--- System information --- Unknown Windows version 6.1 (Build: 7600) (6.1.7600) --- Browser helper object list --- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: AcroIEHelperStub CLSID name: Adobe PDF Link Helper Path: c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\ Long name: AcroIEHelperShim.dll Short name: ACROIE~2.DLL Date (created): 2/27/2009 11:07:26 AM Date (last access): 3/27/2010 3:21:22 AM Date (last write): 2/27/2009 11:07:26 AM Filesize: 75128 Attributes: archive MD5: 5CF6190CD875DA6B35256FEE573E7908 CRC32: 764BA81B Version: 9.1.0.163 {27B4851A-3207-45A2-B947-BE8AFE6163AB} (McAfee Phishing Filter) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: McAfee Phishing Filter CLSID name: McAfee Phishing Filter Path: c:\progra~1\mcafee\msk\ Long name: mskapbho.dll {5C255C8A-E604-49b4-9D64-90988571CECB} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Java(tm) Plug-In SSV Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Java(tm) Plug-In SSV Helper Path: C:\Program Files (x86)\Java\jre6\bin\ Long name: ssv.dll Short name: Date (created): 12/22/2011 8:07:04 PM Date (last access): 12/22/2011 8:07:04 PM Date (last write): 12/22/2011 8:07:04 PM Filesize: 325408 Attributes: archive MD5: E810ACAFA8E6D80117414B7CA036D626 CRC32: CA69557D Version: 6.0.300.12 {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} (Partner BHO Class) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Partner BHO Class Path: C:\ProgramData\Partner\ Long name: Partner.dll Short name: Date (created): 3/27/2010 3:30:38 AM Date (last access): 3/27/2010 3:30:38 AM Date (last write): 3/27/2010 3:30:38 AM Filesize: 433648 Attributes: archive MD5: 949B51800504C243FC7EC5B0248F0BAB CRC32: 67505F93 Version: 1.2.4229.1140 {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Windows Live Sign-in Helper Path: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ Long name: WindowsLiveLogin.dll Short name: WINDOW~1.DLL Date (created): 1/22/2009 3:41:30 PM Date (last access): 12/22/2011 4:33:04 PM Date (last write): 1/22/2009 3:41:30 PM Filesize: 408448 Attributes: archive MD5: B7899C3E21B299D7A3C0DA96CAE340BD CRC32: 288935F8 Version: 5.0.818.5 {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Google Toolbar Helper description: Google toolbar classification: Open for discussion known filename: googletoolbar.dll info link: http://toolbar.google.com/ info source: TonyKlein Path: C:\Program Files (x86)\Google\Google Toolbar\ Long name: GoogleToolbar_32.dll Short name: GOOGLE~1.DLL Date (created): 3/27/2010 3:30:12 AM Date (last access): 3/27/2010 3:30:12 AM Date (last write): 1/11/2012 5:34:24 PM Filesize: 342128 Attributes: archive MD5: 61980095AE5D02B1E9D2ED604A90C1BF CRC32: 86BBEB2C Version: 7.2.2427.2330 {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Java(tm) Plug-In 2 SSV Helper Path: C:\Program Files (x86)\Java\jre6\bin\ Long name: jp2ssv.dll Short name: Date (created): 12/22/2011 8:07:04 PM Date (last access): 12/22/2011 8:07:04 PM Date (last write): 12/22/2011 8:07:04 PM Filesize: 42272 Attributes: archive MD5: F2121482C2968CD3B53ED53ACC9277A5 CRC32: 657C341D Version: 6.0.300.12 --- ActiveX list --- {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) DPF name: CLSID name: OnlineScanner Control Installer: C:\Windows\Downloaded Program Files\OnlineScanner.inf Codebase: http://download.eset.com/special/eos/OnlineScanner.cab Path: C:\PROGRA~2\ESET\ESETON~1\ Long name: OnlineScanner.ocx Short name: ONLINE~1.OCX Date (created): 1/15/2012 3:56:56 PM Date (last access): 1/15/2012 3:56:56 PM