Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pop-ups, redirect, virus? (Antimalware doctor)

Started by sue dinym , Aug 24 2010 07:20 PM

  • This topic is locked This topic is locked

#31
emeraldnzl
Posted 16 February 2011 - 09:00 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello sue,

"genuine notification" thing.


Please run the MGA Diagnostic Tool and post back the report it produces:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
Also do this

Please run a free on line scan with BitDefender Online Scanner

Note: these instructions were compiled using Firefox. IE users may find slight differences... just follow the prompts.

  • Click the green Start Scanner button
  • Click the green Free Scan Now button
  • Accept the plug in installation
  • Restart your browser if requested
  • Click the green Free Scan Now button again
  • Accept the eula agreement
  • The scan should start. It will be very quick.
  • Click View Report (note: this is not the facebook one - just click on the words View Report)
  • Notepad will open with a log
  • Save to your desktop
  • Copy and paste the report back here

  • 0

Advertisements

#32
sue dinym
Posted 17 February 2011 - 02:27 PM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
okee-dokee.

here's the MGA log:
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-RVF66-GP7VM-8CFT3
Windows Product Key Hash: tJB30tZY737ZFJYewUg2SpzsCb0=
Windows Product ID: 76487-OEM-2211906-00825
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010100.3.0.med
ID: {507A2254-6B37-4948-AE24-19D2B0965F71}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.5.530.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{507A2254-6B37-4948-AE24-19D2B0965F71}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.med</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-8CFT3</PKey><PID>76487-OEM-2211906-00825</PID><PIDType>2</PIDType><SID>S-1-5-21-2483175834-914623923-3491121645</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>MM061 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A04</Version><SMBIOSVersion major="2" minor="4"/><Date>20060420000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>6DB93BCF0184606E</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Inspiron I6400</name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 4000:Dell Inc|4000:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A


...and here's the BitDefender log:


QuickScan Beta 32-bit v0.9.9.67
-------------------------------
Scan date: Thu Feb 17 12:18:25 2011
Machine ID: 28B23090



Scan failed! Couldn't access QuickScan server.
----------------------------------------------



Processes
---------
(unsigned) BVRP Software TestLine 3320 C:\Program Files\Digital Line Detect\DLG.exe
(unsigned) C-Major Audio 2916 C:\WINDOWS\stsystra.exe
(unsigned) CrypKey Software Licensing System 1924 C:\WINDOWS\system32\Crypserv.exe
(unsigned) Cyberlink PowerCinema 3.0 2944 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(unsigned) Dell Wireless WLAN Card Wireless Networ 1592 C:\WINDOWS\system32\BCMWLTRY.EXE
(unsigned) Dell Wireless WLAN Card Wireless Networ 2784 C:\WINDOWS\system32\WLTRAY.EXE
(unsigned) Drive Letter Access Component 2956 C:\WINDOWS\system32\dla\tfswctrl.exe
(unsigned) NicConfigSvc 608 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(unsigned) OmniPage SE 3028 C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(unsigned) SafeCast Windows NT 1912 C:\WINDOWS\system32\drivers\CDAC11BA.EXE
(unsigned) Trend Micro Anti-Spam 3172 C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
(unsigned) Trend Micro Internet Security 3016 C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
(unsigned) Trend Micro Internet Security 724 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
(unsigned) Trend Micro Internet Security 1468 C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
(unsigned) Trend Micro Network Security Components 1508 C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
(unsigned) Trend Network Security Component 1.0 2688 C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
(unsigned) usbshare.exe 3332 C:\Program Files\Belkin\F1U201.401\usbshare.exe
(unsigned) WLTRYSVC.EXE 1564 C:\WINDOWS\system32\WLTRYSVC.EXE

(verified) Bonjour 1900 C:\Program Files\Bonjour\mDNSResponder.exe
(verified) DivX Download Manager Service 3148 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(verified) DivX Update 3124 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(verified) Firefox 1200 C:\Program Files\Mozilla Firefox\firefox.exe
(verified) Intel® Common User Interface 2736 C:\WINDOWS\system32\hkcmd.exe
(verified) Intel® Common User Interface 2748 C:\WINDOWS\system32\igfxpers.exe
(verified) Intel® Common User Interface 2668 C:\WINDOWS\system32\igfxsrvc.exe
(verified) iTunes 1652 C:\Program Files\iPod\bin\iPodService.exe
(verified) iTunes 3156 C:\Program Files\iTunes\iTunesHelper.exe
(verified) Java™ Platform SE 6 U21 484 C:\Program Files\Java\jre6\bin\jqs.exe
(verified) k9filter.exe 1860 C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(verified) Microsoft® Windows® Operating System 1360 C:\WINDOWS\ehome\ehmsas.exe
(verified) Microsoft® Windows® Operating System 144 C:\WINDOWS\ehome\ehrecvr.exe
(verified) Microsoft® Windows® Operating System 252 C:\WINDOWS\ehome\ehSched.exe
(verified) Microsoft® Windows® Operating System 2492 C:\WINDOWS\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System 2136 C:\WINDOWS\ehome\mcrdsvc.exe
(verified) Microsoft® Windows® Operating System 548 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 2576 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 868 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 3276 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 3916 C:\WINDOWS\system32\dllhost.exe
(verified) Microsoft® Windows® Operating System 952 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 196 C:\WINDOWS\system32\notepad.exe
(verified) Microsoft® Windows® Operating System 940 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 804 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1696 C:\WINDOWS\system32\spoolsv.exe
(verified) Microsoft® Windows® Operating System 1428 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1400 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1340 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1280 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1240 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1172 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2984 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 848 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1784 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2696 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 896 C:\WINDOWS\system32\winlogon.exe
(verified) MobileDeviceService 1844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(verified) NMSAccessU.exe 672 C:\Program Files\CDBurnerXP\NMSAccessU.exe
(verified) Synaptics Pointing Device Driver 2932 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe


Network activity
----------------
Process firefox.exe (1200) connected on port 80 (HTTP) --> 128.241.220.104
Process firefox.exe (1200) connected on port 80 (HTTP) --> 199.7.71.190
Process firefox.exe (1200) connected on port 80 (HTTP) --> 74.125.224.5

Process svchost.exe (1172) listens on ports: 3389 (Terminal Server)
Process svchost.exe (1240) listens on ports: 135 (RPC)
Process svchost.exe (1428) listens on ports: 2869 (SSDP event notification, UPNP)


Autoruns and critical files
---------------------------
(unsigned) C-Major Audio C:\WINDOWS\stsystra.exe
(unsigned) Cyberlink PowerCinema 3.0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(unsigned) Dell Wireless WLAN Card Wireless Networ C:\WINDOWS\system32\WLTRAY.EXE
(unsigned) Drive Letter Access Component C:\WINDOWS\system32\dla\tfswctrl.exe
(unsigned) InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(unsigned) InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
(unsigned) OmniPage SE C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(unsigned) QuickTime C:\Program Files\QuickTime\QTTask.exe
(unsigned) Trend Micro Anti-Spam C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
(unsigned) Trend Micro Internet Security C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe

(verified) Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
(verified) Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(verified) Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
(verified) DivX Download Manager Service C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(verified) DivX Update C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
(verified) iTunes C:\Program Files\iTunes\iTunesHelper.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\crypt32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\shell32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\wlnotify.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verified) Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
(unsigned) DeleteMe1.exe C:\Program Files\Mozilla Firefox\plugins\DeleteMe1.exe
(unsigned) Drive Letter Access Component C:\WINDOWS\system32\dla\tfswshx.dll
(unsigned) Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
(unsigned) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll
(unsigned) Java™ Platform SE 6 U21 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) MetaStream 3 Plugin C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
(unsigned) Mozilla ActiveX control and plugin supp C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
(unsigned) RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
(unsigned) RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
(unsigned) RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
(unsigned) RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
(unsigned) RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
(unsigned) RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
(unsigned) Turner Media Plugin 1.0.0.9 C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll

(verified) AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
(verified) Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
(verified) Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
(verified) BitDefender QuickScan C:\Documents and Settings\Meddle\Application Data\Mozilla\Firefox\Profiles\xjcdtd2o.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
(verified) DivX OVS Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
(verified) DivX Web Player c:\program files\divx\divx plus web player\npdivx32.dll
(verified) Google Update C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
(verified) i-drop control C:\WINDOWS\Downloaded Program Files\IDrop.ocx
(verified) i-drop control C:\WINDOWS\Downloaded Program Files\IDropENU.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
(verified) Java Deployment Toolkit 6.0.210.7 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
(verified) Java™ Platform SE 6 U21 c:\program files\java\jre6\bin\jp2ssv.dll
(verified) Java™ Platform SE 6 U21 c:\program files\java\jre6\bin\ssv.dll
(verified) Java™ Platform SE 6 U21 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verified) Messenger C:\Program Files\Messenger\msmsgs.exe
(verified) Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
(verified) Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
(verified) npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
(verified) NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
(verified) qscanff.dll C:\Documents and Settings\Meddle\Application Data\Mozilla\Firefox\Profiles\xjcdtd2o.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
(verified) Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
(verified) Veetle TV Core C:\Program Files\Veetle\plugins\npVeetle.dll
(verified) Veetle TV Player C:\Program Files\Veetle\Player\npvlc.dll
(verified) Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll


Missing files
-------------
File not found: C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
--> HKLM\System\ControlSet001\services\getPlus® Helper\"ImagePath"

File not found: system32\DRIVERS\wanatw4.sys
--> HKLM\System\ControlSet001\services\wanatw\"ImagePath"


