\Windows\system32\VSSAPI.DLL

MD5: 28b257ae1b63699a3415cbc80e26f7e1 C:\Windows\system32\vsstrace.dll

MD5: e0e29d9ef2524abd11749c7c2fd7f607 C:\Windows\system32\vssvc.exe

MD5: 62b0d0f6f5580d9d0dfa5e0b466ff2ed c:\windows\system32\w32time.dll

MD5: c3bac3f95f2fb22ba903928b68b107cc C:\Windows\system32\wbem\esscli.dll

MD5: b8a77a513c9ff5c0d54611495ca41902 C:\Windows\system32\wbem\ncprov.dll

MD5: cca209eb7b096d2bab66a4dbd500c088 C:\Windows\system32\wbem\repdrvfs.dll

MD5: d024930ae4dffcfce97481a77d485fbb C:\Windows\system32\wbem\wbemcomn.dll

MD5: 47d89dc720723845900d483c7d80b00f C:\Windows\system32\wbem\wbemcore.dll

MD5: bd1d1fd2ac8579f94d97d976d498beca C:\Windows\system32\wbem\wbemess.dll

MD5: b8a559fdf98dd186ab84898e7dd191dc C:\Windows\system32\wbem\wbemprox.dll

MD5: 4297615d968b294d8e95270ea7fc6a65 C:\Windows\system32\wbem\wbemsvc.dll

MD5: a279323bee5fffafda222910bce92132 C:\Windows\system32\wbem\WmiApSrv.exe

MD5: e6e2da076b902c99e40bd202a2936949 C:\Windows\system32\wbem\wmiprvsd.dll

MD5: 38a7b89de4e3417c122317949667fdd8 c:\windows\system32\wbem\wmisvc.dll

MD5: 0f751202dd25e725cb9556a8a1257b9b C:\Windows\system32\wbem\wmiutils.dll

MD5: c1b19162e0509ceab4cdf664e139d956 C:\Windows\System32\wcncsvc.dll

MD5: 2a424b89b14ef17a3d06bcb5a8f79601 c:\windows\system32\wdi.dll

MD5: 8b8df4ae8b98bb671e1dab65c72411b4 C:\Windows\system32\wdigest.dll

MD5: c3a87ca43956f2b8d0c3f567f129abf3 C:\Windows\system32\wdmaud.drv

MD5: ed627f91528c9829aa1c248accd1ac7a c:\windows\system32\WDSCORE.dll

MD5: 01e41c264eedcb827820a1909162579f c:\windows\system32\webclnt.dll

MD5: 9cf67ff7f8d34cbf115d0c278b9f74aa C:\Windows\system32\wecsvc.dll

MD5: e6406a6bbb052b6cc47dfce847f88408 C:\Windows\system32\wer.dll

MD5: b68cab45db1dab59d92acadfad6364a8 C:\Windows\System32\wercplsupport.dll

MD5: 36ba0707680ef4236fd752bee982cc25 c:\windows\system32\wersvc.dll

MD5: bce6f538105e7713c4a5a0ca683d6795 C:\Windows\system32\wevtapi.dll

MD5: 37add2a134ae436fff0976d69449f45c c:\windows\system32\wevtsvc.dll

MD5: 4a448f53fea2af8dc606827bcb2b703a C:\Windows\system32\wfapigp.dll

MD5: 151a9eb1398736668d9e78decfd013d2 C:\Windows\system32\wiarpc.dll

MD5: a941e099ef46e3cc12f898cbe1c39910 c:\windows\system32\wiaservc.dll

MD5: 9ad8d54807b34897e41f68c6ff27f3cc C:\Windows\System32\win32spl.dll

MD5: 869ce6723ef0a65ed91b93978370fa5b C:\Windows\system32\WindowsCodecs.dll

MD5: e762562a8d43bde3ee11428eb681ff9c C:\Windows\System32\WINHTTP.dll

MD5: d4385b03e8cccee6f0ee249f827c1f3e C:\Windows\System32\wininit.exe

MD5: 9f75392b9128a91abafb044ea350baad C:\Windows\System32\winlogon.exe

MD5: 3b5e50a380ae03249c9f60e5bb28efcb C:\Windows\system32\WINMM.dll

MD5: 86fbd7d3e975464e94f0a270e5e79cec C:\Windows\system32\WINNSI.DLL

MD5: 35a9d03d0b77e4a35104d851b1095a59 C:\Windows\system32\WinSCard.dll

MD5: e42320b5a0b23bcb2f324286d0572d68 C:\Windows\system32\winspool.drv

MD5: e3f137adc0a9d7f3a2e4f557272fe6b3 C:\Windows\system32\winsrv.dll

MD5: 9ca8b435fb0b8f7bd25268ae75639107 C:\Windows\system32\WINSTA.dll