Date (last write): 9/30/2011 9:28:08 AM Filesize: 3405744 Attributes: archive MD5: 751EE920D6811584E5B1F0B153A5A4E2 CRC32: E2EE1C02 Version: 1.0.0.6583 {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_30 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files (x86)\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 12/22/2011 8:07:04 PM Date (last access): 12/22/2011 8:07:04 PM Date (last write): 12/22/2011 8:07:04 PM Filesize: 104224 Attributes: archive MD5: BBBD59066C5A61D28DCCE8A037B39DFD CRC32: 6742692F Version: 6.0.300.12 {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_30 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab Path: C:\Program Files (x86)\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 12/22/2011 8:07:04 PM Date (last access): 12/22/2011 8:07:04 PM Date (last write): 12/22/2011 8:07:04 PM Filesize: 104224 Attributes: archive MD5: BBBD59066C5A61D28DCCE8A037B39DFD CRC32: 6742692F Version: 6.0.300.12 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_30 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab description: classification: Legitimate known filename: npjpi150_06.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files (x86)\Java\jre6\bin\ Long name: npjpi160_30.dll Short name: NPJPI1~1.DLL Date (created): 12/22/2011 8:07:04 PM Date (last access): 12/22/2011 8:07:04 PM Date (last write): 12/22/2011 8:07:04 PM Filesize: 141088 Attributes: archive MD5: EFFD9E25043B9C9633A49367B1E773C1 CRC32: E97D822B Version: 6.0.300.12 --- Process list --- PID: 0 ( 0) [System] PID: 2928 (2616) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe size: 349552 MD5: 89F7B7CCC82D7E6FF9832FE3D24988C4 PID: 3004 (2616) C:\Windows\PLFSetI.exe size: 206208 MD5: 42DA6FC848254888958B6B133930FA3C PID: 1280 (2616) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe size: 2260480 MD5: 390679F7A217A5E73D756276C40AE887 PID: 2180 (2616) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe size: 39408 MD5: 5D61BE7DB55B026A5D61A3EED09D0EAD PID: 148 (2216) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE size: 312376 MD5: 4EE76D4CB055E8EC281177771345E8B3 PID: 3436 (2752) c:\PROGRA~2\MICROS~3\wkcalrem.exe size: 46432 MD5: 81212000667237972A8DBC22232ABD35 PID: 2660 (2616) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe size: 5365592 MD5: 0477C2F9171599CA5BC3307FDFBA8D89 PID: 3656 (2616) C:\Program Files (x86)\Internet Explorer\iexplore.exe size: 748336 MD5: 904E13BA41AF2E353A32CF351CA53639 PID: 768 (3656) C:\Program Files (x86)\Internet Explorer\iexplore.exe size: 748336 MD5: 904E13BA41AF2E353A32CF351CA53639 PID: 1176 (3656) C:\Program Files (x86)\Internet Explorer\iexplore.exe size: 748336 MD5: 904E13BA41AF2E353A32CF351CA53639 PID: 4 ( 0) System PID: 388 ( 4) smss.exe PID: 536 ( 476) csrss.exe PID: 592 ( 476) wininit.exe size: 96256 PID: 608 ( 584) csrss.exe PID: 640 ( 592) services.exe PID: 660 ( 592) lsass.exe PID: 668 ( 592) lsm.exe PID: 756 ( 584) winlogon.exe PID: 828 ( 640) svchost.exe size: 20992 PID: 888 ( 640) CLPSLS.exe PID: 924 ( 640) svchost.exe size: 20992 PID: 988 ( 640) svchost.exe size: 20992 PID: 544 ( 640) svchost.exe size: 20992 PID: 532 ( 640) svchost.exe size: 20992 PID: 1004 ( 988) audiodg.exe PID: 1068 ( 640) svchost.exe size: 20992 PID: 1216 ( 640) svchost.exe size: 20992 PID: 1420 ( 640) spoolsv.exe PID: 1456 ( 640) svchost.exe size: 20992 PID: 1540 ( 640) dsiwmis.exe PID: 1584 ( 640) ePowerSvc.exe PID: 1608 ( 640) GregHSRW.exe PID: 1676 ( 640) LMS.exe PID: 1712 ( 640) IScheduleSvc.exe PID: 1740 ( 640) SchedulerSvc.exe PID: 