Scan
----
(unsigned) MD5: 20b2c339361e82a6707533bac481fce4 C:\Program Files\7-Zip\7-zip.dll
(unsigned) MD5: bb633ed02fe2e7fa8350b23656eeb970 C:\Program Files\Belkin\F1U201.401\usbshare.exe
(unsigned) MD5: 583b7d111304be63d7d9cb65482d2187 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(unsigned) MD5: 9e109b03018763fdcb075ce74547be22 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
(unsigned) MD5: fdd5d54d4eacce42b260225863f9a0f0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(unsigned) MD5: 11d8a00c7eff1aaec8e8464769c84a3d C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(unsigned) MD5: 413f2d5f9d802688242c23b38f767ecb C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
(unsigned) MD5: a476968c08667b1e09f2a95234e8ceef C:\Program Files\Digital Line Detect\BVRPDiag.dll
(unsigned) MD5: b66e56733e2cd6a10fda5919625fbf46 C:\Program Files\Digital Line Detect\DLG.exe
(unsigned) MD5: 4b988e3393789572cdb143ddac3a2fc0 C:\Program Files\DivX\DivX Plus Web Player\DivXDownloadManager.dll
(unsigned) MD5: 5e947691097ba0a9aa4b8e44a4b9feb0 C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
(unsigned) MD5: 2d5394ff0e31ffefb5049f0911e91d89 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) MD5: e72b70c57c4229d339fe110951932392 C:\Program Files\Mozilla Firefox\freebl3.dll
(unsigned) MD5: 3d07aceebe516a561767117c43088f2c C:\Program Files\Mozilla Firefox\nssdbm3.dll
(unsigned) MD5: 03c79b88a1ff17be82cd06cca6bd8fb6 C:\Program Files\Mozilla Firefox\plugins\DeleteMe1.exe
(unsigned) MD5: bb2fd4632cbf410c584bab0be026b733 C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
(unsigned) MD5: e2b8c15caab06c6389184f23bac5ad6f C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
(unsigned) MD5: 3d304c8a8aa570169d87b0fc1701a864 C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
(unsigned) MD5: 4b2f61dca7db661570828dce5d302525 C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
(unsigned) MD5: 7f8dd9552428ebaee9814a85bd253cfd C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
(unsigned) MD5: 2935447938967fdd07dd9118dfb4afb2 C:\Program Files\Mozilla Firefox\softokn3.dll
(unsigned) MD5: 1c21b0b726b8c545850401179f6a7eaf C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll
(unsigned) MD5: 2f062c7e342d027eee9f0619f2210bae C:\Program Files\OpenOffice.org 2.0\program\stlport_vc7145.dll
(unsigned) MD5: 232fe1474fb87caea1a3438407d6f2a6 C:\Program Files\OpenOffice.org 2.0\program\uwinapi.dll
(unsigned) MD5: afdae59fe562a7cdb44f9d4abedac316 C:\Program Files\QuickTime\QTSystem\QTCF.dll
(unsigned) MD5: 1d856e6e7490447fcfaa46e09a2bf9c9 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
(unsigned) MD5: dddbd3d825e9846b6adb78578aa7a699 C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll
(unsigned) MD5: 103976a97e25724e0a3ed50e48921cd2 C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll
(unsigned) MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\QTTask.exe
(unsigned) MD5: e2b8c15caab06c6389184f23bac5ad6f C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
(unsigned) MD5: 3d304c8a8aa570169d87b0fc1701a864 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
(unsigned) MD5: 4b2f61dca7db661570828dce5d302525 C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
(unsigned) MD5: 5216c98b87fe7c32c02983b7f3bb707c C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll
(unsigned) MD5: 882539219b40107d5bc0557e0088dd79 C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(unsigned) MD5: 1da0fdf5ee35c39145d464f06dc798ae C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
(unsigned) MD5: 30974c7e29cb115a89ffb2ccb5f89f88 C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe
(unsigned) MD5: 5ccfeaab831b5b1f7558c25ab955517d C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEHook.dll
(unsigned) MD5: 929b93fcc12782e01345657369759e7d C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
(unsigned) MD5: 37c406bac6896d504e054bbfaa120d79 C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe
(unsigned) MD5: 70ee53c6e1b5402c5ce0f12d038b0f4c C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe
(unsigned) MD5: 949bb051485aef6516a600f7454f0abf C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe
(unsigned) MD5: bcdff548f7d31a2bcf1cf98da7eb5445 C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
(unsigned) MD5: a4b64364b47eb028a3ae41255f015cf6 C:\PROGRA~1\TRENDM~1\INTERN~1\PccAltUI.dll
(unsigned) MD5: 35d3d93cc008f4bafabe21ea5302d06d C:\PROGRA~1\TRENDM~1\INTERN~1\PccScan.dll
(unsigned) MD5: 30974c7e29cb115a89ffb2ccb5f89f88 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
(unsigned) MD5: 2ebb8d25c71eac2db75f15d61aced2f2 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlPS.dll
(unsigned) MD5: 23fb4dfacff4a1dd947ede7af94ea6f9 C:\PROGRA~1\TRENDM~1\INTERN~1\PEWNT2.dll
(unsigned) MD5: 7e1ec214036b88b3dc35706f78ce68a3 C:\PROGRA~1\TRENDM~1\INTERN~1\tmCfwApi.dll
(unsigned) MD5: a07c9c819bd8bcbb92e73f716032df2a C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll
(unsigned) MD5: 1844321d6915539e5fbbca3647202589 C:\PROGRA~1\TRENDM~1\INTERN~1\tmdp.dll
(unsigned) MD5: 37c406bac6896d504e054bbfaa120d79 C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
(unsigned) MD5: 6cc6595c6bb35226ee705333560870a6 C:\PROGRA~1\TRENDM~1\INTERN~1\TMOACfg.dll
(unsigned) MD5: 70ee53c6e1b5402c5ce0f12d038b0f4c C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
(unsigned) MD5: c70beaf030426524c001d66b38795d6d C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwApi.dll
(unsigned) MD5: 57c9435dcc4c9431a109dd1bb28c93b8 C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwHlp.dll
(unsigned) MD5: 55245b4002e59e781c558ff2cff264aa C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwLog.dll
(unsigned) MD5: 358c3fba75b5e8f062cfbc6563c23fda C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwRul.dll
(unsigned) MD5: b42a976cbd9fb79015462a20c80f5410 C:\PROGRA~1\TRENDM~1\INTERN~1\tmpp.dll
(unsigned) MD5: 09bcb95d67ee7831bdea7b5e43391118 C:\PROGRA~1\TRENDM~1\INTERN~1\TmProxy.dll
(unsigned) MD5: 949bb051485aef6516a600f7454f0abf C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
(unsigned) MD5: e1324784f52e924bd3363d60e97b3f93 C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxCfg.dll
(unsigned) MD5: 7ff3676e3fbd5674082eefa2bf4b03df C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxHelp.dll
(unsigned) MD5: 13cb8d511ae3dc0040d2651f5bc55c8f C:\PROGRA~1\TRENDM~1\INTERN~1\tmtdi.dll
(unsigned) MD5: d8fb851a9fbd62352fd74283f9c14c77 C:\WINDOWS\Downloaded Program Files\isusweb.dll
(unsigned) MD5: 931e5e560d5f7bd2a22c8d32c24fe8f3 C:\WINDOWS\stsystra.exe
(unsigned) MD5: 6e000ec0096a2a1cf4a31b7393a29ae1 C:\WINDOWS\system32\bcm1xsup.dll
(unsigned) MD5: ee56f213182841bbf333d4ea3db481ef C:\WINDOWS\system32\BCMLogon.dll
(unsigned) MD5: 4df537a09034434ea9481b88ab1d3c25 C:\WINDOWS\system32\bcmwlpkt.dll
(unsigned) MD5: 3118a7345a5c28e8d5c6be7a90aea0a6 C:\WINDOWS\system32\BCMWLTRY.EXE
(unsigned) MD5: 199f29c6f503872167a53c4421dc14b1 C:\WINDOWS\system32\ckldrv.sys
(unsigned) MD5: ca8d087228f291a3ed7983755cfa6f70 C:\WINDOWS\system32\cpwmon2k.dll
(unsigned) MD5: 85a6662b5f12b84d599a74119f04b381 C:\WINDOWS\system32\Crypserv.exe
(unsigned) MD5: 30698355067d07da5f9eb81132c9fdd6 C:\WINDOWS\system32\dla\tfsnboio.sys
(unsigned) MD5: fb9d825bb4a2abdf24600f7505050e2b C:\WINDOWS\system32\dla\tfsncofs.sys
(unsigned) MD5: cafd8cca11aa1e8b6d2ea1ba8f70ec33 C:\WINDOWS\system32\dla\tfsndrct.sys
(unsigned) MD5: 8db1e78fbf7c426d8ec3d8f1a33d6485 C:\WINDOWS\system32\dla\tfsndres.sys
(unsigned) MD5: b92f67a71cc8176f331b8aa8d9f555ad C:\WINDOWS\system32\dla\tfsnifs.sys
(unsigned) MD5: 85985faa9a71e2358fcc2edefc2a3c5c C:\WINDOWS\system32\dla\tfsnopio.sys
(unsigned) MD5: bba22094f0f7c210567efdaf11f64495 C:\WINDOWS\system32\dla\tfsnpool.sys
(unsigned) MD5: 81340bef80b9811e98ce64611e67e3ff C:\WINDOWS\system32\dla\tfsnudf.sys
(unsigned) MD5: c035fd116224ccc8325f384776b6a8bb C:\WINDOWS\system32\dla\tfsnudfa.sys
(unsigned) MD5: 32182cbbdc1dc700096ec3253e31cb3c C:\WINDOWS\system32\dla\tfswcres.dll
(unsigned) MD5: 2ca827ba68d0cdb5437c40c6f53d7f20 C:\WINDOWS\system32\dla\tfswctrl.exe
(unsigned) MD5: 37943b990d318145d1efcbeef8f9566a C:\WINDOWS\system32\dla\tfswshx.dll
(unsigned) MD5: ec94e05b76d033b74394e7b2175103cf C:\WINDOWS\system32\drivers\APPDRV.sys
(unsigned) MD5: ac491eb706c48b89a638b239dc3bcfcb C:\WINDOWS\system32\drivers\CDAC11BA.EXE
(unsigned) MD5: 69419792390122eefd84e598d896715b C:\WINDOWS\system32\drivers\CDAC15BA.sys
(unsigned) MD5: e814854e6b246ccf498874839ab64d77 C:\WINDOWS\system32\drivers\drvmcdb.sys
(unsigned) MD5: ee83a4ebae70bc93cf14879d062f548b C:\WINDOWS\system32\drivers\DRVNDDM.sys
(unsigned) MD5: 5be111b90f5d712b6e939842d4ef5dc7 C:\WINDOWS\System32\Drivers\echo1394.sys
(unsigned) MD5: 7f2f1d2815a6449d346fcccbc569fbd6 C:\WINDOWS\system32\DRIVERS\mhndrv.sys
(unsigned) MD5: d7968049be0adbb6a57cee3960320911 C:\WINDOWS\system32\drivers\sscdbhk5.sys
(unsigned) MD5: c3ffd65abfb6441e7606cf74f1155273 C:\WINDOWS\system32\drivers\SSRTLN.sys
(unsigned) MD5: 6b34c260fe86e9171f8c897b552625aa C:\WINDOWS\system32\drivers\TM_CFW.sys
(unsigned) MD5: 309f8d84fcb94fda6629228aa3c893e5 C:\WINDOWS\system32\drivers\TMTDI.sys
(unsigned) MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\MFC71.DLL
(unsigned) MD5: b7521f69c0a9b29d356157229376fb21 C:\WINDOWS\System32\mhn.dll
(unsigned) MD5: 20607ee4886d78dd95286f2d14e9ff2f C:\WINDOWS\system32\msvcp71.dll
(unsigned) MD5: 25912cc032cb14c299cec9d2034a49f4 C:\WINDOWS\system32\msvcr71.dll
(unsigned) MD5: 41aba3f186caa675ff400e82e05a7a48 C:\WINDOWS\system32\ngprtserv.dll
(unsigned) MD5: b5c05ce075f48cc44c154f0ce25c4cfe C:\WINDOWS\system32\tfswapi.dll
(unsigned) MD5: 234c29a211817b5c69c2e4c4c4f71750 C:\WINDOWS\system32\WLTRAY.EXE
(unsigned) MD5: 6c2981657e2d424518de66c786eee672 C:\WINDOWS\system32\wltrynt.dll
(unsigned) MD5: 8e12adcd26a2ac8006e52b74463e9dd1 C:\WINDOWS\system32\WLTRYSVC.EXE


Scan finished - communication took 18 sec
Total traffic - 0.00 MB sent, 2.33 KB recvd
Scanned 1222 files and modules - 348 seconds

==============================================================================
  • 0

#33
emeraldnzl
Posted 17 February 2011 - 03:40 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello sue dinym,

That on line scan says it failed so I don't know whether it reported clean. You might like to do that again yourself just to make sure.

The PhysicalDrive1 that shows the MBR Code Faked at post #22 can't hurt your machine as you don't boot from that drive.

Apart from the failed online scan I am thinking your machine is clean.

my computer still takes a pretty long time to start up



Go here for information about what makes your computer slow by Artellos.

miekiemoes has a blog with some information about slow computing.

Just scroll down until you find it, might be helpful. Link below.

http://miekiemoes.bl...l/Slow computer

Since Artellos wrote that piece our own developer OldTimer has made TFC available as a temporary file cleaner. You will see that in my last post.

the fan sounds like it's in overdrive


Number of possibilities that occurr to me. Could be overheating, if it's a desktop it might be time for a clean up (remove dust etc.) or maybe the fan is just getting old.

Now

We have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.
  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image
Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. The MBRCheck and MGA Diagnostics folders/files can be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.
  • Download from here Java Runtime Environment (JDK) Update
  • Scroll to where it says "Windows XP/Vista/2000/2003/2008 online" and download and follow the instructions to install.

    Reboot your computer.
    You also need to uininstall older versions of Java.
  • Click Start > Control Panel > Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

Be sure and give the Temp folders a cleaning out now and then. This helps with security and your computer will run more efficiently. I clean mine once a week.

For ease of use, you might consider the following free program:---------------------------------------------------------------------------------------------------------------------

To reduce the amount of fragmentation in your machines file system occasionally run a defragmenter utility. You can use your built in program (Start > Programs > Accessories > System Tools > Disk Defragmentor) or alternatively here is a program you can download and use: Puran Disc Defragmenter

---------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
* Consider using an alternate browser.

Opera may be downloaded from here. It is one of the least targeted of all browers.

Avant may be downloaded from here. Another one that is less well known.

Firefox may be downloaded from Here. I use Firefox because I like it. Used to be one of the safest but now targeted probably as much as IE.

Adblock Plus is a good Add-on for Firefox that helps prevent those annoying pop ups.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

  • If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

    And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  • Malwarebytes
  • SuperAntiSpyWare
Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

Have a safe and happy computing day!
  • 0

#34
sue dinym
Posted 17 February 2011 - 04:42 PM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

That on line scan says it failed so I don't know whether it reported clean. You might like to do that again yourself just to make sure.


...i ran it again and it came out clean. i think my connection here at the library was just slow at the previous attempt.

thanks for all the support. again! i'll check out the slow-computing links you set me up with, and try to stay steady on my defrag/cleaning-out of my system stuff.


be well! -- sue


the log is below

QuickScan Beta 32-bit v0.9.9.67
-------------------------------
Scan date: Thu Feb 17 14:35:56 2011
Machine ID: 28B23090



No infection found.
-------------------



Processes
---------
(unsigned) BVRP Software TestLine 3320 C:\Program Files\Digital Line Detect\DLG.exe
(unsigned) C-Major Audio 2916 C:\WINDOWS\stsystra.exe
(unsigned) CrypKey Software Licensing System 1924 C:\WINDOWS\system32\Crypserv.exe
(unsigned) Cyberlink PowerCinema 3.0 2944 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(unsigned) Dell Wireless WLAN Card Wireless Networ 1592 C:\WINDOWS\system32\BCMWLTRY.EXE
(unsigned) Dell Wireless WLAN Card Wireless Networ 2784 C:\WINDOWS\system32\WLTRAY.EXE
(unsigned) Drive Letter Access Component 2956 C:\WINDOWS\system32\dla\tfswctrl.exe
(unsigned) NicConfigSvc 608 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(unsigned) OmniPage SE 3028 C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(unsigned) SafeCast Windows NT 1912 C:\WINDOWS\system32\drivers\CDAC11BA.EXE
(unsigned) Trend Micro Anti-Spam 3172 C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
(unsigned) Trend Micro Internet Security 3016 C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
(unsigned) Trend Micro Internet Security 724 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
(unsigned) Trend Micro Internet Security 1468 C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
(unsigned) Trend Micro Network Security Components 1508 C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
(unsigned) Trend Network Security Component 1.0 2688 C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
(unsigned) usbshare.exe 3332 C:\Program Files\Belkin\F1U201.401\usbshare.exe
(unsigned) WLTRYSVC.EXE 1564 C:\WINDOWS\system32\WLTRYSVC.EXE

(verified) Bonjour 1900 C:\Program Files\Bonjour\mDNSResponder.exe
(verified) DivX Download Manager Service 3148 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(verified) DivX Update 3124 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(verified) Firefox 1200 C:\Program Files\Mozilla Firefox\firefox.exe
(verified) Intel® Common User Interface 2736 C:\WINDOWS\system32\hkcmd.exe
(verified) Intel® Common User Interface 2748 C:\WINDOWS\system32\igfxpers.exe
(verified) Intel® Common User Interface 2668 C:\WINDOWS\system32\igfxsrvc.exe
(verified) iTunes 1652 C:\Program Files\iPod\bin\iPodService.exe
(verified) iTunes 3156 C:\Program Files\iTunes\iTunesHelper.exe
(verified) Java™ Platform SE 6 U21 484 C:\Program Files\Java\jre6\bin\jqs.exe
(verified) k9filter.exe 1860 C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(verified) Microsoft® Windows® Operating System 1360 C:\WINDOWS\ehome\ehmsas.exe
(verified) Microsoft® Windows® Operating System 144 C:\WINDOWS\ehome\ehrecvr.exe
(verified) Microsoft® Windows® Operating System 252 C:\WINDOWS\ehome\ehSched.exe
(verified) Microsoft® Windows® Operating System 2492 C:\WINDOWS\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System 2136 C:\WINDOWS\ehome\mcrdsvc.exe
(verified) Microsoft® Windows® Operating System 548 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 2576 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 868 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 3276 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 3916 C:\WINDOWS\system32\dllhost.exe
(verified) Microsoft® Windows® Operating System 952 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 196 C:\WINDOWS\system32\notepad.exe
(verified) Microsoft® Windows® Operating System 940 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 804 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1696 C:\WINDOWS\system32\spoolsv.exe
(verified) Microsoft® Windows® Operating System 1428 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1400 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1340 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1280 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1240 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1172 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2984 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 848 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1784 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2696 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 896 C:\WINDOWS\system32\winlogon.exe
(verified) MobileDeviceService 1844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(verified) NMSAccessU.exe 672 C:\Program Files\CDBurnerXP\NMSAccessU.exe
(verified) Synaptics Pointing Device Driver 2932 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe


Network activity
----------------
Process firefox.exe (1200) connected on port 80 (HTTP) --> 96.17.127.139
Process firefox.exe (1200) connected on port 80 (HTTP) --> 204.203.18.138
Process firefox.exe (1200) connected on port 80 (HTTP) --> 74.125.224.11
Process firefox.exe (1200) connected on port 80 (HTTP) --> 66.220.149.11
Process firefox.exe (1200) connected on port 80 (HTTP) --> 204.203.18.144
Process firefox.exe (1200) connected on port 80 (HTTP) --> 204.203.18.161
Process firefox.exe (1200) connected on port 80 (HTTP) --> 204.203.18.160
Process firefox.exe (1200) connected on port 80 (HTTP) --> 199.7.51.190
Process firefox.exe (1200) connected on port 80 (HTTP) --> 204.203.18.153
Process firefox.exe (1200) connected on port 80 (HTTP) --> 204.203.18.153

Process svchost.exe (1172) listens on ports: 3389 (Terminal Server)
Process svchost.exe (1240) listens on ports: 135 (RPC)
Process svchost.exe (1428) listens on ports: 2869 (SSDP event notification, UPNP)


Autoruns and critical files
---------------------------
(unsigned) C-Major Audio C:\WINDOWS\stsystra.exe
(unsigned) Cyberlink PowerCinema 3.0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(unsigned) Dell Wireless WLAN Card Wireless Networ C:\WINDOWS\system32\WLTRAY.EXE
(unsigned) Drive Letter Access Component C:\WINDOWS\system32\dla\tfswctrl.exe
(unsigned) InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(unsigned) InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
(unsigned) OmniPage SE C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(unsigned) QuickTime C:\Program Files\QuickTime\QTTask.exe
(unsigned) Trend Micro Anti-Spam C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
(unsigned) Trend Micro Internet Security C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe

(verified) Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
(verified) Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(verified) Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
(verified) DivX Download Manager Service C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(verified) DivX Update C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
(verified) iTunes C:\Program Files\iTunes\iTunesHelper.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\crypt32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\shell32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\wlnotify.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verified) Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
(unsigned) DeleteMe1.exe C:\Program Files\Mozilla Firefox\plugins\DeleteMe1.exe
(unsigned) Drive Letter Access Component C:\WINDOWS\system32\dla\tfswshx.dll
(unsigned) Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
(unsigned) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll
(unsigned) Java™ Platform SE 6 U21 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) MetaStream 3 Plugin C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
(unsigned) Mozilla ActiveX control and plugin supp C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
(unsigned) RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
(unsigned) RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
(unsigned) RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
(unsigned) RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
(unsigned) RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
(unsigned) RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
(unsigned) Turner Media Plugin 1.0.0.9 C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll

(verified) AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
(verified) Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
(verified) Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
(verified) BitDefender QuickScan C:\Documents and Settings\Meddle\Application Data\Mozilla\Firefox\Profiles\xjcdtd2o.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
(verified) DivX OVS Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
(verified) DivX Web Player c:\program files\divx\divx plus web player\npdivx32.dll
(verified) Google Update C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
(verified) i-drop control C:\WINDOWS\Downloaded Program Files\IDrop.ocx
(verified) i-drop control C:\WINDOWS\Downloaded Program Files\IDropENU.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
(verified) Java Deployment Toolkit 6.0.210.7 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
(verified) Java™ Platform SE 6 U21 c:\program files\java\jre6\bin\jp2ssv.dll
(verified) Java™ Platform SE 6 U21 c:\program files\java\jre6\bin\ssv.dll
(verified) Java™ Platform SE 6 U21 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verified) Messenger C:\Program Files\Messenger\msmsgs.exe
(verified) Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
(verified) Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
(verified) npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
(verified) NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
(verified) qscanff.dll C:\Documents and Settings\Meddle\Application Data\Mozilla\Firefox\Profiles\xjcdtd2o.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
(verified) Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
(verified) Veetle TV Core C:\Program Files\Veetle\plugins\npVeetle.dll
(verified) Veetle TV Player C:\Program Files\Veetle\Player\npvlc.dll
(verified) Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll


Missing files
-------------
File not found: C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
--> HKLM\System\ControlSet001\services\getPlus® Helper\"ImagePath"

File not found: system32\DRIVERS\wanatw4.sys
--> HKLM\System\ControlSet001\services\wanatw\"ImagePath"


Scan
----
(unsigned) MD5: 20b2c339361e82a6707533bac481fce4 C:\Program Files\7-Zip\7-zip.dll
(unsigned) MD5: bb633ed02fe2e7fa8350b23656eeb970 C:\Program Files\Belkin\F1U201.401\usbshare.exe
(unsigned) MD5: 583b7d111304be63d7d9cb65482d2187 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(unsigned) MD5: 9e109b03018763fdcb075ce74547be22 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
(unsigned) MD5: fdd5d54d4eacce42b260225863f9a0f0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(unsigned) MD5: 11d8a00c7eff1aaec8e8464769c84a3d C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(unsigned) MD5: 413f2d5f9d802688242c23b38f767ecb C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
(unsigned) MD5: a476968c08667b1e09f2a95234e8ceef C:\Program Files\Digital Line Detect\BVRPDiag.dll
(unsigned) MD5: b66e56733e2cd6a10fda5919625fbf46 C:\Program Files\Digital Line Detect\DLG.exe
(unsigned) MD5: 4b988e3393789572cdb143ddac3a2fc0 C:\Program Files\DivX\DivX Plus Web Player\DivXDownloadManager.dll
(unsigned) MD5: 5e947691097ba0a9aa4b8e44a4b9feb0 C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
(unsigned) MD5: 2d5394ff0e31ffefb5049f0911e91d89 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) MD5: e72b70c57c4229d339fe110951932392 C:\Program Files\Mozilla Firefox\freebl3.dll
(unsigned) MD5: 3d07aceebe516a561767117c43088f2c C:\Program Files\Mozilla Firefox\nssdbm3.dll
(unsigned) MD5: 03c79b88a1ff17be82cd06cca6bd8fb6 C:\Program Files\Mozilla Firefox\plugins\DeleteMe1.exe
(unsigned) MD5: bb2fd4632cbf410c584bab0be026b733 C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
(unsigned) MD5: e2b8c15caab06c6389184f23bac5ad6f C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
(unsigned) MD5: 840b4c97c7ef119834780fa09258dcd1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
(unsigned) MD5: 3d304c8a8aa570169d87b0fc1701a864 C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
(unsigned) MD5: 4b2f61dca7db661570828dce5d302525 C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
(unsigned) MD5: 7f8dd9552428ebaee9814a85bd253cfd C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
(unsigned) MD5: 2935447938967fdd07dd9118dfb4afb2 C:\Program Files\Mozilla Firefox\softokn3.dll
(unsigned) MD5: 1c21b0b726b8c545850401179f6a7eaf C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll
(unsigned) MD5: 2f062c7e342d027eee9f0619f2210bae C:\Program Files\OpenOffice.org 2.0\program\stlport_vc7145.dll
(unsigned) MD5: 232fe1474fb87caea1a3438407d6f2a6 C:\Program Files\OpenOffice.org 2.0\program\uwinapi.dll
(unsigned) MD5: afdae59fe562a7cdb44f9d4abedac316 C:\Program Files\QuickTime\QTSystem\QTCF.dll
(unsigned) MD5: 1d856e6e7490447fcfaa46e09a2bf9c9 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
(unsigned) MD5: dddbd3d825e9846b6adb78578aa7a699 C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll
(unsigned) MD5: 103976a97e25724e0a3ed50e48921cd2 C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll
(unsigned) MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\QTTask.exe
(unsigned) MD5: e2b8c15caab06c6389184f23bac5ad6f C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
(unsigned) MD5: 3d304c8a8aa570169d87b0fc1701a864 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
(unsigned) MD5: 4b2f61dca7db661570828dce5d302525 C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
(unsigned) MD5: 5216c98b87fe7c32c02983b7f3bb707c C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll
(unsigned) MD5: 882539219b40107d5bc0557e0088dd79 C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(unsigned) MD5: 1da0fdf5ee35c39145d464f06dc798ae C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
(unsigned) MD5: 30974c7e29cb115a89ffb2ccb5f89f88 C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe
(unsigned) MD5: 5ccfeaab831b5b1f7558c25ab955517d C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEHook.dll
(unsigned) MD5: 929b93fcc12782e01345657369759e7d C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
(unsigned) MD5: 37c406bac6896d504e054bbfaa120d79 C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe
(unsigned) MD5: 70ee53c6e1b5402c5ce0f12d038b0f4c C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe
(unsigned) MD5: 949bb051485aef6516a600f7454f0abf C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe
(unsigned) MD5: bcdff548f7d31a2bcf1cf98da7eb5445 C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
(unsigned) MD5: a4b64364b47eb028a3ae41255f015cf6 C:\PROGRA~1\TRENDM~1\INTERN~1\PccAltUI.dll
(unsigned) MD5: 35d3d93cc008f4bafabe21ea5302d06d C:\PROGRA~1\TRENDM~1\INTERN~1\PccScan.dll
(unsigned) MD5: 30974c7e29cb115a89ffb2ccb5f89f88 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
(unsigned) MD5: 2ebb8d25c71eac2db75f15d61aced2f2 C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlPS.dll
(unsigned) MD5: 23fb4dfacff4a1dd947ede7af94ea6f9 C:\PROGRA~1\TRENDM~1\INTERN~1\PEWNT2.dll
(unsigned) MD5: 7e1ec214036b88b3dc35706f78ce68a3 C:\PROGRA~1\TRENDM~1\INTERN~1\tmCfwApi.dll
(unsigned) MD5: a07c9c819bd8bcbb92e73f716032df2a C:\PROGRA~1\TRENDM~1\INTERN~1\tmdbg.dll
(unsigned) MD5: 1844321d6915539e5fbbca3647202589 C:\PROGRA~1\TRENDM~1\INTERN~1\tmdp.dll
