QuickScan 32-bit v0.9.9.119 --------------------------- Scan date: Wed Sep 12 07:50:17 2012 Machine ID: B07CB767 No infection found. ------------------- Processes --------- Microsoft® Windows® -käyttöjärjestelmä 2284 C:\WINDOWS\system32\notepad.exe Microsoft® Windows® -käyttöjärjestelmä 3656 C:\WINDOWS\system32\notepad.exe (verified) COMODO Internet Security 536 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (verified) COMODO Internet Security 1048 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (verified) IceDragon 2880 C:\Program Files\COMODO\IceDragon\icedragon.exe (verified) IceDragon 452 C:\Program Files\COMODO\IceDragon\plugin-container.exe (verified) IceDragon 1004 C:\Program Files\COMODO\IceDragon\plugin-container.exe (verified) icedragon_updater.exe 1524 C:\Program Files\COMODO\IceDragon\icedragon_updater.exe (verified) McAfee Security Scanner 128 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (verified) Microsoft Genuine Advantage 2012 C:\WINDOWS\system32\WgaTray.exe (verified) Microsoft® Windows® -käyttöjärjestelmä 200 C:\WINDOWS\explorer.exe (verified) Microsoft® Windows® -käyttöjärjestelmä 772 C:\WINDOWS\system32\services.exe (verified) Microsoft® Windows® -käyttöjärjestelmä 652 C:\WINDOWS\system32\smss.exe (verified) Microsoft® Windows® -käyttöjärjestelmä 728 C:\WINDOWS\system32\winlogon.exe (verified) Microsoft® Windows® Operating System 1840 C:\WINDOWS\system32\alg.exe (verified) Microsoft® Windows® Operating System 700 C:\WINDOWS\system32\csrss.exe (verified) Microsoft® Windows® Operating System 544 C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System 784 C:\WINDOWS\system32\lsass.exe (verified) Microsoft® Windows® Operating System 1404 C:\WINDOWS\system32\spoolsv.exe (verified) Microsoft® Windows® Operating System 932 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1012 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1080 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1288 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1360 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1468 C:\WINDOWS\system32\svchost.exe (verified) Part of S3 Screen Toys 512 C:\WINDOWS\system32\VTTrayp.exe (verified) Realtek Sound Manager 520 C:\WINDOWS\SOUNDMAN.EXE (verified) S3 Graphics, Inc. Utilities 488 C:\WINDOWS\system32\VTTimer.exe Network activity ---------------- Process icedragon.exe (2880) connected on port 80 (HTTP) --> 209.85.148.100 Process icedragon.exe (2880) connected on port 80 (HTTP) --> 209.85.148.101 Process icedragon.exe (2880) connected on port 443 (HTTP over SSL) --> 209.85.148.100 Process icedragon.exe (2880) connected on port 80 (HTTP) --> 92.122.127.41 Process svchost.exe (1012) listens on ports: 135 (RPC) Autoruns and critical files --------------------------- (verified) Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (verified) COMODO Internet Security C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (verified) COMODO Internet Security C:\WINDOWS\system32\guard32.dll (verified) Google Päivitä C:\Documents and Settings\kone\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (verified) McAfee Security Scanner C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\BROWSEUI.dll (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\crypt32.dll (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\System32\CSCDLL.dll (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\System32\logon.scr (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\logonui.exe (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\SHELL32.dll (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\stobject.dll (verified) Microsoft® Windows® -käyttöjärjestelmä c:\windows\system32\userinit.exe (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\WlNotify.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll (verified) Part of S3 Screen Toys C:\WINDOWS\system32\VTTrayp.exe (verified) Realtek Sound Manager C:\WINDOWS\SOUNDMAN.EXE (verified) S3 Graphics, Inc. Utilities C:\WINDOWS\system32\VTTimer.exe (verified) Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll (verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Browser plugins --------------- (unsigned) VLC Web Plugin C:\Program Files\VideoLAN\VLC\npvlc.dll (verified) Google Update C:\Documents and Settings\kone\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (verified) Java Deployment Toolkit 7.0.70.10 C:\WINDOWS\system32\npDeployJava1.dll (verified) Messenger C:\Program Files\Messenger\msmsgs.exe (verified) Microsoft® Windows Live Login Helper c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll (verified) Microsoft® Windows® -käyttöjärjestelmä C:\WINDOWS\system32\mswsock.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll (verified) NPSWF32_11_4_402_265.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll (verified) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll Missing files ------------- File not found: C:\Program Files\Windows Live\Messenger\msnmsgr.exe --> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"msnmsgr" File not found: cmicnfg.cpl --> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Cmaudio" Scan ---- MD5: 7daaffd8c9bfb87da3fa9566c42ca468 C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll MD5: 05d6b219b8279e928ecddb11df8d5934 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll MD5: aea69af0e4f27aaba1a4df66b43179a3 C:\Program Files\VideoLAN\VLC\npvlc.dll MD5: 883f93de120956cb25fd69d1636b5530 C:\WINDOWS\system32\drivers\cmuda.sys MD5: 3d3efc47aaa045992216307faffec399 C:\WINDOWS\system32\firewall.cpl MD5: e7414eee9cd4f66761e4424dbc3b93b7 C:\WINDOWS\system32\icm32.dll MD5: 663ed1f738f8c53973dd6a04941cf201 C:\WINDOWS\system32\mydocs.dll MD5: b26873c6b2aa21cdb1d39d03348bd713 C:\WINDOWS\system32\notepad.exe MD5: 28a4d876e1ca73a9d91ce6803f81b861 C:\WINDOWS\system32\RICHED20.dll MD5: f8638de2080d9f20cc774d07bbead0d4 C:\WINDOWS\system32\RichEd32.dll MD5: 5b1bd0c30246219024d75124be1efba8 C:\WINDOWS\system32\shdoclc.dll MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll No file uploaded. Scan finished - communication took 0 sec Total traffic - 0.00 MB sent, 0.09 KB recvd Scanned 458 files and modules - 70 seconds ==============================================================================