1788 ( 640) svchost.exe size: 20992 PID: 1820 ( 640) UpdaterService.exe PID: 1908 ( 640) IAStorDataMgrSvc.exe PID: 2012 ( 640) SDWinSec.exe size: 1153368 MD5: 794D4B48DFB6E999537C7C3947863463 PID: 2480 ( 640) C:\Windows\System32\taskhost.exe PID: 2556 ( 544) C:\Windows\System32\dwm.exe PID: 2616 (2540) C:\Windows\explorer.exe size: 2870272 MD5: 0862495E0C825893DB75EF44FAEA8E93 PID: 2800 ( 640) svchost.exe size: 20992 PID: 2920 (2616) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe size: 323584 MD5: E19B41A5537C96D577DD796439DDDC29 PID: 2940 (2616) C:\Windows\System32\igfxtray.exe PID: 2948 (2616) C:\Windows\System32\hkcmd.exe PID: 2956 (2616) C:\Windows\System32\igfxpers.exe PID: 2964 (2616) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe size: 9643552 MD5: 37F1D9DE11A9888D014D5BE966084B34 PID: 3012 (2616) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe size: 1842472 MD5: 3B30F234512DB4EFDD0168928C61FC8E PID: 3020 ( 828) C:\Windows\System32\igfxsrvc.exe PID: 3028 (2616) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe size: 860192 MD5: 6B7DE92DAA31E9A6A703E3A405B096FB PID: 3036 (2616) C:\Program Files\Microsoft IntelliPoint\ipoint.exe size: 2417032 MD5: 5B72629C8144D1A96490D4C090D28DA1 PID: 1360 ( 828) C:\Windows\System32\igfxext.exe PID: 2784 ( 828) C:\Windows\System32\wbem\unsecapp.exe PID: 1112 ( 888) CLPS.exe PID: 2824 ( 828) WmiPrvSE.exe PID: 2740 (3012) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe size: 121128 MD5: BCB742E868592973406ACE3ADA97304F PID: 3156 (1584) ePowerEvent.exe PID: 3172 ( 640) SearchIndexer.exe size: 428032 PID: 3492 ( 640) UNS.exe PID: 1428 ( 640) svchost.exe size: 20992 PID: 1472 ( 640) wmpnetwk.exe PID: 2092 ( 532) C:\Windows\System32\wuauclt.exe --- Winsock Layered Service Provider list --- Protocol 0: MSAFD Tcpip [TCP/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 1: MSAFD Tcpip [UDP/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 2: MSAFD Tcpip [RAW/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 3: MSAFD Tcpip [TCP/IPv6] GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IPv6 protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 4: MSAFD Tcpip [UDP/IPv6] GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IPv6 protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 5: MSAFD Tcpip [RAW/IPv6] GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IPv6 protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 6: RSVP TCPv6 Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 7: RSVP TCP Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 8: RSVP UDPv6 Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 9: RSVP UDP Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} Filename: Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: NLA-Namespace Namespace Provider 1: Tcpip GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B} Filename: Description: Microsoft Windows NT/2k/XP TCP/IP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: TCP/IP Namespace Provider 2: NTDS GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC} Filename: %SystemRoot%\System32\winrnr.dll Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\winrnr.dll DB protocol: NTDS Namespace Provider 3: E-mail Naming Shim Provider GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE} Filename: Namespace Provider 4: PNRP Cloud Namespace Provider GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D} Filename: Namespace Provider 5: PNRP Name Namespace Provider GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D} Filename: