Jump to content

Google redirect


Recommended Posts

Yep, another person suffering from the google redirect problem. Would appreciate any help!

Malwarebytes log:

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 7003

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

02/07/2011 13:40:27

mbam-log-2011-07-02 (13-40-27).txt

Scan type: Quick scan

Objects scanned: 162356

Time elapsed: 10 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

=====================================

DDS:

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_22

Run by Eric at 16:27:22 on 2011-07-02

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.3070.1834 [GMT 1:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\vfsFPService.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

C:\Windows\system32\hasplms.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Acer\Mobility Center\MobilityService.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Cyberlink\Shared files\RichVideo.exe

C:\Program Files\Acer\Acer VCM\RS_Service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SndVol.exe

C:\Windows\Explorer.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.orbitdownloader.com

mStart Page = hxxp://en.uk.acer.yahoo.com

BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File

TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [ePower_DMC] c:\program files\acer\empowering technology\epower\ePower_DMC.exe

mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe

mRun: [eAudio] "c:\program files\acer\empowering technology\eaudio\eAudio.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [bkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [skytel] Skytel.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [WarReg_PopUp] c:\program files\acer\wr_popup\WarReg_PopUp.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [ZPdtWzdVitaKey MC3000] "c:\program files\acer\acer bio protection\PdtWzd.exe" show

mRun: [PLFSetI] c:\windows\PLFSetI.exe

mRun: [LManager] c:\progra~1\launch~1\LManager.exe

mRun: [ArcadeDeluxeAgent] "c:\program files\acer arcade deluxe\acer arcade deluxe\ArcadeDeluxeAgent.exe"

mRun: [CLMLServer] "c:\program files\acer arcade deluxe\acer arcade deluxe\kernel\clml\CLMLSvc.exe"

mRun: [PlayMovie] "c:\program files\acer arcade deluxe\playmovie\PMVService.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer\acer bio protection\PwdBank.exe

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{28F30A1C-9488-42F2-A329-4B76799E8FE7} : DhcpNameServer = 194.168.4.100 194.168.8.100

Notify: AWinNotifyVitaKey MC3000 - c:\program files\acer\acer bio protection\WinNotify.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\eric\appdata\roaming\mozilla\firefox\profiles\2pxu152n.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/

FF - component: c:\program files\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Edit Cookies: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99} - %profile%\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: XULRunner: {B5360CBC-EB19-437D-BEF0-4E40D753FB3C} - c:\users\eric\appdata\local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [2011-2-26 43184]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\playmovie\000.fcl [2011-2-26 41456]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-3-29 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-3-29 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-3-29 66616]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-2-26 21752]

R2 CLHNService;CLHNService;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\CLHNService.exe [2011-2-26 81504]

R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2008-3-15 24576]

R2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

R2 IGBASVC;iGroupTec Service;c:\program files\acer\acer bio protection\BASVC.exe [2011-2-26 3474432]

R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-2-25 49152]

R2 NTIPPKernel;NTIPPKernel;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\NTIPPKernel.sys [2011-2-26 122368]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-2-26 131072]

R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2011-2-26 233472]

R2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-4-22 599344]

R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2008-3-15 54784]

R3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-4-22 40752]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-07-01 08:52:45 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{80e0bca0-3c25-4474-a4a4-189d07fcf5b9}\mpengine.dll

2011-06-29 09:24:50 276992 ----a-w- c:\windows\system32\schannel.dll

2011-06-27 17:14:03 -------- d-----w- c:\users\eric\appdata\roaming\Yvic

2011-06-27 17:14:03 -------- d-----w- c:\users\eric\appdata\roaming\Oqasoc

2011-06-19 13:28:26 606105 ----a-w- c:\windows\unhide.exe

2011-06-14 15:51:56 -------- d-----w- c:\users\eric\appdata\roaming\Steinberg

2011-06-14 15:50:30 510976 ----a-w- c:\windows\system32\synsoacc.dll

2011-06-14 15:48:17 85504 ----a-w- c:\windows\system32\Encdnet.dll

2011-06-14 15:48:17 61952 ----a-w- c:\windows\system32\Decdnet.dll

2011-06-14 15:48:17 217088 ----a-w- c:\windows\system32\ReWire.dll

2011-06-14 15:48:17 130560 ----a-w- c:\windows\system32\Pnc3250.dll

2011-06-14 15:48:16 87040 ----a-w- c:\windows\system32\Ra32sipr.dll

2011-06-14 15:48:16 81920 ----a-w- c:\windows\system32\Ra3214_4.dll

2011-06-14 15:48:16 72704 ----a-w- c:\windows\system32\Ra3228_8.dll

2011-06-14 15:48:16 487936 ----a-w- c:\windows\system32\Rmbe3260.dll

2011-06-14 15:48:16 352768 ----a-w- c:\windows\system32\pngu3263.dll

2011-06-14 15:48:16 21504 ----a-w- c:\windows\system32\Ra32dnet.dll

2011-06-14 15:48:16 131072 ----a-w- c:\windows\system32\Pneng50.dll

2011-06-14 15:47:58 -------- d-----w- c:\program files\Steinberg

2011-06-11 13:24:32 -------- d-----w- c:\program files\Transcribe!

2011-06-08 22:37:39 -------- d-----w- c:\users\eric\appdata\local\Apple

2011-06-07 20:16:46 -------- d-----w- c:\users\eric\appdata\roaming\cYo

2011-06-07 20:16:46 -------- d-----w- c:\users\eric\appdata\local\cYo

2011-06-07 20:13:08 -------- d-----w- C:\284183bd0592e9fc65

2011-06-07 20:10:34 -------- d-----w- c:\program files\ComicRack

2011-06-06 08:31:43 -------- d-----w- c:\users\eric\appdata\local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}

2011-06-05 11:45:50 -------- d-----w- c:\program files\WinDjView

.

==================== Find3M ====================

.

2011-06-28 21:26:34 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-05-29 08:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 08:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-24 18:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-05-02 15:58:28 738816 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-29 12:49:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-04-29 12:49:55 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-04-29 12:49:51 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-04-29 12:49:44 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-04-29 12:49:35 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-21 15:00:34 833024 ----a-w- c:\windows\system32\wininet.dll

2011-04-21 14:57:48 78336 ----a-w- c:\windows\system32\ieencode.dll

2011-04-21 13:28:42 389632 ----a-w- c:\windows\system32\html.iec

2011-04-21 13:16:42 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2011-04-21 13:08:37 1383424 ----a-w- c:\windows\system32\mshtml.tlb

2011-04-14 14:24:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys

.

============= FINISH: 16:27:46.35 ===============

Attach.zip

Link to post
Share on other sites

Hello Eric72 and welcome to Malwarebytes! :welcome:

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

-------------

Please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):

  • TDSSKiller_log.txt
how the PC is running now?
-------------
Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Please go here to see a list of programs that should be disabled.
**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**
Please include the C:\ComboFix.txt in your next reply for further review.
Also, please let me know if any problems still remain.
-------------
Please download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-------------

In your next reply, please include:

  • C:\ComboFix.txt
  • TDSSKiller log
  • Security Check checkup.txt

How is your computer running now?

Link to post
Share on other sites

TDDS Killer log:

2011/07/02 18:23:47.0666 4260 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16

2011/07/02 18:23:47.0887 4260 ================================================================================

2011/07/02 18:23:47.0887 4260 SystemInfo:

2011/07/02 18:23:47.0887 4260

2011/07/02 18:23:47.0887 4260 OS Version: 6.0.6001 ServicePack: 1.0

2011/07/02 18:23:47.0887 4260 Product type: Workstation

2011/07/02 18:23:47.0887 4260 ComputerName: ERIC-PC

2011/07/02 18:23:47.0888 4260 UserName: Eric

2011/07/02 18:23:47.0888 4260 Windows directory: C:\Windows

2011/07/02 18:23:47.0888 4260 System windows directory: C:\Windows

2011/07/02 18:23:47.0888 4260 Processor architecture: Intel x86

2011/07/02 18:23:47.0888 4260 Number of processors: 2

2011/07/02 18:23:47.0888 4260 Page size: 0x1000

2011/07/02 18:23:47.0888 4260 Boot type: Normal boot

2011/07/02 18:23:47.0888 4260 ================================================================================

2011/07/02 18:23:48.0253 4260 Initialize success

2011/07/02 18:23:57.0032 2364 ================================================================================

2011/07/02 18:23:57.0032 2364 Scan started

2011/07/02 18:23:57.0032 2364 Mode: Manual;

2011/07/02 18:23:57.0032 2364 ================================================================================

2011/07/02 18:23:59.0245 2364 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

2011/07/02 18:24:00.0629 2364 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2011/07/02 18:24:02.0320 2364 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2011/07/02 18:24:03.0786 2364 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2011/07/02 18:24:05.0255 2364 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2011/07/02 18:24:06.0658 2364 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

2011/07/02 18:24:08.0066 2364 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys

2011/07/02 18:24:09.0879 2364 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

2011/07/02 18:24:11.0390 2364 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/07/02 18:24:12.0762 2364 aksfridge (45f65f2f7ae28e5e56ab64e3ac61bd52) C:\Windows\system32\drivers\aksfridge.sys

2011/07/02 18:24:14.0361 2364 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys

2011/07/02 18:24:15.0814 2364 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2011/07/02 18:24:17.0226 2364 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2011/07/02 18:24:18.0672 2364 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2011/07/02 18:24:20.0028 2364 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2011/07/02 18:24:21.0484 2364 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2011/07/02 18:24:22.0918 2364 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2011/07/02 18:24:24.0985 2364 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2011/07/02 18:24:26.0363 2364 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/07/02 18:24:27.0707 2364 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

2011/07/02 18:24:29.0126 2364 atikmdag (2dc63afb58a1b166cf1d1b5a9f144135) C:\Windows\system32\DRIVERS\atikmdag.sys

2011/07/02 18:24:30.0739 2364 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

2011/07/02 18:24:32.0374 2364 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

2011/07/02 18:24:33.0753 2364 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/07/02 18:24:35.0320 2364 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2011/07/02 18:24:36.0980 2364 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

2011/07/02 18:24:38.0609 2364 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/07/02 18:24:40.0331 2364 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/07/02 18:24:41.0844 2364 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/07/02 18:24:43.0178 2364 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/07/02 18:24:44.0533 2364 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/07/02 18:24:45.0889 2364 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/07/02 18:24:47.0245 2364 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/07/02 18:24:48.0615 2364 BthPort (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys

2011/07/02 18:24:49.0952 2364 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys

2011/07/02 18:24:51.0868 2364 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/07/02 18:24:53.0213 2364 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

2011/07/02 18:24:54.0613 2364 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

2011/07/02 18:24:55.0874 2364 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

2011/07/02 18:24:57.0304 2364 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/07/02 18:24:58.0649 2364 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2011/07/02 18:25:00.0005 2364 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2011/07/02 18:25:01.0350 2364 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2011/07/02 18:25:02.0717 2364 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2011/07/02 18:25:04.0151 2364 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

2011/07/02 18:25:05.0562 2364 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

2011/07/02 18:25:06.0976 2364 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys

2011/07/02 18:25:07.0105 2364 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys

2011/07/02 18:25:08.0464 2364 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/07/02 18:25:09.0877 2364 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

2011/07/02 18:25:11.0230 2364 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/07/02 18:25:12.0776 2364 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

2011/07/02 18:25:14.0213 2364 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2011/07/02 18:25:15.0610 2364 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2011/07/02 18:25:17.0012 2364 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

2011/07/02 18:25:18.0369 2364 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

2011/07/02 18:25:19.0846 2364 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2011/07/02 18:25:21.0225 2364 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/07/02 18:25:22.0580 2364 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/07/02 18:25:23.0969 2364 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/07/02 18:25:25.0328 2364 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

2011/07/02 18:25:26.0783 2364 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/07/02 18:25:28.0163 2364 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2011/07/02 18:25:29.0586 2364 hardlock (995178a443b07fa9eeaea041d7b4b5ca) C:\Windows\system32\drivers\hardlock.sys

2011/07/02 18:25:31.0005 2364 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

2011/07/02 18:25:32.0390 2364 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/07/02 18:25:33.0904 2364 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/07/02 18:25:35.0271 2364 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

2011/07/02 18:25:36.0649 2364 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys

2011/07/02 18:25:38.0016 2364 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2011/07/02 18:25:39.0410 2364 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

2011/07/02 18:25:40.0799 2364 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2011/07/02 18:25:42.0178 2364 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/07/02 18:25:43.0563 2364 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys

2011/07/02 18:25:44.0925 2364 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2011/07/02 18:25:46.0325 2364 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/07/02 18:25:47.0768 2364 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys

2011/07/02 18:25:49.0181 2364 IntcAzAudAddService (4de88b49c891f45cd9ea6d83a341d3e3) C:\Windows\system32\drivers\RTKVHDA.sys

2011/07/02 18:25:50.0669 2364 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2011/07/02 18:25:52.0081 2364 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/07/02 18:25:53.0481 2364 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/07/02 18:25:56.0215 2364 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2011/07/02 18:25:57.0627 2364 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/07/02 18:25:59.0072 2364 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/07/02 18:26:00.0439 2364 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2011/07/02 18:26:01.0814 2364 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/07/02 18:26:03.0184 2364 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/07/02 18:26:04.0562 2364 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys

2011/07/02 18:26:05.0907 2364 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/07/02 18:26:07.0286 2364 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/07/02 18:26:08.0720 2364 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/07/02 18:26:10.0116 2364 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

2011/07/02 18:26:11.0504 2364 L1E (a611c063a83f77533c1217ecc455a094) C:\Windows\system32\DRIVERS\L1E60x86.sys

2011/07/02 18:26:12.0960 2364 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/07/02 18:26:14.0383 2364 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2011/07/02 18:26:15.0773 2364 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2011/07/02 18:26:17.0140 2364 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2011/07/02 18:26:18.0508 2364 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/07/02 18:26:19.0931 2364 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2011/07/02 18:26:21.0292 2364 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2011/07/02 18:26:22.0706 2364 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/07/02 18:26:24.0062 2364 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/07/02 18:26:25.0429 2364 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/07/02 18:26:26.0806 2364 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/07/02 18:26:28.0174 2364 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/07/02 18:26:29.0533 2364 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2011/07/02 18:26:30.0922 2364 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/07/02 18:26:32.0300 2364 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/07/02 18:26:33.0724 2364 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

2011/07/02 18:26:35.0131 2364 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/07/02 18:26:36.0518 2364 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/07/02 18:26:37.0886 2364 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/07/02 18:26:39.0238 2364 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

2011/07/02 18:26:40.0629 2364 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2011/07/02 18:26:42.0017 2364 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/07/02 18:26:43.0373 2364 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/07/02 18:26:44.0754 2364 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/07/02 18:26:46.0109 2364 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/07/02 18:26:47.0498 2364 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/07/02 18:26:48.0867 2364 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

2011/07/02 18:26:50.0311 2364 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/07/02 18:26:51.0666 2364 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/07/02 18:26:53.0023 2364 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

2011/07/02 18:26:54.0454 2364 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

2011/07/02 18:26:55.0886 2364 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

2011/07/02 18:26:57.0416 2364 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/07/02 18:26:58.0794 2364 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/07/02 18:27:00.0218 2364 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/07/02 18:27:01.0607 2364 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/07/02 18:27:03.0142 2364 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/07/02 18:27:04.0522 2364 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

2011/07/02 18:27:06.0032 2364 NETw4v32 (caaea35dae7f4c19db05481dac22c2ba) C:\Windows\system32\DRIVERS\NETw4v32.sys

2011/07/02 18:27:07.0430 2364 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/07/02 18:27:08.0819 2364 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

2011/07/02 18:27:10.0175 2364 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/07/02 18:27:11.0548 2364 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

2011/07/02 18:27:12.0964 2364 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys

2011/07/02 18:27:13.0149 2364 NTIPPKernel (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys

2011/07/02 18:27:14.0520 2364 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/07/02 18:27:15.0898 2364 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/07/02 18:27:17.0244 2364 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2011/07/02 18:27:18.0610 2364 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2011/07/02 18:27:20.0012 2364 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2011/07/02 18:27:24.0103 2364 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

2011/07/02 18:27:25.0551 2364 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2011/07/02 18:27:26.0905 2364 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

2011/07/02 18:27:28.0261 2364 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2011/07/02 18:27:29.0630 2364 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

2011/07/02 18:27:30.0973 2364 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2011/07/02 18:27:32.0375 2364 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/07/02 18:27:33.0756 2364 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/07/02 18:27:35.0173 2364 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/07/02 18:27:36.0576 2364 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

2011/07/02 18:27:37.0935 2364 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

2011/07/02 18:27:39.0320 2364 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys

2011/07/02 18:27:40.0676 2364 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys

2011/07/02 18:27:42.0021 2364 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys

2011/07/02 18:27:43.0461 2364 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2011/07/02 18:27:44.0835 2364 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/07/02 18:27:46.0212 2364 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/07/02 18:27:47.0657 2364 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/07/02 18:27:49.0147 2364 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/07/02 18:27:50.0548 2364 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/07/02 18:27:51.0994 2364 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

2011/07/02 18:27:53.0386 2364 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

2011/07/02 18:27:54.0718 2364 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/07/02 18:27:56.0077 2364 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

2011/07/02 18:27:57.0698 2364 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/07/02 18:27:59.0078 2364 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

2011/07/02 18:28:00.0502 2364 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/07/02 18:28:01.0982 2364 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/07/02 18:28:03.0361 2364 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/07/02 18:28:04.0729 2364 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2011/07/02 18:28:06.0097 2364 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2011/07/02 18:28:07.0474 2364 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/07/02 18:28:08.0863 2364 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2011/07/02 18:28:10.0241 2364 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2011/07/02 18:28:11.0596 2364 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2011/07/02 18:28:12.0961 2364 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/07/02 18:28:14.0353 2364 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2011/07/02 18:28:15.0720 2364 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2011/07/02 18:28:17.0087 2364 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2011/07/02 18:28:18.0465 2364 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

2011/07/02 18:28:19.0843 2364 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/07/02 18:28:21.0219 2364 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

2011/07/02 18:28:22.0622 2364 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

2011/07/02 18:28:24.0002 2364 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

2011/07/02 18:28:25.0356 2364 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

2011/07/02 18:28:26.0736 2364 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/07/02 18:28:28.0125 2364 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/07/02 18:28:29.0492 2364 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/07/02 18:28:30.0848 2364 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/07/02 18:28:32.0199 2364 SynTP (93d33a3a0a4516584a1394c7821bae2e) C:\Windows\system32\DRIVERS\SynTP.sys

2011/07/02 18:28:33.0642 2364 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

2011/07/02 18:28:35.0019 2364 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

2011/07/02 18:28:36.0449 2364 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

2011/07/02 18:28:37.0783 2364 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/07/02 18:28:39.0127 2364 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/07/02 18:28:40.0506 2364 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

2011/07/02 18:28:41.0874 2364 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

2011/07/02 18:28:43.0319 2364 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/07/02 18:28:44.0674 2364 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/07/02 18:28:46.0041 2364 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys

2011/07/02 18:28:47.0442 2364 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2011/07/02 18:28:48.0831 2364 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys

2011/07/02 18:28:50.0200 2364 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

2011/07/02 18:28:51.0622 2364 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2011/07/02 18:28:52.0959 2364 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2011/07/02 18:28:54.0293 2364 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/07/02 18:28:55.0649 2364 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/07/02 18:28:57.0038 2364 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2011/07/02 18:28:58.0506 2364 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/07/02 18:28:59.0897 2364 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/07/02 18:29:01.0431 2364 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

2011/07/02 18:29:02.0789 2364 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

2011/07/02 18:29:04.0144 2364 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2011/07/02 18:29:05.0546 2364 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys

2011/07/02 18:29:06.0950 2364 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/07/02 18:29:08.0302 2364 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/07/02 18:29:09.0685 2364 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

2011/07/02 18:29:11.0031 2364 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys

2011/07/02 18:29:12.0483 2364 vfs101x (4d45a93a7dd638ca2db0a86fbfbf42d1) C:\Windows\system32\drivers\vfs101x.sys

2011/07/02 18:29:13.0846 2364 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/07/02 18:29:15.0190 2364 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/07/02 18:29:16.0558 2364 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2011/07/02 18:29:17.0891 2364 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2011/07/02 18:29:19.0236 2364 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2011/07/02 18:29:20.0571 2364 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/07/02 18:29:21.0932 2364 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

2011/07/02 18:29:23.0289 2364 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

2011/07/02 18:29:24.0668 2364 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2011/07/02 18:29:26.0056 2364 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/07/02 18:29:27.0435 2364 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/02 18:29:27.0461 2364 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/02 18:29:28.0879 2364 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2011/07/02 18:29:30.0299 2364 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/07/02 18:29:31.0719 2364 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/07/02 18:29:33.0138 2364 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

2011/07/02 18:29:34.0487 2364 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/07/02 18:29:35.0932 2364 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/07/02 18:29:36.0137 2364 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (5867ce254625645345c833510d24f124) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl

2011/07/02 18:29:36.0167 2364 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

2011/07/02 18:29:36.0183 2364 Boot (0x1200) (1f697a32c8858c96fd4ada8ad5e2baf5) \Device\Harddisk0\DR0\Partition0

2011/07/02 18:29:36.0193 2364 ================================================================================

2011/07/02 18:29:36.0193 2364 Scan finished

2011/07/02 18:29:36.0193 2364 ================================================================================

2011/07/02 18:29:36.0206 2920 Detected object count: 0

2011/07/02 18:29:36.0206 2920 Actual detected object count: 0

==============================

ComboFix Log:

ComboFix 11-07-01.02 - Eric 02/07/2011 18:47:46.3.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.3070.1781 [GMT 1:00]

Running from: c:\users\Eric\Desktop\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\users\Eric\AppData\Local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}

c:\users\Eric\AppData\Local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}\chrome.manifest

c:\users\Eric\AppData\Local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}\chrome\content\_cfg.js

c:\users\Eric\AppData\Local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}\chrome\content\overlay.xul

c:\users\Eric\AppData\Local\{B5360CBC-EB19-437D-BEF0-4E40D753FB3C}\install.rdf

.

----- BITS: Possible infected sites -----

.

hxxp://apnmedia.ask.com

.

((((((((((((((((((((((((( Files Created from 2011-06-02 to 2011-07-02 )))))))))))))))))))))))))))))))

.

.

2011-07-02 17:56 . 2011-07-02 17:56 -------- d-----w- c:\users\Eric\AppData\Local\temp

2011-07-02 17:56 . 2011-07-02 17:56 -------- d-----w- c:\users\Public\AppData\Local\temp

2011-07-02 17:56 . 2011-07-02 17:56 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-01 08:52 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{80E0BCA0-3C25-4474-A4A4-189D07FCF5B9}\mpengine.dll

2011-06-29 09:24 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll

2011-06-27 17:14 . 2011-06-28 21:21 -------- d-----w- c:\users\Eric\AppData\Roaming\Yvic

2011-06-27 17:14 . 2011-06-28 10:28 -------- d-----w- c:\users\Eric\AppData\Roaming\Oqasoc

2011-06-19 13:28 . 2011-06-19 13:28 606105 ----a-w- c:\windows\unhide.exe

2011-06-14 15:51 . 2011-06-14 15:51 -------- d-----w- c:\users\Eric\AppData\Roaming\Steinberg

2011-06-14 15:50 . 2003-11-12 22:38 510976 ----a-w- c:\windows\system32\synsoacc.dll

2011-06-14 15:48 . 2003-09-30 10:56 217088 ----a-w- c:\windows\system32\ReWire.dll

2011-06-14 15:48 . 1999-02-26 17:08 85504 ----a-w- c:\windows\system32\Encdnet.dll

2011-06-14 15:48 . 1999-02-26 17:08 61952 ----a-w- c:\windows\system32\Decdnet.dll

2011-06-14 15:48 . 1999-02-26 17:08 130560 ----a-w- c:\windows\system32\Pnc3250.dll

2011-06-14 15:48 . 2000-06-27 22:40 487936 ----a-w- c:\windows\system32\Rmbe3260.dll

2011-06-14 15:48 . 2000-06-27 22:40 352768 ----a-w- c:\windows\system32\pngu3263.dll

2011-06-14 15:48 . 1999-02-26 17:08 87040 ----a-w- c:\windows\system32\Ra32sipr.dll

2011-06-14 15:48 . 1999-02-26 17:08 81920 ----a-w- c:\windows\system32\Ra3214_4.dll

2011-06-14 15:48 . 1999-02-26 17:08 72704 ----a-w- c:\windows\system32\Ra3228_8.dll

2011-06-14 15:48 . 1999-02-26 17:08 21504 ----a-w- c:\windows\system32\Ra32dnet.dll

2011-06-14 15:48 . 1999-02-26 17:08 131072 ----a-w- c:\windows\system32\Pneng50.dll

2011-06-14 15:47 . 2011-06-14 15:50 -------- d-----w- c:\program files\Steinberg

2011-06-11 13:24 . 2011-06-11 13:24 -------- d-----w- c:\program files\Transcribe!