MD5: 435f0f6dc87a4b5da78f1fa309884189 c:\windows\system32\wkssvc.dll

MD5: 6109c0e8ab58cd3d0506bb81e23f3b22 C:\Windows\system32\Wlanapi.dll

MD5: 2f79eca048f1ef286d0c13a4d36e6f03 c:\windows\system32\WLANMSM.DLL

MD5: 4e2434b9461f1543946aada251efdb12 c:\windows\system32\WLANSEC.dll

MD5: b410476a00961bf3fc368a346d8ea6a7 c:\windows\system32\wlansvc.dll

MD5: 4306242128019b290e1fa7eb998952d7 C:\Windows\system32\WLDAP32.dll

MD5: 979b8fd012a35d567a9088a100dc4d78 c:\windows\system32\wlgpclnt.dll

MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll

MD5: 64b7373d5dd4995c57a9afce45fe9586 C:\Windows\system32\WMASF.DLL

MD5: b8f366aaa577a37bd7705809d3f399a6 C:\Windows\system32\WMDRMSDK.DLL

MD5: 64e31bb32918cdc1b6b33c6107e6c02a C:\Windows\system32\wmp.dll

MD5: ba4f5126d65d25f34d56ef7c3dcbcfbb C:\Windows\system32\wmploc.dll

MD5: 2f75ac0d8cc1cb10130b27b2381679c1 C:\Windows\system32\wmpmde.dll

MD5: 617f9a5813e69f6e9ed94b811ec75396 C:\Windows\System32\wmpps.dll

MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll

MD5: 15bdae5cc342fdf9b7cb66de0e8e5b6c C:\Windows\System32\Wpc.dll

MD5: 3d3b3b80c12abe506f56930c46422c28 C:\Windows\System32\wpcsvc.dll

MD5: c24844a1d0d9528b19d5bc266b8cd572 c:\windows\system32\wpdbusenum.dll

MD5: de55f0a8d2f7df728e796509c846a17e C:\Windows\system32\wpdshserviceobj.dll

MD5: d99a071c1018bb3d4abaad4b62048ac2 C:\Windows\system32\WS2_32.dll

MD5: 8149e826aafa94823d3efc0674cf7fa1 C:\Windows\system32\WSCAPI.dll

MD5: 57201dfb464df1e1ab47bab1b2ae66b7 C:\Windows\system32\wscntfy.dll

MD5: f97cbb919af6d0a6643d1a59c15014d1 c:\windows\system32\wscsvc.dll

MD5: b25dbc371cde14c9cbccb6329c46e7e8 c:\windows\system32\wsdapi.dll

MD5: ccaf246004f719f858e841a2ba12c308 C:\Windows\system32\WSDCHNGR.DLL

MD5: ac5c0c85f248dd2d4ba9805fe2635aea C:\Windows\System32\WSDMon.dll

MD5: 9f6487e56876511e764dd097ab0ce9a0 C:\Windows\System32\wship6.dll

MD5: ce0d320700ccf7c78aef9ed84332cc53 C:\Windows\System32\wshtcpip.dll

MD5: 3f6823040030c3e4da1cf11cd40b7534 C:\Windows\system32\WsmSvc.dll

MD5: f891e412e27c3375257e3d5bd6e17431 C:\Windows\System32\wsnmp32.dll

MD5: 7870fb37a74418e55b0a7de4776d9e75 C:\Windows\system32\wsock32.dll

MD5: 4d14689094bfe7c16cdecf659d8a80f6 C:\Windows\system32\wtsapi32.dll

MD5: 8d5de07842a2b50d8b20ea1cd44ac97f C:\Windows\System32\WUDFHost.exe

MD5: 6d78a92f2cdb58da04207aa57c58e87c c:\windows\system32\WUDFPlatform.dll

MD5: db5bf5aab72b1b99b5331231d09ebb26 c:\windows\system32\wudfsvc.dll

MD5: e28354feea5ef4a20a8e4d7fe6eb0297 C:\Windows\system32\WUDFx.dll

MD5: 71a2dca8f626fcef8bff7e2c17c67a7f C:\Windows\system32\XmlLite.dll

MD5: 16f3bb89525ee0a857923e63206409d9 C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d1cb520e4353d918\ATL80.DLL

MD5: 8d25a3bf9d0005d264f105414ae2cde6 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCP80.dll

MD5: 0ef2917efd6d96e4c9cf121738cf5409 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll

MD5: 40a6d9e83cba7f8673396f1ca9aaadea C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.5570_none_51ce1f16bbe3e56e\ATL90.DLL

MD5: e0b432f20fa54fa689949ac6dbc4c4ab C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll

MD5: 355fe68a41ec27c2a3d1a6e86a582820 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll

MD5: bcfbef2f71c2eb0a23fa54a3ed314e78 C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.5570_none_4bf8f87ebf99de1f\mfc90u.dll

MD5: 2e8746b581358e8035791c00115b7e88 C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.5570_none_4977a39175471b31\MFC90ENU.DLL

MD5: 4a05089f43041903a3c523a3c16e3350 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll

Scan finished - communication took 19 sec

Total traffic - 0.00 MB sent, 0.00 KB recvd

Scanned 1017 files and modules - 39 seconds

==============================================================================

Link to post
Share on other sites

Looking better! ;)

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.14

Windows Vista (UAC is enabled)

Out of date service pack!!

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

AVG Free 8.5

Avira AntiVir Personal - Free Antivirus

ESET Online Scanner v3

WMI entry may not exist for antivirus; attempting automatic update.

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 23

Java SE Runtime Environment 6

Java 6 Update 4

Out of date Java installed!

Flash Player Out of Date!

Adobe Flash Player 10.1.102.64

Mozilla Thunderbird (3.1.10) Thunderbird Out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Malwarebytes' Anti-Malware mbamgui.exe

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

``````````End of Log````````````

Link to post
Share on other sites

Your logs appear to be clean! There's just a few more things left. ;)

Please take the time to install the following updates, as using outdated applications can leave you extremely vulnerable to getting infected again.

-------------

*** Please consider updating to Windows Vista Service Pack 2 (SP2).

Windows Vista Service Pack 2 (SP2) contains all the updates released since SP1 plus support for new types of hardware and emerging hardware standards.

It is now available via Windows Update or as a standalone installation here.

-------------

You are using Internet Explorer version 8. Since you are running Windows Vista, you can update to the latest version (9) ;). Using an outdated version of a web browser leaves you extremley vulnerable to malware!

Please see this link to download the latest version: http://windows.microsoft.com/en-US/internet-explorer/products/ie/home

-------------

You are using an older version of Mozilla Thunderbird. I suggest you visit this link to update it to better protect your computer: http://www.mozillamessaging.com/en-US/thunderbird/

-------------

Your Flash Player is out of date!

To make sure you have the latest version of Adobe Flash Player installed:

1. To uninstall an older version, download this file to your Desktop: uninstall_flash_player.exe

2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).

3. Double-click on the file you've downloaded to uninstall Flash.

4. If uninstalled successfully, go to this site: Install Adobe Flash Player, and choose Agree and install now. This will install the newest version of Flash for your browser (note: Flash plugins for IE and Firefox must be installed separately).

Note: I recommend you uncheck an optional install (Free McAfee Security Scan or Free Google Toolbar).

-------------

Java is out of date and older versions contain vulnerabilities. Please update to the newest version.

Download the newest version from here http://www.oracle.com/technetwork/java/javase/downloads/index.html.

It's important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.

Go to Start > Control Panel and open Add or Remove Programs.

Search in the list for all previous installed versions of Java. (J2SE Runtime Environment).

They will have this icon next to them: javaicon.gif

Select each in turn and click Remove.

Once old versions are gone, please install the newest version.

-------------

Please let me know how the updates went, as failed updates may indicate additional malware. :)

Link to post
Share on other sites

Whew! Ok, I had to install Windows Service Pack 1 also, so it took a while, but everything went fine.

Yes, that can take ages and ages :lol:. I am thrilled to hear everything went alright!

What's next?

I will provide you with some suggestions for security software, but first, ComboFix must be uninstalled:

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

**You may now reinstall AVG AntiVirus, and re-enable TeaTimer if you haven't already.

-------------

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future. :)

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

SpywareBlaster

A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

SpywareGuard

A tutorial on using SpywareGuard for real-time protection against spyware and hijackers may be found here.

Please, consider maintaining a firewall with HIPS (Host Intrusion Prevention Systems). Firewalls are extremely important and are the first part of your computer's defense. HIPS stops malware by monitoring its behavior and it's very important, too.

A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet.

If you are using the Windows Firewall please note that it doesn't monitor or block outbound traffic and is therefore less effective than other free alternatives.

These firewalls are good and do have free versions available

A tutorial on understanding and using firewalls may be found here.

If you use Internet Explorer, it is a good idea to use IE-Spyad for ZonedOut which provides protections against malicious websites. (Requires 2 downloads)

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster and IE-Spyad can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:

http://www.spywarewarrior.com/rogue_anti-spyware.htm

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Opera is another good option.

If you are interested, Firefox may be downloaded from here

Opera is available here: http://www.opera.com/download/

For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help. :)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.