2011-06-08 22:38 . 2011-06-08 22:38 -------- d-----w- c:\programdata\Apple Computer

2011-06-08 22:37 . 2011-06-08 22:37 -------- d-----w- c:\program files\Common Files\Apple

2011-06-08 22:37 . 2011-06-08 22:37 -------- d-----w- c:\users\Eric\AppData\Local\Apple

2011-06-08 22:37 . 2011-06-08 22:37 -------- d-----w- c:\program files\Apple Software Update

2011-06-08 22:37 . 2011-06-08 22:37 -------- d-----w- c:\programdata\Apple

2011-06-07 20:16 . 2011-06-07 20:16 -------- d-----w- c:\users\Eric\AppData\Roaming\cYo

2011-06-07 20:16 . 2011-06-07 20:16 -------- d-----w- c:\users\Eric\AppData\Local\cYo

2011-06-07 20:13 . 2011-06-07 20:16 -------- d-----w- C:\284183bd0592e9fc65

2011-06-07 20:10 . 2011-06-07 20:11 -------- d-----w- c:\program files\ComicRack

2011-06-05 11:45 . 2011-06-05 11:45 -------- d-----w- c:\program files\WinDjView

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-06-28 21:26 . 2011-03-29 16:00 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-06-28 21:26 . 2011-03-29 16:00 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-06-06 08:31 . 2011-04-28 16:02 0 ----a-w- c:\users\Eric\AppData\Local\Jkilusucamu.bin

2011-05-29 08:11 . 2011-03-01 18:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 08:11 . 2011-03-01 18:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-24 18:14 . 2011-02-27 02:00 222080 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-03-05 06:38 121392 ------w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-03-12 397312]

"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-05 526896]

"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-26 34040]

"RtHDVCpl"="RtHDVCpl.exe" [2008-02-26 4939776]

"Skytel"="Skytel.exe" [2007-11-20 1826816]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-03 178712]

"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2011-02-26 3659264]

"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-04-28 809480]

"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-03-05 147456]

"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-03-05 167936]

"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-03-04 167936]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-05-18 49152]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-2-26 1216512]

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-24 723760]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

2011-02-26 15:18 3024896 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2011-02-26 3474432]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-26 131072]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2011-02-26 43184]

S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-03-05 41456]

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]

S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-26 21752]

S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]

S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]

S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run [x]

S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 49152]

S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]

S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]

S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-04-22 599344]

S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-19 54784]

S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-04-22 40752]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 00867899

*NewlyCreated* - 50178938

*Deregistered* - 00867899

*Deregistered* - 50178938

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.orbitdownloader.com

mStart Page = hxxp://en.uk.acer.yahoo.com

IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

FF - ProfilePath - c:\users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\2pxu152n.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Edit Cookies: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99} - %profile%\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-07-02 18:56

Windows 6.0.6001 Service Pack 1 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*å^Oo]

@Class="Shell"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*å^Oo\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*s*h*l*e*Ë00\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*s*h*l*e*ñëø2\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*wZÉc\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*k*i*e*r*a*'ï#\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*k*i*e*r*a*[ÔÃ)\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*l*G'ï#]

@Class="Shell"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*l*G'ï#\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*M*a*Õ"\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*M*a*Fhâ53¢*ˆ;ƒ6vð!¨ÊÊ°ÌÊxÈàËʈ‡È@‚ÈàƒÈH„ÈxƒÈƒÈ !ÀˆÈpŽÈPÎÊð‡È€ÍÊèÍÊHÌÊ`ŠÈø‰È0‹È*ŒÈ˜‹ÈȊȉÈhŒÈ¸!ØŽÈ@ÈàÈWhâ5\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v*‰0+]

@Class="Shell"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v*‰0+\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v*3ÓØp]

@Class="Shell"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v*3ÓØp\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*m*v*~™¿G\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÀZ8]

@Class="Shell"

.

[HKEY_USERS\S-1-5-21-2844847763-3726028296-3422661878-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÀZ8\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(4856)

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll

c:\windows\system32\btmmhook.dll

c:\windows\System32\SysHook.dll

.

Completion time: 2011-07-02 19:03:53

ComboFix-quarantined-files.txt 2011-07-02 18:03

ComboFix2.txt 2011-04-03 17:48

.

Pre-Run: 20,851,441,664 bytes free

Post-Run: 21,345,304,576 bytes free

.

- - End Of File - - C8C1218A4F6DBF17CB27A463BA2BCC10

=============================================================

SecurityCheck Checkup Log:

Results of screen317's Security Check version 0.99.17

Windows Vista Service Pack 1

Out of date service pack!!

Internet Explorer 7 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Disabled!

Avira AntiVir Personal - Free Antivirus

ESET Online Scanner v3

WMI entry may not exist for antivirus; attempting automatic update.

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 22

Out of date Java installed!

Flash Player Out of Date!

Adobe Flash Player 10.2.152.26

Mozilla Firefox (3.6.18) Firefox Out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

``````````End of Log````````````

==================================================

Now I'm no longer seeing the googleads.g.doubleclick redirect links when I mouseover google search results, and have run a few searches without being redirected, which looks promising! Will have to wait and see because the google redirect thing doesn't happen everytime, so it might still pop up again.

After running ComboFix, I'm having trouble accessing various programs as I keep getting the message 'Illegal operation attempted on a registry key that has been marked for deletion.'

I'm able to run/open things as administrator, but there are some things (such as turning windows firewall back on) which do not have that option.

After running these three programs I haven't been prompted to restart the computer yet, is that likely to help?

Thanks for the help so far.

Link to post
Share on other sites

Now I'm no longer seeing the googleads.g.doubleclick redirect links when I mouseover google search results, and have run a few searches without being redirected, which looks promising! Will have to wait and see because the google redirect thing doesn't happen everytime, so it might still pop up again.

Glad to hear the redirects have lessened! :)

After running ComboFix, I'm having trouble accessing various programs as I keep getting the message 'Illegal operation attempted on a registry key that has been marked for deletion.'

Reboot the computer ;)

I need to know, are the redirects in Firefox, Internet Explorer, or both?

Link to post
Share on other sites

Aha, the reboot sorted the access problem, yup. The redirects were in Firefox. I have no idea about IE, haven't used it in years, I agree with the people who say that the only thing IE is good for, is downloading Firefox :P

Cheers for the help, dude!

Link to post
Share on other sites

Cheers for the help, dude!

We're not done yet ;)

Please open Firefox.

In the address bar, type the following (in bold): about:config

Select I'll be carefull, I promise!

In the top left-hand corner of the newly loaded page, copy and paste each of the following entries (in black bold). (ignore the ---- lines)

browser.search.defaultengine ----------------- Google

browser.search.defaultenginename ------------- Google

browser.search.order.1 ----------------------- Google

browser.search.selectedengineURL ------------- www.google.com

browser.startup.homepage --------------------- www.google.com

keyword.URL ---------------------------------- http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=

Right-Click, and select Modify on each of the Preference Names I have included above..

When the popup titled Enter String Value appears, copy and paste each respective Value located to the left of each Preference Name (in green bold).

You will have to do this for each of the entries I have listed.

When you have finished, please restart Firefox. Then, we'll move on to the next step.

Link to post
Share on other sites

Okay, it looks like you have that set correctly anyways ;)

Before we move on, let's run some online scans to see what traces are left (if any) :):

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

----------

Please use the Internet Explorer and run a BitDefender Online scan from Here

  • Please check I agree with the Terms and Conditions and click Start Here
  • You will need to allow an Active X install for the scan to run.
  • Leave the scanning options at default and click Start Scan

Please post the results in your next reply.

----------

Please include the ESET and BitDefender reports in your next reply, and let me know of any issues you've encountered :)

Link to post
Share on other sites

ESET Log:

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6427

# api_version=3.0.2

# EOSSerial=9ffb1e2415daf1408285ea7de01f1696

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-04-20 05:50:18

# local_time=2011-04-20 06:50:18 (+0000, GMT Daylight Time)

# country="United Kingdom"

# lang=1033

# osver=6.0.6001 NT Service Pack 1

# compatibility_mode=1797 16775165 100 94 203998 39854845 16884 0

# compatibility_mode=5892 16776638 100 100 4265 140851024 0 0

# compatibility_mode=8192 67108863 100 0 107 107 0 0

# scanned=122958

# found=0

# cleaned=0

# scan_time=3521

==================

Cannot get BitDefender to run. I installed the ActiveX control it asked me to, but that was blocked. So I went into IE tools and security settings, enabled all possible ActiveX options, but it still will not run.

Link to post
Share on other sites

Yep, no problem:

QuickScan Beta 32-bit v0.9.9.96

-------------------------------

Scan date: Sat Jul 02 21:04:53 2011

Machine ID: 4026B9A7

No infection found.

-------------------

Processes

---------

Acer Arcade Deluxe MediaLibrary Service 2892 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

Acer Arcade Deluxe PlayMovie 2032 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

Acer eAudio Management 2104 C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

Acer eDataSecurity Management 2472 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

Acer eDataSecurity Management 2088 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

Acer Empowering Technology Framework Se 2584 C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

Acer ePower Management 2068 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

Acer Video Conference Manager 3400 C:\Program Files\Acer\Acer VCM\RS_Service.exe

Agere Soft Modem Call Progress Service 1380 C:\Windows\System32\agrsmsvc.exe

AntiVir Desktop 1644 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

AntiVir Desktop 1764 C:\Program Files\Avira\AntiVir Desktop\avguard.exe

AntiVir Desktop 2312 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

AntiVir Desktop 324 C:\Program Files\Avira\AntiVir Desktop\sched.exe

app 3220 C:\ACER\Mobility Center\MobilityService.exe

ATI External Event Utility for Windows 1068 C:\Windows\System32\Ati2evxx.exe

ATI External Event Utility for Windows 1612 C:\Windows\System32\Ati2evxx.exe

BackupSvc Application 3268 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

BASVC.exe 3032 C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

Bio-Protection fingerprint solution UC3 2404 C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

Bluetooth Software 2120 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

Bluetooth Software 2956 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

Catalyst Control Centre 3864 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

Catalyst Control Centre 2368 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

CLHNService Module 2436 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

CyberLink PowerCinema 956 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

DefaultSettingEXE Application 2412 C:\Windows\PLFSetI.exe

DivX Update 3488 C:\Program Files\DivX\DivX Update\DivXUpdate.exe

Firefox 4456 C:\Program Files\Mozilla Firefox\firefox.exe

Firefox 5588 C:\Program Files\Mozilla Firefox\plugin-container.exe

HASP License Manager Service 2972 C:\Windows\System32\hasplms.exe

HD Audio Control Panel 2336 C:\Windows\RtHDVCpl.exe

Java Platform SE Auto Updater 2 0 560 C:\Program Files\Common Files\Java\Java Update\jusched.exe

LightScribe 3084 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

Microsoft® Windows® Operating System 1892 C:\Windows\explorer.exe

Microsoft® Windows® Operating System 668 C:\Windows\System32\csrss.exe

Microsoft® Windows® Operating System 596 C:\Windows\System32\csrss.exe

Microsoft® Windows® Operating System 712 C:\Windows\System32\lsass.exe

Microsoft® Windows® Operating System 3168 C:\Windows\System32\notepad.exe

Microsoft® Windows® Operating System 1228 C:\Windows\System32\SearchFilterHost.exe

Microsoft® Windows® Operating System 4560 C:\Windows\System32\SearchProtocolHost.exe

Microsoft® Windows® Operating System 700 C:\Windows\System32\services.exe

Microsoft® Windows® Operating System 500 C:\Windows\System32\smss.exe

Microsoft® Windows® Operating System 2012 C:\Windows\System32\spoolsv.exe

Microsoft® Windows® Operating System 340 C:\Windows\System32\taskeng.exe

Microsoft® Windows® Operating System 1528 C:\Windows\System32\taskeng.exe

Microsoft® Windows® Operating System 2244 C:\Windows\System32\wbem\unsecapp.exe

Microsoft® Windows® Operating System 2636 C:\Windows\System32\wbem\unsecapp.exe

Microsoft® Windows® Operating System 2788 C:\Windows\System32\wbem\WmiPrvSE.exe

Microsoft® Windows® Operating System 656 C:\Windows\System32\wininit.exe

Microsoft® Windows® Operating System 800 C:\Windows\System32\winlogon.exe

NTI Backup Now 5 2160 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

NTI Backup Now 5 2328 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

PowerDVD 3340 C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe

RAID Event Monitor 2392 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

RAID Monitor 3016 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

Realtek HD Audio Data Rerouter 2680 C:\Users\Eric\AppData\Local\temp\RtkBtMnt.exe

RichVideo Module 3372 C:\Program Files\Cyberlink\Shared files\RichVideo.exe

SchedulerSvc.exe 3304 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

Synaptics Pointing Device Driver 1552 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Synaptics Pointing Device Driver 3728 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

vfsEMPIRE 1476 C:\Windows\System32\vfsFPService.exe

Windows® Internet Explorer 4816 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Microsoft® Windows® Operating System 1864 C:\Windows\System32\dwm.exe

(verified) Microsoft® Windows® Operating System 724 C:\Windows\System32\lsm.exe

(verified) Microsoft® Windows® Operating System 3492 C:\Windows\System32\SearchIndexer.exe

(verified) Microsoft® Windows® Operating System 1280 C:\Windows\System32\SLsvc.exe

(verified) Microsoft® Windows® Operating System 1316 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 972 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 904 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 356 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 3344 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1544 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1188 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1760 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 3464 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1156 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 3420 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 5544 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 1108 C:\Windows\System32\svchost.exe

(verified) Microsoft® Windows® Operating System 5216 C:\Windows\System32\wuauclt.exe

(verified) Windows Defender 5324 C:\Program Files\Windows Defender\MSASCui.exe

Network activity

----------------

Process iexplore.exe (4816) connected on port 80 (HTTP) --> 209.85.147.100

Process iexplore.exe (4816) connected on port 80 (HTTP) --> 84.53.178.72

Process iexplore.exe (4816) connected on port 80 (HTTP) --> 74.125.230.112

Process iexplore.exe (4816) connected on port 80 (HTTP) --> 84.53.178.72

Process iexplore.exe (4816) connected on port 80 (HTTP) --> 84.53.178.19

Process iexplore.exe (4816) connected on port 80 (HTTP) --> 66.220.158.18

Process wininit.exe (656) listens on ports: 49152 (RPC)

Process services.exe (700) listens on ports: 49157 (RPC)

Process lsass.exe (712) listens on ports: 49155 (RPC)

Process svchost.exe (972) listens on ports: 135 (RPC)

Process svchost.exe (1108) listens on ports: 49153 (RPC)

Process svchost.exe (1188) listens on ports: 49154 (RPC)

Process Agentsvc.exe (2328) listens on ports: 10000 (Webmin)

Process hasplms.exe (2972) listens on ports: 1947

Process BackupSvc.exe (3268) listens on ports: 8384

Process SchedulerSvc.exe (3304) listens on ports: 5151

Process svchost.exe (3344) listens on ports: 49156 (RPC)

Process firefox.exe (4456) listens on ports: 49593

Process iexplore.exe (4816) listens on ports: 52112

Autoruns and critical files

---------------------------

Language Application C:\Program Files\CyberLink\PowerDVD\Language\Language.exe

Acer Arcade Deluxe MediaLibrary Service C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

Acer Arcade Deluxe PlayMovie C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

Acer eAudio Management C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

Acer eDataSecurity Management C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

Acer ePower Management C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

acer.scr C:\Windows\System32\acer.scr

Adobe Acrobat C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

Bio-Protection fingerprint solution UC3 C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

Catalyst® Control Center C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

CyberLink PowerCinema C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

DefaultSettingEXE Application C:\Windows\PLFSetI.exe

DivX Update C:\Program Files\DivX\DivX Update\DivXUpdate.exe

HD Audio Control Panel C:\Windows\RtHDVCpl.exe

Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe

Launch Manager C:\Program Files\Launch Manager\LManager.exe

Malwarebytes' Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

NTI Backup Now 5 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

PowerDVD C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe

QuickTime C:\Program Files\QuickTime\QTTask.exe

RAID Event Monitor C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

Realtek Voice Manager C:\Windows\Skytel.exe

Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Windows® Internet Explorer C:\Windows\system32\webcheck.dll

WinNotify.dll C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

WR_PopUp C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

(verified) Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Browser plugins

---------------

Acer Bio-Protection fingerprint solutio C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

Acer eDataSecurity Management C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

AcroIEHelper Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

ActiveToolBand Module C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll

DivX VOD Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

Grab Pro C:\Program Files\Orbitdownloader\GrabPro.dll

Java Deployment Toolkit 6.0.220.4 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

Java Platform SE 6 U22 c:\program files\java\jre6\bin\jp2ssv.dll

Java Platform SE 6 U22 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll

Orbitcth C:\Program Files\Orbitdownloader\orbitcth.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\Windows\system32\ieframe.dll

Yahoo! Toolbar C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll

(verified) Microsoft® Windows® Operating System c:\windows\system32\nlaapi.dll

(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll

(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll

Scan

----

MD5: 828f875a6d2c52ef6d44f9b856209096 C:\Acer\Mobility Center\MobilityInterface.dll

MD5: 1e1a308f4229fab0011a0745ee8377ae C:\ACER\Mobility Center\MobilityService.exe

MD5: 0842543e511bb10b8d85c7a596856c16 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

MD5: 88e7653991271bfbe9b01d99b87bc4d7 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll

MD5: 7c5927b256b7cc04540b56aa3fdcce36 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

MD5: 24d1603035cbbf45d3a9cf6ac1542712 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll

MD5: 65a4ab204a22c67aa9f8091a4ed5002e C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\Common\CLRCEngine3.dll

MD5: 5ca9b1062c0c3e3ae19c23ad9d8a5048 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

MD5: 547bfa3591c70674b0bfc99354ab78b3 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys

MD5: 5867ce254625645345c833510d24f124 C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\Acer Arcade Deluxe\PlayMovie\MFC71.DLL

MD5: 5d5679957d213f98648afa46352b8aa1 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

MD5: db606d3d0051a4ba1e035243c5ca59f8 C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

MD5: 032c23541630c4814d3a2a39933e5d22 C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll

MD5: 20e16b019176747e231f6e4bc5b5e3f3 C:\Program Files\Acer\Acer Bio Protection\FPLaunchCache.dll

MD5: 22423d0b1852158610bf6c76da8f5386 C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

MD5: 9864d6558aabdd8a514b8a184a206057 C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

MD5: f0bdf514431ea889af08e23cec00824f C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

MD5: 73835c4f79adc404ef39c8a9e2d4183b C:\Program Files\Acer\Acer VCM\RS_Service.exe

MD5: 84a4a18145274e650cb97cc55a2bea33 C:\Program Files\Acer\Empowering Technology\eAudio\AcrRtAud.dll

MD5: 250ef6ee2eefe202e0b35b6ec583e8bf C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

MD5: a124671239014087c345cb57398cdaa7 C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll

MD5: 06a716d18015bacdc4b3f46caa21cd06 C:\Program Files\Acer\Empowering Technology\eAudio\Language\ENU\LangEnu.dll

MD5: 867755b464702c9cb77a1f930165dd82 C:\Program Files\Acer\Empowering Technology\eDataSecurity\EDS.Windows.Forms.dll

MD5: 3a2aba382593f15a32352f6e9943e6dc C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

MD5: 7716634e80ab36f6ce6a40d098efda4d C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ADMIN_CLASS_LIB.dll

MD5: 4590e05204e3de7e5fa7d736e6463b44 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\CryptoAPI.dll

MD5: 4bc8167722b6c79b1b13f1f2076b9eec C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

MD5: 7d6668c1697bf48a599e6f29774aaace C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSop.dll

MD5: b7dc2580425225c320ceda78de55a3d0 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

MD5: 7863862241515a7e91628eceb484926d C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll

MD5: f9a1cdd73d890dd35e236ec7707004b0 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

MD5: 116e20930e9e5c7e082ee5b94ffaecf9 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\keyManager.dll

MD5: a94faf333efae818f1150b4d9b970c0c C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

MD5: eade311ca02a23e30f7116c0a7f28219 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDUtil.dll

MD5: b894d3e3d9aa815b754d0d30d56b944a C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll

MD5: afbf454753455d5bc18bee6771504913 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll

MD5: c4fd6255ced4f5ebb34ae57a471f9219 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

MD5: 0e9e06b6e190ec854e714e59ef20f977 C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll

MD5: d6534f188d83f46f6a79be5518a1248c C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll

MD5: 0f4c603fb6b4223bda8904716d0ca067 C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll

MD5: b3ac92631b53dfe02fa9fe6a5ec60a18 C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll

MD5: 7086edcd1519d2e2afa88058369512b6 C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll

MD5: 473f615b7fc159e75a78de93589b2b0a C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll

MD5: ff79cf6f7076127c3c87079860593282 C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll

MD5: a51fd9df23720485991f56741bbefcfb C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

MD5: 5a2a87028cb479ffa3abbdcc98b09c47 C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

MD5: 488dfca5bb51550681ae88ba7907ad7e C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MD5: 25ca1677aaa3cdc99cd4fcf940886f3c C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

MD5: e1e71d80d078c576801b6fe2a29fcf85 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

MD5: a28de8e4eb7641639f68c62a32264578 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll

MD5: dab3b370e0c2815fdf5b29204b8fb984 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll

MD5: e681281d9bfc9d45d3b72532717e5880 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

MD5: c6e4eee8da73f25d6c5090ee4a0111c1 C:\Program Files\Avira\AntiVir Desktop\aecore.dll

MD5: ee0477f95aaf614c5cb14f324ca48c3d C:\Program Files\Avira\AntiVir Desktop\aeemu.dll

MD5: 99fc44836c9faa66d3dd7f6264c2996b C:\Program Files\Avira\AntiVir Desktop\aegen.dll

MD5: 3cd3f5187353323222ca64f55ce4a43d C:\Program Files\Avira\AntiVir Desktop\aehelp.dll

MD5: 6f690e2ea52c96615cd67315c303b19a C:\Program Files\Avira\AntiVir Desktop\aeheur.dll

MD5: 790089c290444a135daeae08c3b7fa24 C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll

MD5: f88786d93f21d95623f6a7c3eb09031d C:\Program Files\Avira\AntiVir Desktop\aepack.dll

MD5: 1c2b2ae6c91aafee617f015319a6122c C:\Program Files\Avira\AntiVir Desktop\aerdl.dll

MD5: ea8d2dcbadb11928df166a5683d7b524 C:\Program Files\Avira\AntiVir Desktop\aesbx.dll

MD5: 864e4cec9f60c25a8a93ad3784da2e64 C:\Program Files\Avira\AntiVir Desktop\aescn.dll

MD5: 669c4086a873a19f370d622ac4ef5d99 C:\Program Files\Avira\AntiVir Desktop\aescript.dll

MD5: 100caaf3542fb51feca9c09db1cb940d C:\Program Files\Avira\AntiVir Desktop\aevdf.dll

MD5: 4c3eed40c3f2a9fc9956b0511d431304 C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll

MD5: 5ee5c132d47ba6f331099bff1d1db539 C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL

MD5: c983e62b6fb74457d173ba93f66f6068 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

MD5: df5a3016052755c910a206058b4a1729 C:\Program Files\Avira\AntiVir Desktop\avguard.exe

MD5: 5252bb49a0b35e1127d3771e21c7af6d C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL

MD5: f7263b4e58e0346178cad70eac7f35e6 c:\program files\avira\antivir desktop\ccgen.dll

MD5: f05a5753c308425749b37acd39a5f760 c:\program files\avira\antivir desktop\ccgenrc.dll

MD5: 4b3a4639dd281b709162a2120b3daefc c:\program files\avira\antivir desktop\ccguard.dll

MD5: c0245ed1f48397d41632cab0afa842ce c:\program files\avira\antivir desktop\cclic.dll

MD5: 98d551a16398529f181570a001843231 c:\program files\avira\antivir desktop\ccmsg.dll

MD5: bd655a8ecaf694c48684b89c745f52fa c:\program files\avira\antivir desktop\ccupdate.dll

MD5: a93a23d1d8922fe1e625d9884c275ff5 c:\program files\avira\antivir desktop\ccupdrc.dll

MD5: a0ef10de0d455e33adffc39948660899 c:\program files\avira\antivir desktop\ccupdw.dll

MD5: 47766f6b79a25af04ed3f6f2b02aa4cb C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll

MD5: 92d9eb35797530fedc07b1d75533f68e C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll

MD5: a285373eab723d7f3fcfdb70accb60a1 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll

MD5: b4837fe56d76b2e9ea90e5365cf6a2be C:\Program Files\Avira\AntiVir Desktop\sched.exe

MD5: 13a86ff71b5e57da8c9a6e2316ce1eaa C:\Program Files\Avira\AntiVir Desktop\schedr.dll

MD5: 902c61f27c86b4a0c0bff31f154ddbeb C:\Program Files\Avira\AntiVir Desktop\shlext.dll

MD5: c11f6a1f61481e24be3fdc06ea6f7d2a C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

MD5: 32ee07f1f2926e2d1dde26b1e972caef C:\Program Files\Common Files\Aladdin Shared\HASP\haspvlib_89149.dll

MD5: 0ee266a90d43e82a07cf33755d6de1cc C:\Program Files\Common Files\LightScribe\LSLog.dll

MD5: d7eb32b51b7472fbee86bfa47b3c4bc5 C:\Program Files\Common Files\LightScribe\LSSProxy.dll

MD5: 793ff718477345cd5d232c50bed1e452 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

MD5: c55c71d48c43d55b3eb6dd34d64d1376 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

MD5: 1264f787e46dc572fa274ca09b446e01 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL

MD5: acd326014941167733074bfbf77296e1 C:\Program Files\CyberLink\PowerDVD\CLRCEngine3.dll

MD5: 4377ddc405d4569530962138eee20f83 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe

MD5: 6ccbe90d8eae1a5a613b0777ed7e96ec C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe

MD5: 17e0bef5ca5c9ce52cc8082ac6ebc449 C:\Program Files\Cyberlink\Shared files\RichVideo.exe

MD5: 605473fd8d50ccdfd5ea357f72683410 C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

MD5: 7636713b4f0944045ab4af7ced5245ab C:\Program Files\DivX\DivX Update\DivXUpdate.exe

MD5: 7726c681f89f51d1d03f5dec2538da7b C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

MD5: 47373897d92b005f6ea8be6d5adf5f29 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll

MD5: ec9b27b37d8e9d361c38e8d364f09611 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

MD5: 72b53e9c8924949dec8f3799bcba2251 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

MD5: 3a1e66a261dea3187ef5dcc746cde971 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll

MD5: 4278079bad7ec9f1abdd16e11afc3ae7 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll

MD5: 77b9a891222fb46b13e414b99e1af842 C:\Program Files\Internet Explorer\iexplore.exe

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: 3f59ede1444c14cfbaa15c7ebbfe6196 c:\program files\java\jre6\bin\jp2ssv.dll

MD5: 3ed8e561044723c6039a8a20a3ae60cc C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

MD5: e7e9b7fbe002e3cea5ce4df4c3084816 C:\Program Files\Launch Manager\LManager.exe

MD5: 2487c45b64790fc210547919f18fac71 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

MD5: 1365bb2a78db638870337422b54ddbac C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

MD5: df8aada641fe10c4748899f62a530a28 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL

MD5: e0dd4a98c79c83aa67d79c8dfc6d2e4f C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

MD5: b96306630fa5a5c01579d17af0d407bf C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

MD5: 055713cd9e0c6aac46afbb3a5b95ef75 C:\Program Files\Mozilla Firefox\firefox.exe

MD5: 7f238c0745053c966cb71c001f8878c2 C:\Program Files\Mozilla Firefox\freebl3.dll

MD5: 112bef85c4b01d7b6c3321f4fb01eedd C:\Program Files\Mozilla Firefox\js3250.dll

MD5: dddbcc60480fee039a094c1662c0beff C:\Program Files\Mozilla Firefox\MOZCPP19.dll

MD5: b96f14bc7df04b349e82c9003f82558b C:\Program Files\Mozilla Firefox\MOZCRT19.dll

MD5: 74d4444f5067c2ec41a20f3893299dcd C:\Program Files\Mozilla Firefox\nspr4.dll

MD5: 99e91ea69a9c33b4349f45b486347019 C:\Program Files\Mozilla Firefox\nss3.dll

MD5: 4c057d3ad53e4e99af7590351d372093 C:\Program Files\Mozilla Firefox\nssckbi.dll

MD5: baf720ed50e71d435de7d3929157c8f6 C:\Program Files\Mozilla Firefox\nssdbm3.dll

MD5: 72bc2a9126c01d6d1045a58c0285149d C:\Program Files\Mozilla Firefox\nssutil3.dll

MD5: aa14af2c8915e41327ac3bc8b32c4548 C:\Program Files\Mozilla Firefox\plc4.dll

MD5: 8e35d253333530285c47e8d33d1d3c74 C:\Program Files\Mozilla Firefox\plds4.dll

MD5: 55b35599e4b8c20904cf6be6f50a1f8d C:\Program Files\Mozilla Firefox\plugin-container.exe

MD5: c953747215143628d3724340faf73bd4 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

MD5: 4e3216231cba873f1d88cc3a755cc4af C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

MD5: 64c183111ada8b5f419fad4e70b9ab70 C:\Program Files\Mozilla Firefox\smime3.dll

MD5: 48dacc767b7c8d77f3dfd501b9e30a6a C:\Program Files\Mozilla Firefox\softokn3.dll

MD5: f04cb8f40f38d1cc75c44e6c219d80cd C:\Program Files\Mozilla Firefox\sqlite3.dll

MD5: ced3cfa15858d4b8294980077a1c700e C:\Program Files\Mozilla Firefox\ssl3.dll

MD5: 0fee7c320c3e864da8f0bf9188594643 C:\Program Files\Mozilla Firefox\xpcom.dll

MD5: 921cb4d7cfff02d0d818a728afbe09ba C:\Program Files\Mozilla Firefox\xul.dll

MD5: a8b8edb4cdb2927cdc127e5bfe85ca7e C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

MD5: f1fcbac148c58c699d425291e60c5ee4 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKaux.dll

MD5: c37b8fffd98f29bbecde2da1aeb9bff9 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKauxLOC.dll

MD5: d00fc6b3d460128eb6af2e7183cde0e5 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImage.dll

MD5: b204a4599b020775f6ab7f5ab75ef80d C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImageLOC.dll

MD5: 92a8f7d4ca6998740ecf5871563d2338 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

MD5: 1dadbd9e4be384fb4d0ad6e305a328b8 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll

MD5: 08d3373df134f3a63eaa7c5d8785de1e C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrMmc32.dll

MD5: df2db1940593f6a114171f669a482916 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Cdrw32.dll

MD5: c65ff81991f28d6650249e3735e938e5 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrwEx32.dll

MD5: 58c9fa743b5e9d8322b2354dd33f37b4 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll

MD5: 3078d275203445e68e0f403e44075fa0 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll

MD5: c3a1723504cb8adbe3854bca9d63c41b C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll

MD5: 610ab863245f18e21d90f15da4ed1953 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

MD5: 5c5acce6448985c3ed693851c2fa3378 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\listor.dll

MD5: 6c1cca59b91feda2362661e92afdfc1d C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\locator.dll

MD5: bff1c8c81878fdb79c66cb28d60b85ef C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Data32.dll

MD5: 91b920766ea5fb395e7365c38f923751 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Hddrw32.dll

MD5: e9a347b033f09f093b61cd4558ad705d C:\Program Files\NewTech Infosystems\NTI Backup Now 5\ImagFile.dll

MD5: d98fbb00b1cecf0be535521a98a1b4cf C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Scd32.dll

MD5: 50b1521bc145ce9634a5acd1c10d84f7 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

MD5: 36eb99e1be5a1b45ababfa451ba8e564 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll

MD5: 3974f1bec9862f815eff0d42bf2eeadc C:\Program Files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabKernel.dll

MD5: cbe44944aeb15c5b591dc0a70882438e C:\Program Files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll

MD5: e5bdf552d5aa8d97cf7cdf3364dda762 C:\Program Files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\winfile.dll

MD5: 3974f1bec9862f815eff0d42bf2eeadc C:\Program Files\Orbitdownloader\GrabKernel.dll

MD5: 9a9cac6b13a674e4741f88a026046023 C:\Program Files\Orbitdownloader\GrabPro.dll

MD5: fa8f96b363a0a0d153c5b353b9471eb2 C:\Program Files\Orbitdownloader\orbitcth.dll

MD5: e5bdf552d5aa8d97cf7cdf3364dda762 C:\Program Files\Orbitdownloader\winfile.dll

MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\QTTask.exe

MD5: 1865429c6ed8d20f53c0214b0ef74c9d C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

MD5: 9d60d121022f2697d00ff8563aeada80 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

MD5: 7fe64b44b0249a64597f5588bc2a09be C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

MD5: 928f958c7a28d80a6ff1e2dec6d08bba C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll

MD5: 1cb7bd313ddd400c555a773d8ef2dd62 C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll

MD5: 179b21962296ce3c35ff002229dd1f70 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll

MD5: 7d1f2afe12bafc4c18c5a0e3c6866e38 c:\program files\windows defender\mprtplug.dll

MD5: a2a4e96aaf9c15b1c31d9e8e6dee56a5 C:\Program Files\WinRAR\rarext.dll

MD5: c1b2b3ef8ac5c8c32670d4ec7d524964 C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

MD5: eea9634c3c2f04e1f8283de4b3b5c07a C:\Program Files\Yahoo!\Companion\Installs\cpn\YTBM.dll

MD5: 401f82ce78ae5995684333b556948fa4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80E0BCA0-3C25-4474-A4A4-189D07FCF5B9}\mpengine.dll

MD5: 5c918d413f5837e67a85775c9873775e C:\PROGRA~1\LAUNCH~1\DPortIO.sys

MD5: b2994ec6452dbd04e57828eefedfb93c C:\Users\Eric\AppData\Local\temp\RtkBtMnt.exe

MD5: 05e3bac0d6d3bf468754dd9fe8f5e9d2 C:\Windows\AppPatch\AcLayers.DLL

MD5: f4d241169a2635e28732ca51c3adb1ec C:\Windows\AppPatch\AcRedir.DLL

MD5: c9e8191e28539ba03daf5298d6d7f1df C:\Windows\AppPatch\iebrshim.dll

MD5: 93d5b9634c4744fb115785081ecf9738 C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll

MD5: 87645928254896d1ee82917f0456aa33 C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll

MD5: 770e3461f6ccc45edeba15321684a863 C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll

MD5: ecafa04a73d64d8f23b531609bd52edc C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll

MD5: d05cdc3ef5b1d9edc48b9d78f9764967 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll

MD5: 51c404c32c2b54f157ff0369f2d4ef39 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll

MD5: 91cf31a8bfe4ecd654bdfc6a1c8938bd C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll

MD5: 9a54313606227865058e383fba3940db C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3050.37493__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll

MD5: 8f5db5f71efceda174cbfd84ce10174f C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll

MD5: aaddaf60603a47d3cd8b7adbcb463b8c C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3050.37213__90ba9c70f846762e\AEM.Server.dll

MD5: f12698f6a8694e5fa6b96c10cf085c1a C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll

MD5: f5e80737e448f6b7427cb4a82e5e4e50 C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3050.37213__90ba9c70f846762e\APM.Server.dll

MD5: dcc352ff4bb866f39dfd7cdd2777c533 C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll

MD5: 18749268dd2d4e805d48c339f419de35 C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3050.37215__90ba9c70f846762e\ATIDEMOS.dll

MD5: 74a97243ab81f912efb1e75c0233cbae C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll

MD5: 3d9c083afec75f72493bffe780b25733 C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3050.37467__90ba9c70f846762e\CCC.Implementation.dll

MD5: c115eff076631e40e5a83aa95257cdb4 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll

MD5: 1e7088b760f6dc31f6d785754a0030be C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3050.37372__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll

MD5: f2b1dd485b0ebc376842620a8aef46fa C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3050.37377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll

MD5: 97143b71e0de3afcf20d72de8e06b017 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll

MD5: 4b1b47f5d180495937d8e76fa8c74a3c C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3050.37411__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll

MD5: f3b08f3772430fce8eeddacfa5cb01e0 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll

MD5: 68ceb8b49b241af8a0b89a19bf9a0328 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3050.37365__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll

MD5: fda4e38022364de15e88584c228ba81a C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3050.37371__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll

MD5: 688a947ec982a898858195bd6af77bda C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll

MD5: 6ec2293cfe79b7aa8b5b192d049f1f0a C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3050.37405__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll

MD5: 6db327372bbf4a3c6d8510d98c4674a6 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3050.37404__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll

MD5: acfeb0e56a4c6b229534dcd97c06a768 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll

MD5: 145793adde71f827c6ef6de8cb0ef92c C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3050.37293__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll

MD5: 4c86d6acaaed775e4f286af8a8048e96 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3050.37370__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll

MD5: 0a397573b00fa7c18cdef90765fd8c41 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll

MD5: b92ca06a9816264d44baa35806f5c99f C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3050.37446__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll

MD5: 655c7cd95ead1da652a026ed70eaa96b C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll

MD5: 5bab27ee1fb5356c3a694e59ce8d0ece C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3050.37241__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll

MD5: 311f577cf7d25d512531545cd894ea94 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3050.37261__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll

MD5: 2db620fe0c2f7b279cef7178f403255f C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3050.37240__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll

MD5: 707aa4ed132166bb0f492204f4b3a7ce C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll

MD5: b29bee99f31557ed8e78bf5571223e6c C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3050.37281__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll

MD5: a2f266d952cac4f0701466f62d048fdf C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3050.37274__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll

MD5: bab75620ae05d63cd80ddce71da4372a C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll

MD5: 2b06b00acd78f7daef3eeaca66345f3f C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3050.37425__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll

MD5: 3af9735b4102959b3604d5a679de6c71 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll

MD5: 25a028b553b365181f445660bee4e745 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3050.37475__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll

MD5: 57f65bd2a39d5dc02f57cb7b0f6a67b4 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3050.37482__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll

MD5: 5f108cb732cbb5ea26c37d62d5adcf29 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll

MD5: 035ac1c0e1fc0802063d8f49c91c8775 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3050.37234__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll

MD5: 28d660a70f0ebd04fa60a3cb2fcd41f6 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll

MD5: dac3d1168492ba0249bcd3944bcbb41f C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3050.37221__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll

MD5: ce1a66f2dc0faa685a14822eafd368f6 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll

MD5: 3cdc16e013af214f37e66fa90217c35b C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll

MD5: 9732b23bfe14da896104ff71ae702f43 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3050.37253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll

MD5: 605219b234f31ccfe28c87ecd5968905 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll

MD5: c086af6684633310f140a08ad02480af C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll

MD5: 0c900f762dda5f13b2e41ba0ab2c8f67 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll

MD5: dafc7899ed420d3224d0d2323b18914d C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll

MD5: 580c520e14fa511cd270ac14659560c7 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3050.37228__90ba9c70f846762e\CLI.Component.Dashboard.dll

MD5: b1119ea129bf09c1e0186cfddb99301f C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3050.37214__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll

MD5: 58394c6dc5e5639fbcd235355bb483ea C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll

MD5: ab7e3ab416af7a7a6f62a78557ffe45b C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll

MD5: deeb01e63919de8ae3c919fe211256e2 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3050.37214__90ba9c70f846762e\CLI.Component.Runtime.dll

MD5: 99df957642959a864af8381bd60447ca C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll

MD5: 7caf4277ca228e792122a7fdcd7c79fd C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll

MD5: baf94d77d109bf04790169a7e9bc0799 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3050.37248__90ba9c70f846762e\CLI.Component.Wizard.dll

MD5: 2b8ae4b75aba71135dc15d27046b09d7 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll

MD5: 94815ccbf6be55d5d605c74bd8b17036 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll

MD5: 7be16aaf0923e6889c1276abf7a1087c C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll

MD5: 2e7fab502a8615b1aab0eab35afbca3b C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll

MD5: 4cdae1e74129c2bc16f3a859457d2ecd C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll

MD5: bdaf2483944b83e8d4bc39c7f487dcbe C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll

MD5: 4c22c191479f65344885fd2188b3e266 C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll

MD5: 92ea6aadc3e331625dfd350a9e93c215 C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3006.0__672b450de5a7e94a\Framework.Host.dll

MD5: 69138c63116a012541b9ed14d07fe97b C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll

MD5: 1675243221b5c219d0303e09b3dc7309 C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3006.0__14bcaafdb44b5951\Framework.Model.Controller.dll

MD5: 18e538ef29328f21438c62719955792b C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll

MD5: ec1170eb99a041c80009c0e3432df8c0 C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3006.0__9ecdf03bb2054f94\Framework.PluginInterface.dll

MD5: b29c1420f5a308f832307520fd1850d6 C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3006.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll

MD5: 16486a713fcb44c53a3e200501703633 C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3006.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll

MD5: 79974b08639e3a6a3e61b415f8e380d4 C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll

MD5: 5acab8b8a21e865818b4c2185439ac4b C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll

MD5: 8ffd904980fd6dcd8a48608704d05030 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll

MD5: 740169ccc020767d7aebe4b3ee2ee9ae C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3050.37466__90ba9c70f846762e\LOG.Foundation.Implementation.dll

MD5: ec294e9704e766dd05cb29aa31a86469 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll

MD5: b68401297e97b617d73a82b1532f98e7 C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll

MD5: 5f3bd963f02108c36592b5728fa725c5 C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll

MD5: 98ab38af56bf3c333416878c13b161a1 C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll

MD5: 132d05e3cb2ce55a1532b19458fccd66 C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3050.37467__90ba9c70f846762e\MOM.Implementation.dll

MD5: 298c1239c0688eab4f83ea0d5c2ccc8a C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll

MD5: 617fb85504f7be3d0231b5c67724b1ba C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll

MD5: ce18fbc9756956f7d916d8f43de4938c C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll

MD5: 3b1ebf1e7df94d16c3e487fb00ee390b C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll

MD5: 4397f0a0c9fcfc6f0ec8b71fdd3effc6 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll

MD5: 4fe2bd6b4a19e573e25c33e8ec71c010 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll

MD5: 82bfc519b8e21111634b6c6b7ec4ce3f C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll

MD5: 50e1787a622650b0a4d6409889dee659 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll

MD5: e08588a7bb48017b428f474b9a280b33 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll

MD5: bdf166c4515e4afafe285e717b428418 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll

MD5: 23dc75d158d484177ffe99e23264f89f C:\Windows\Downloaded Program Files\qsax.dll

MD5: 860fad57b4668a9f5f350a9d5444ae89 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

MD5: 2bac92e8ac5e16ed60062e9141b8d5f6 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

MD5: f282d4edd85d53e20d902cc92190c5f5 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

MD5: 429e3efafcae6c89a57cd5d8e3442cae C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: 2ac7f8b8bf0d5d327a3a2a00453222c4 C:\Windows\PLFSetI.exe

MD5: f48d9869257482828d3f40c59e99053e C:\Windows\RtHDVCpl.exe

MD5: c8612e58fb7fcfa5eea4e39f7b8cbc17 C:\Windows\Skytel.exe

MD5: e0761b16f3f6f7083c7eda3ef59f13ba C:\Windows\System32\adsldpc.dll

MD5: c77f71aa825263541965846edd9e8729 C:\Windows\system32\advpack.dll

MD5: 8ed60797908fd394eee0d6949f493224 C:\Windows\System32\agrsmsvc.exe

MD5: c006588aa4814f367b6a1311d17bbe73 C:\Windows\system32\asycfilt.dll

MD5: e8637c9d3530b08eeaf600a353df64df C:\Windows\system32\Ati2edxx.dll

MD5: 321383975a23731663243591da09b475 C:\Windows\system32\ati2evxx.dll

MD5: 098c7ce10a929c9e101468377609882d C:\Windows\System32\Ati2evxx.exe

MD5: de4fe48691d90d9919315603173e2a3b C:\Windows\system32\ATIDEMGX.dll

MD5: 54f883223cb6c0321db895baed9ee8c6 C:\Windows\system32\atipdlxx.dll

MD5: 3a921bfbb4e5b0edf695d860043d7039 C:\Windows\system32\atitmmxx.dll

MD5: 796d5a35fa2597dc7cca358c0b16466a C:\Windows\system32\atiumdag.dll

MD5: 07367196014ba3646fc3816095b004ee C:\Windows\system32\atiumdva.dll

MD5: 669388db959f5b07aaaa43c796c7aa05 c:\windows\system32\AUTHZ.dll

MD5: f31eebc1a1c81fd04005489cc3dcdfe7 C:\Windows\system32\basesrv.dll

MD5: 9f590a94a9c17ac5ebfdf2cadceb5c5b C:\Windows\system32\BioOne.dll

MD5: c1db5285d572ffd741fde14df3e51f97 C:\Windows\system32\bitsigd.dll

MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll

MD5: 58ee7f5e68310bc8d4e7cebd8358c12e c:\windows\system32\bthserv.dll

MD5: 7980fc9ad604084ffea9b6a921f11159 C:\Windows\system32\btmmhook.dll

MD5: a79f52402bb778d407b4fd4c6b41c95a C:\Windows\system32\btosif.dll

MD5: c3997491fa141f58b07555f9546b5df7 C:\Windows\system32\btrez.dll

MD5: 80002f6064a5d357306133b17f15be49 C:\Windows\system32\btwapi.dll

MD5: 964793231721ac0c7ae696c7c24900ae C:\Windows\system32\btwhidcs.DLL

MD5: d333058925ce305e39de8d5ad2b52a46 C:\Windows\system32\CLUSAPI.DLL

MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe

MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll

MD5: ee11e4fe19d61275246e5772bc1ec795 C:\Windows\system32\comsvcs.dll

MD5: bf6f0c2df119f71c22c00525adf2ee56 C:\Windows\system32\corpol.dll

MD5: 129a64901aaf7205f753090a779a4321 C:\Windows\System32\credui.dll

MD5: 615a3b1cda204e8123c5472540d229c0 C:\Windows\system32\CRYPTUI.dll

MD5: 7f55c714567e2e55c79b7fd33433c93d C:\Windows\system32\CSRSRV.dll

MD5: abca209eba02cb59233614db83b4f50d C:\Windows\System32\csrss.exe

MD5: d306ea7436ac1587463a89be29b456fb C:\Windows\System32\davclnt.dll

MD5: 8acd8e3ea303da48db223f4759cfb254 C:\Windows\system32\diagperf.dll

MD5: 5665120753fce7123c4deace241ee715 C:\Windows\system32\DNSAPI.dll

MD5: 4805d9a6d281c7a7defd9094dec6af7d c:\windows\system32\dnsrslvr.dll

MD5: 48eb99503533c27ac6135648e5474457 C:\Windows\system32\drivers\afd.sys

MD5: 45f65f2f7ae28e5e56ab64e3ac61bd52 C:\Windows\system32\drivers\aksfridge.sys

MD5: 8d59617a9c3dbf4650aa44f4e9215744 C:\Windows\system32\Drivers\AlfaFF.sys

MD5: 2dc63afb58a1b166cf1d1b5a9f144135 C:\Windows\system32\DRIVERS\atikmdag.sys

MD5: 1e4114685de1ffa9675e09c6a1fb3f4b C:\Windows\system32\DRIVERS\avgntflt.sys

MD5: 0f78d3dae6dedd99ae54c9491c62adf2 C:\Windows\system32\DRIVERS\avipbb.sys

MD5: 8153396d5551276227fa146900f734e6 C:\Windows\system32\DRIVERS\bowser.sys

MD5: 73d53f8e90550ba81e2cf44a0873b410 C:\Windows\System32\Drivers\BTHport.sys

MD5: 32045a4bb143bbc5bab1298c4e9e309a C:\Windows\System32\Drivers\BTHUSB.sys

MD5: a3e9fa213f443ac77c7746119d13feec C:\Windows\System32\Drivers\dfsc.sys

MD5: 73baf270d24fe726b9cd7f80bb17a23d C:\Windows\system32\DRIVERS\DKbFltr.sys

MD5: 995178a443b07fa9eeaea041d7b4b5ca C:\Windows\system32\drivers\hardlock.sys

MD5: d8df3722d5e961baa1292aa2f12827e2 C:\Windows\system32\DRIVERS\hidir.sys

MD5: 3c64042b95e583b366ba4e5d2450235e C:\Windows\system32\drivers\hidusb.sys

MD5: e5a0034847537eaee3c00349d5c34c5f C:\Windows\system32\DRIVERS\iaStor.sys

MD5: c6e5276c00ebdeb096bb5ef4b797d1b6 C:\Windows\system32\drivers\int15.sys

MD5: 8bcd857c7932ad005d5f9c89329da2e1 C:\Windows\system32\DRIVERS\itecir.sys

MD5: a611c063a83f77533c1217ecc455a094 C:\Windows\system32\DRIVERS\L1E60x86.sys

MD5: 5734a0f2be7e495f7d3ed6efd4b9f5a1 C:\Windows\system32\DRIVERS\mrxsmb.sys

MD5: cf6e972f8e0d0f2970360a17572b366b C:\Windows\system32\DRIVERS\mrxsmb10.sys

MD5: 5c80d8159181c7abf1b14ba703b01e0b C:\Windows\system32\DRIVERS\mrxsmb20.sys

MD5: caaea35dae7f4c19db05481dac22c2ba C:\Windows\system32\DRIVERS\NETw4v32.sys

MD5: 2757d2ba59aee155209e24942ab127c9 C:\Windows\system32\DRIVERS\NTIDrvr.sys

MD5: ab94285ff6c6bc5433407d8d182a4bb4 C:\Windows\system32\DRIVERS\psdfilter.sys

MD5: 2aaf9a5d7a63d26bfaea853c5f2292bc C:\Windows\system32\DRIVERS\PSDNServ.sys

MD5: 0eb8cec99855beae5b0d02c2302619ef C:\Windows\system32\DRIVERS\PSDVdisk.sys

MD5: 4de88b49c891f45cd9ea6d83a341d3e3 C:\Windows\system32\drivers\RTKVHDA.sys

MD5: c33bfbd6e9e41fcd9ffef9729e9faed6 C:\Windows\system32\DRIVERS\sfloppy.sys

MD5: 2252aef839b1093d16761189f45af885 C:\Windows\System32\DRIVERS\srv.sys

MD5: b7ff59408034119476b00a81bb53d5d1 C:\Windows\System32\DRIVERS\srv2.sys

MD5: 2accc9b12af02030f531e6cca6f8b76e C:\Windows\System32\DRIVERS\srvnet.sys

MD5: 93d33a3a0a4516584a1394c7821bae2e C:\Windows\system32\DRIVERS\SynTP.sys

MD5: fce98c43b5c5db8e0da8ea0e2b45e044 C:\Windows\system32\DRIVERS\VClone.sys

MD5: 4d45a93a7dd638ca2db0a86fbfbf42d1 C:\Windows\system32\drivers\vfs101x.sys

MD5: 0cec23084b51b8288099eb710224e955 C:\Windows\system32\DRIVERS\wpdusb.sys

MD5: b68fcc1f8684ab3ec4be4d0a2537d26d C:\Windows\system32\Dxtmsft.dll

MD5: d12feb0e3ea6063a65a5498ed90fd790 C:\Windows\system32\Dxtrans.dll

MD5: 0af64a7b89f34a51fcf25e1f360cca39 C:\Windows\system32\eapphost.dll

MD5: 55740f2d627e528f09a1cb1e83cb7aee C:\Windows\system32\en-us\tQuery.dll.mui

MD5: 219f279e9a34c94538647191ab76c735 c:\windows\system32\ESENT.dll

MD5: b7bf68e1fee5fbc360fabdf8c4f4540a C:\Windows\system32\fdproxy.dll

MD5: 88940e369ce544704662621267c6615e C:\Windows\system32\fdssdp.dll

MD5: 3d1fb16287644240a6daf3c7d80e6bb0 C:\Windows\system32\fdwsd.dll

MD5: 4fb37ec51bdb2a6543f1f712555b9579 C:\Windows\system32\FeClient.dll

MD5: a9542ff2e9a82cf100e5729ec79068f0 C:\Windows\system32\FLTLIB.DLL

MD5: d547391c463e4b329b597a3bc07ea29d C:\Windows\system32\FunDisc.dll

MD5: 988963e9e07787e1d8f99dc1f452213d c:\windows\system32\FwRemoteSvr.DLL

MD5: 122d17832ac8daac1546bc5277236575 C:\Windows\System32\hasplms.exe

MD5: 05b6a5ce1c7767c32df35966107cb1ec C:\Windows\system32\HHCtrl.ocx

MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp

MD5: 0c84b6affa7486422235584110d7176f c:\windows\system32\ICAAPI.dll

MD5: d5e8f09e9db9eb3a81925f7e634b95be C:\Windows\system32\ieapfltr.dll

MD5: 92047ade3fe9ff51132bc14fb8d77997 C:\Windows\system32\ieframe.dll

MD5: 43ab7846279a09104e5e04cce8b241be C:\Windows\system32\iepeers.dll

MD5: 962abfb0805210936f0c149f9154bedf C:\Windows\system32\iertutil.dll

MD5: f2f627e24fc6adf67526840d68a3544d C:\Windows\system32\IEUI.dll

MD5: 5a005676a0252fbafec8f68162eb9f88 C:\Windows\system32\ImgUtil.dll

MD5: cde0805636000414e22eb36fbab61eee C:\Windows\System32\inetpp.dll

MD5: cad416b8a4309b5e1ce75425381e7d2f c:\windows\system32\iphlpsvc.dll

MD5: dcb288183cf77605110944232c6a2665 C:\Windows\system32\jscript.dll

MD5: 7d80a6e1fe4f3b40e5992ee8964a00f4 C:\Windows\system32\kerberos.dll

MD5: db6e3731e6f5c8ae2843f80b5787f7c6 C:\Windows\system32\kernel32.dll

MD5: 74c2f29cc612b2b34231bebd824d2fb2 C:\Windows\system32\keyiso.dll

MD5: 953193a9dea40348c1086d171f6440ae C:\Windows\system32\kmddsp.tsp

MD5: ca0b849566776a17f35f0339be17dfd9 C:\Windows\system32\ktmw32.dll

MD5: 19ffad68a02af1bf0bc336ee26cd6767 c:\windows\system32\l2gpstore.dll

MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll

MD5: d3c50535c26190fead7785a03499c0ac C:\Windows\system32\Macromed\Flash\Flash9e.ocx

MD5: 16485f315911fd051dca03bd50fb470a C:\Windows\system32\Macromed\Flash\NPSWF32.dll

MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Windows\system32\MFC71.DLL

MD5: 6d92d25519ee321870998f265e86c954 C:\Windows\system32\mfplat.dll

MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll

MD5: 5bbc45e19bcfb982c946429b9369dee4 C:\Windows\system32\modemui.dll

MD5: 3dbfebe4ddf9ce3d647faafc1d15f3c6 C:\Windows\System32\MPRAPI.dll

MD5: 0e34cff4b801cd104d3f35f8d992bf17 C:\Windows\system32\MSFTEDIT.DLL

MD5: d6c2ceacb1ee184ea0c1d6bd594b398f C:\Windows\system32\mshtml.dll

MD5: aab5feaabf4cb6f76d794203831c8d94 C:\Windows\system32\Msidle.dll

MD5: f3ebda850cc141768498decaad513299 C:\Windows\system32\msls31.dll

MD5: 5e41139ec6efbcaffd96d46925e544ab c:\windows\system32\mspatcha.dll

MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll

MD5: 4774d83be60b7f47c612e25d6fe0f010 C:\Windows\system32\MSSHooks.dll

MD5: 365fef29b22f626c5756ac0dee91c249 C:\Windows\System32\msshsq.dll

MD5: cd5d53dfe552074d5553e1089961ea6f C:\Windows\system32\mssph.dll

MD5: ac32dc4d4552151d6842b678d52eb9b7 C:\Windows\system32\mssvp.dll

MD5: 2fa16465f64db54b1f7f511395eb4fd7 C:\Windows\system32\NCObjAPI.DLL

MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b c:\windows\system32\ncsi.dll

MD5: 2f6776acefe41ee889c464ea407918f2 C:\Windows\system32\ndptsp.tsp

MD5: 6bc5fcef351e4cb5a269c1e84b5a06da C:\Windows\system32\netcfgx.dll

MD5: a8efc0b6e75b789f7fd3ba5025d4e37f C:\Windows\system32\netlogon.dll

MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\System32\NETRAP.dll

MD5: 5a0b0235899ec846fc914458d5cb5332 C:\Windows\System32\NLSLexicons0009.dll

MD5: daf60e13e96ecb67f0edaa89c6b01b8d C:\Windows\System32\notepad.exe

MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd c:\windows\system32\nsisvc.dll

MD5: 89d0e06d6165c98e47065722ce703fad C:\Windows\system32\ntdll.dll

MD5: aa406846dd60e3a4536dbaab4037b685 C:\Windows\system32\ole32.dll

MD5: fa6bd25a5a65a6ff5be4385098e3bdef C:\Windows\system32\OLEAUT32.dll

MD5: ae70ae6f0760793d4893c3735eec7292 C:\Windows\system32\OLEPRO32.DLL

MD5: f0062778f50838145ac46b384ffb4fa3 C:\Windows\system32\pcadm.dll

MD5: b8d3bf818defe1da9a754f214e528221 C:\Windows\system32\pngfilt.dll

MD5: e340845c8e96d107c36420065d7a5733 C:\Windows\system32\printcom.dll

MD5: 60802d34abee835ce80cea4ce04a2140 C:\Windows\system32\query.dll

MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll

MD5: 5eaad3f8b0afe4c5c1777de18262fbd3 C:\Windows\System32\raschap.dll

MD5: 83a54618958daa59f2f7312d6897d3e8 C:\Windows\System32\RASDLG.dll

MD5: ff672ec108883fe90c8bec3e8e1d503f C:\Windows\system32\rasppp.dll

MD5: 88225070dd2f7b0b2ed51e7935078641 C:\Windows\system32\RASQEC.DLL

MD5: f3c74862035d9645e2c08731f43aea3f C:\Windows\system32\rastapi.dll

MD5: 1c0e2529fed8862f08be8b562cfc3c5c C:\Windows\System32\rastls.dll

MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b C:\Windows\system32\RESUTILS.DLL

MD5: 9de05ce950e4bc8820464f137029b358 C:\Windows\system32\RPCRT4.dll

MD5: 301ae00e12408650baddc04dbc832830 c:\windows\system32\rpcss.dll

MD5: 1eacff296a418f23b38bbc02e337f38b C:\Windows\system32\SAMSRV.dll

MD5: 28b84eb538f7e8a0fe8b9299d591e0b9 C:\Windows\system32\scecli.dll

MD5: ea5d4bfb6a9f6a659c3ddce419d8217c C:\Windows\system32\SCESRV.dll

MD5: 6528ee11efa77f8c8b1c6ead401f907f C:\Windows\system32\schannel.dll

MD5: 7b587b8a6d4a99f79d2902d0385f29bd c:\windows\system32\schedsvc.dll

MD5: 87889a983c015080fa813d7e32910d1e C:\Windows\System32\SearchFilterHost.exe

MD5: c4894b3b448b647bedc9e916d181bdbe C:\Windows\System32\SearchProtocolHost.exe

MD5: 0a990afb9f2726323d61c8ecb8b70b17 C:\Windows\system32\security.dll

MD5: 2b336ab6286d6c81fa02cbab914e3c6c C:\Windows\System32\services.exe

MD5: 048b65ec931a39a5f42016be04775274 C:\Windows\system32\SHELL32.dll

MD5: 44338cab70f1db264d2f3f9f86a5d281 C:\Windows\system32\SHLWAPI.dll

MD5: 1e3fdb80e40a3ce645f229dfbdfb7694 C:\Windows\system32\SHSVCS.dll

MD5: 6701ddaf68bede6bbeea9d514d73a35b C:\Windows\System32\smss.exe

MD5: 76d54175bde317e4f251028afa117309 C:\Windows\System32\SPOOLSS.DLL

MD5: 3665f79026a3f91fbca63f2c65a09b19 C:\Windows\System32\spoolsv.exe

MD5: bf7e4d6f60a6d9e866432855c6f8c262 c:\windows\system32\sqmapi.dll

MD5: 234cb691fba69e8c1be489a341586252 C:\Windows\System32\srchadmin.dll

MD5: 1925e63c91cf1610ae41bfd539062079 c:\windows\system32\srvsvc.dll

MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL

MD5: f5103e4c9697347efb42fb3514cdb81a C:\Windows\system32\SynCOM.dll

MD5: f5bebeb2b40cf9eaa087d20ebc3a0371 C:\Windows\system32\SynTPAPI.dll

MD5: 729b02afb824d893882d84a46cd7d12b C:\Windows\System32\SysHook.dll

MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll

MD5: ed0f7e497b69b6b0fb375c283e2b44be C:\Windows\system32\t2embed.dll

MD5: e3923280e0d6e8a98925ba36e835cc73 C:\Windows\system32\taskcomp.dll

MD5: eafb5897ac9cd84890171ac38862320f C:\Windows\System32\taskeng.exe

MD5: f315e8a8517ebfa13ecd16011fb0a03b C:\Windows\system32\taskschd.dll

MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll

MD5: f9290d67c4b4b9b31cd3fc8be73a4c9b C:\Windows\System32\tcpmon.dll

MD5: 8a38b5e8493a9d103083b8620ac5f3a1 C:\Windows\System32\tdh.dll

MD5: f8873d15018f411588bec02c1725bada C:\Windows\system32\tspkg.dll

MD5: e45051c374f845edf3db02a35ba13193 C:\Windows\system32\umb.dll

MD5: 6cdd310172bcc9f5a2fac445b20b3d5e C:\Windows\system32\unimdm.tsp

MD5: 0b71899e60d1265229bf3d080eab573d C:\Windows\system32\unimdmat.dll

MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll

MD5: fedf099539e39797a58f136ac3144be4 C:\Windows\system32\urlmon.dll

MD5: 0bf0bb276f17b6ad61a8694d2551ec28 C:\Windows\System32\usbmon.dll

MD5: a23e4692716c25e5aea300ed74e73a1c C:\Windows\system32\USP10.dll

MD5: 1329ed8f128de7d94dc240cf391b0f71 C:\Windows\system32\vfsCommUSB20.DLL

MD5: db7791e065961664e5ddb8f7378f8892 C:\Windows\system32\vfsEMPIRE_Sensor.dll

MD5: c04033bcf8c9d4c5722ba8feee2868a2 C:\Windows\System32\vfsFPService.exe

MD5: 00de6e95c16103d25411789156c4928c C:\Windows\system32\VSSAPI.DLL

MD5: dc3ae9f1554dcd97f90983ddbdacd83d C:\Windows\system32\vsstrace.dll

MD5: 7edd3cdeff1004cf15e5c86168ff2d62 C:\Windows\system32\wbem\esscli.dll

MD5: 52a53bcccf489d4097191b7b78dffa58 C:\Windows\system32\wbem\fastprox.dll

MD5: a68aeda4eb23012c5207dff729d85692 C:\Windows\system32\wbem\ncprov.dll

MD5: 220db6d951b90c5ceddb4d3a93c108df C:\Windows\system32\wbem\repdrvfs.dll

MD5: 25873356e52849c3f5b3f1b02317e8c8 C:\Windows\System32\wbem\unsecapp.exe

MD5: 8beb91025512c439b4b8624a0cfbd2c3 C:\Windows\system32\wbem\wbemcore.dll

MD5: fd02ca3f5ae91337d67b80f6852d2efb C:\Windows\system32\wbem\wbemess.dll

MD5: da39b480239feb2cc0f4be7b185b63db C:\Windows\system32\wbem\wbemprox.dll

MD5: 80ca893ec96b99d3109176ab440e3756 C:\Windows\system32\wbem\wmiprov.dll

MD5: e91a23a9bc6dc56a049eb16096c17d02 C:\Windows\system32\wbem\wmiprvsd.dll

MD5: a859852dea22d60295a69b8bf92928f1 C:\Windows\System32\wbem\WmiPrvSE.exe

MD5: dc30569eaefaf3455ce765ae8fdaf48b C:\Windows\system32\wbem\wmiutils.dll

MD5: 29ec7259e8196d9f90a3d59b3d546faf C:\Windows\system32\wdigest.dll

MD5: c99a99cdf3f073f9bca69b77d60b37fb c:\windows\system32\WDSCORE.dll

MD5: 4f4889a9d680714be11b31bd01a0411a C:\Windows\system32\webcheck.dll

MD5: eef8941abbd675ae84d016b4bdf9a6b4 C:\Windows\system32\wer.dll

MD5: 3abdb4beae7cf1187109756d5f3a9bc0 c:\windows\system32\wevtsvc.dll

MD5: 0745d6ead386710110817fbec03f5161 C:\Windows\system32\wfapigp.dll

MD5: 73fe2e5fa55088a241aa2732f5d387d6 C:\Windows\system32\wiarpc.dll

MD5: 60cffd3fa1179ea8c40671604071da06 C:\Windows\System32\win32spl.dll

MD5: da5a72211661c7f162b332fea4f09a69 C:\Windows\system32\WININET.dll

MD5: 101ba3ea053480bb5d957ef37c06b5ed C:\Windows\System32\wininit.exe

MD5: c2610b6bdbefc053bbdab4f1b965cb24 C:\Windows\System32\winlogon.exe

MD5: 8b05faf8603e6fde90c5b103761cc3f6 C:\Windows\system32\winsrv.dll

MD5: 6d48c42bf2dc4225353b86f2e2b90cfa C:\Windows\system32\WLanConn.dll

MD5: 4b8be68c1f19509bc62e6a2846d429c1 C:\Windows\system32\wlanhlp.dll

MD5: abe9dec1e78226f70f5a6d18f701aff2 c:\windows\system32\WLANMSM.DLL

MD5: 2938e3b155c2647137a1910f534e66be c:\windows\system32\WLANSEC.dll

MD5: 0636d4fe43c198c289f37be4083204d0 c:\windows\system32\wlgpclnt.dll

MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll

MD5: bfe74095684093f14d24801c8c0d16e3 C:\Windows\system32\WMI.dll

MD5: 801027f97983d22ab6f177c658f70c02 C:\Windows\system32\wmp.dll

MD5: 0c47181269a2e16aedd0ff4b6dbcfba9 C:\Windows\system32\wmploc.dll

MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll

MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll

MD5: d7f8d560ff816126f4db520d1bdc3281 C:\Windows\system32\wsdapi.dll

MD5: ccaf246004f719f858e841a2ba12c308 C:\Windows\system32\WSDCHNGR.DLL

MD5: 47c4359fa1e1460f16cebd1a2bca73be C:\Windows\System32\WSDMon.dll

MD5: 1367ef1c1ba82e4a559feda1f0d8383c C:\Windows\System32\wsnmp32.dll

MD5: 399bb52ad0668472717498e97cf28341 c:\windows\system32\WUDFPlatform.dll

MD5: 4ec8572b3e74db47f45a1bc9750950ef C:\Windows\system32\xwizards.dll

MD5: 75f2a9b695ef3ef22d731f059920f636 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcm80.dll

MD5: 1b7524806d0270b81360c63a2fa047cb C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL

MD5: ccc2e312486ae6b80970211da472268b C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL

MD5: e402a6e79d1e4dbfeba8b364c67a3158 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\COMCTL32.dll

MD5: d702b4e30b31bfcab7bd4e5965c1a5dc C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll

MD5: 81e199bfe82c106d38f989674d0dec1f C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll

No file uploaded.

Scan finished - communication took 1 sec

Total traffic - 0.02 MB sent, 2.16 KB recvd

Scanned 1060 files and modules - 38 seconds

==============================================================================

Link to post
Share on other sites

Glad to hear your system is running better! :D

Before we move on, please take the time to install the following updates, as using outdated applications can leave you extremely vulnerable to getting infected again :):

--------

:excl:Please consider updating to Windows Vista Service Pack 2 (SP2).

Windows Vista Service Pack 2 (SP2) contains all the updates released since SP1 plus support for new types of hardware and emerging hardware standards.

It is now available via Windows Update or as a standalone installation here.

--------

You are using Internet Explorer version 7. The latest version is 9. Using an outdated version of a web browser leaves you extremley vulnerable to malware!

Please see this link to download the latest version: http://windows.microsoft.com/en-US/internet-explorer/products/ie/home

--------

Firefox is out of date. Using an outdated version of a web browser leaves you extremely vulnerable to malware!

Please visit Mozilla site and update it to the latest version.

--------

Java is out of date and older versions contain vulnerabilities. Please update to the newest version.

Download the newest version from here http://www.oracle.com/technetwork/java/javase/downloads/index.html.

It's important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.

Go to Start > Control Panel and open Add or Remove Programs.

Search in the list for all previous installed versions of Java. (J2SE Runtime Environment).

They will have this icon next to them: javaicon.gif

Select each in turn and click Remove.

Once old versions are gone, please install the newest version.

--------

Your Flash Player is out of date!

To make sure you have the latest version of Adobe Flash Player installed:

1. To uninstall an older version, download this file to your Desktop: uninstall_flash_player.exe

2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).

3. Double-click on the file you've downloaded to uninstall Flash.

4. If uninstalled successfully, go to this site: Install Adobe Flash Player, and choose Agree and install now. This will install the newest version of Flash for your browser (note: Flash plugins for IE and Firefox must be installed separately).

Note: I recommend you uncheck an optional install (Free McAfee Security Scan or Free Google Toolbar).

--------

Please let me know how the updates went, as failed updates may indicate additional malware ;)

Link to post
Share on other sites

Glad to hear the updates went well! :D

Unless there are any remaining issues, I will now provide you with some suggestions for security software ;):

First, ComboFix must be uninstalled:

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

-------------

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future. :)

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Spybot-Search & Destroy

A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features if you don't have the resident part of another anti-spyware program running.

SpywareBlaster

A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

SpywareGuard

A tutorial on using SpywareGuard for real-time protection against spyware and hijackers may be found here.

Please, consider maintaining a firewall with HIPS (Host Intrusion Prevention Systems). Firewalls are extremely important and are the first part of your computer's defense. HIPS stops malware by monitoring its behavior and it's very important, too.

A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet.

If you are using the Windows Firewall please note that it doesn't monitor or block outbound traffic and is therefore less effective than other free alternatives.

These firewalls are good and do have free versions available

A tutorial on understanding and using firewalls may be found here.

If you use Internet Explorer, it is a good idea to use IE-Spyad for ZonedOut which provides protections against malicious websites. (Requires 2 downloads)

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster and IE-Spyad can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:

http://www.spywarewarrior.com/rogue_anti-spyware.htm

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Opera is another good option.

If you are interested, Firefox may be downloaded from here

Opera is available here: http://www.opera.com/download/

For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help. :)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.