(unsigned) MD5: 37c406bac6896d504e054bbfaa120d79 C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
(unsigned) MD5: 6cc6595c6bb35226ee705333560870a6 C:\PROGRA~1\TRENDM~1\INTERN~1\TMOACfg.dll
(unsigned) MD5: 70ee53c6e1b5402c5ce0f12d038b0f4c C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
(unsigned) MD5: c70beaf030426524c001d66b38795d6d C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwApi.dll
(unsigned) MD5: 57c9435dcc4c9431a109dd1bb28c93b8 C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwHlp.dll
(unsigned) MD5: 55245b4002e59e781c558ff2cff264aa C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwLog.dll
(unsigned) MD5: 358c3fba75b5e8f062cfbc6563c23fda C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfwRul.dll
(unsigned) MD5: b42a976cbd9fb79015462a20c80f5410 C:\PROGRA~1\TRENDM~1\INTERN~1\tmpp.dll
(unsigned) MD5: 09bcb95d67ee7831bdea7b5e43391118 C:\PROGRA~1\TRENDM~1\INTERN~1\TmProxy.dll
(unsigned) MD5: 949bb051485aef6516a600f7454f0abf C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
(unsigned) MD5: e1324784f52e924bd3363d60e97b3f93 C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxCfg.dll
(unsigned) MD5: 7ff3676e3fbd5674082eefa2bf4b03df C:\PROGRA~1\TRENDM~1\INTERN~1\TmpxHelp.dll
(unsigned) MD5: 13cb8d511ae3dc0040d2651f5bc55c8f C:\PROGRA~1\TRENDM~1\INTERN~1\tmtdi.dll
(unsigned) MD5: d8fb851a9fbd62352fd74283f9c14c77 C:\WINDOWS\Downloaded Program Files\isusweb.dll
(unsigned) MD5: 931e5e560d5f7bd2a22c8d32c24fe8f3 C:\WINDOWS\stsystra.exe
(unsigned) MD5: 6e000ec0096a2a1cf4a31b7393a29ae1 C:\WINDOWS\system32\bcm1xsup.dll
(unsigned) MD5: ee56f213182841bbf333d4ea3db481ef C:\WINDOWS\system32\BCMLogon.dll
(unsigned) MD5: 4df537a09034434ea9481b88ab1d3c25 C:\WINDOWS\system32\bcmwlpkt.dll
(unsigned) MD5: 3118a7345a5c28e8d5c6be7a90aea0a6 C:\WINDOWS\system32\BCMWLTRY.EXE
(unsigned) MD5: 199f29c6f503872167a53c4421dc14b1 C:\WINDOWS\system32\ckldrv.sys
(unsigned) MD5: ca8d087228f291a3ed7983755cfa6f70 C:\WINDOWS\system32\cpwmon2k.dll
(unsigned) MD5: 85a6662b5f12b84d599a74119f04b381 C:\WINDOWS\system32\Crypserv.exe
(unsigned) MD5: 30698355067d07da5f9eb81132c9fdd6 C:\WINDOWS\system32\dla\tfsnboio.sys
(unsigned) MD5: fb9d825bb4a2abdf24600f7505050e2b C:\WINDOWS\system32\dla\tfsncofs.sys
(unsigned) MD5: cafd8cca11aa1e8b6d2ea1ba8f70ec33 C:\WINDOWS\system32\dla\tfsndrct.sys
(unsigned) MD5: 8db1e78fbf7c426d8ec3d8f1a33d6485 C:\WINDOWS\system32\dla\tfsndres.sys
(unsigned) MD5: b92f67a71cc8176f331b8aa8d9f555ad C:\WINDOWS\system32\dla\tfsnifs.sys
(unsigned) MD5: 85985faa9a71e2358fcc2edefc2a3c5c C:\WINDOWS\system32\dla\tfsnopio.sys
(unsigned) MD5: bba22094f0f7c210567efdaf11f64495 C:\WINDOWS\system32\dla\tfsnpool.sys
(unsigned) MD5: 81340bef80b9811e98ce64611e67e3ff C:\WINDOWS\system32\dla\tfsnudf.sys
(unsigned) MD5: c035fd116224ccc8325f384776b6a8bb C:\WINDOWS\system32\dla\tfsnudfa.sys
(unsigned) MD5: 32182cbbdc1dc700096ec3253e31cb3c C:\WINDOWS\system32\dla\tfswcres.dll
(unsigned) MD5: 2ca827ba68d0cdb5437c40c6f53d7f20 C:\WINDOWS\system32\dla\tfswctrl.exe
(unsigned) MD5: 37943b990d318145d1efcbeef8f9566a C:\WINDOWS\system32\dla\tfswshx.dll
(unsigned) MD5: ec94e05b76d033b74394e7b2175103cf C:\WINDOWS\system32\drivers\APPDRV.sys
(unsigned) MD5: ac491eb706c48b89a638b239dc3bcfcb C:\WINDOWS\system32\drivers\CDAC11BA.EXE
(unsigned) MD5: 69419792390122eefd84e598d896715b C:\WINDOWS\system32\drivers\CDAC15BA.sys
(unsigned) MD5: e814854e6b246ccf498874839ab64d77 C:\WINDOWS\system32\drivers\drvmcdb.sys
(unsigned) MD5: ee83a4ebae70bc93cf14879d062f548b C:\WINDOWS\system32\drivers\DRVNDDM.sys
(unsigned) MD5: 5be111b90f5d712b6e939842d4ef5dc7 C:\WINDOWS\System32\Drivers\echo1394.sys
(unsigned) MD5: 7f2f1d2815a6449d346fcccbc569fbd6 C:\WINDOWS\system32\DRIVERS\mhndrv.sys
(unsigned) MD5: d7968049be0adbb6a57cee3960320911 C:\WINDOWS\system32\drivers\sscdbhk5.sys
(unsigned) MD5: c3ffd65abfb6441e7606cf74f1155273 C:\WINDOWS\system32\drivers\SSRTLN.sys
(unsigned) MD5: 6b34c260fe86e9171f8c897b552625aa C:\WINDOWS\system32\drivers\TM_CFW.sys
(unsigned) MD5: 309f8d84fcb94fda6629228aa3c893e5 C:\WINDOWS\system32\drivers\TMTDI.sys
(unsigned) MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\MFC71.DLL
(unsigned) MD5: b7521f69c0a9b29d356157229376fb21 C:\WINDOWS\System32\mhn.dll
(unsigned) MD5: 20607ee4886d78dd95286f2d14e9ff2f C:\WINDOWS\system32\msvcp71.dll
(unsigned) MD5: 25912cc032cb14c299cec9d2034a49f4 C:\WINDOWS\system32\msvcr71.dll
(unsigned) MD5: 41aba3f186caa675ff400e82e05a7a48 C:\WINDOWS\system32\ngprtserv.dll
(unsigned) MD5: b5c05ce075f48cc44c154f0ce25c4cfe C:\WINDOWS\system32\tfswapi.dll
(unsigned) MD5: 234c29a211817b5c69c2e4c4c4f71750 C:\WINDOWS\system32\WLTRAY.EXE
(unsigned) MD5: 6c2981657e2d424518de66c786eee672 C:\WINDOWS\system32\wltrynt.dll
(unsigned) MD5: 8e12adcd26a2ac8006e52b74463e9dd1 C:\WINDOWS\system32\WLTRYSVC.EXE

The following file(s) must be uploaded for server-side scanning:
C:\WINDOWS\system32\ckldrv.sys

Upload started - 1 file(s)
ckldrv.sys (24608)
Upload speed - 5 KB/s
Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 15 sec
Total traffic - 0.08 MB sent, 1.68 KB recvd
Scanned 1230 files and modules - 32 seconds

==============================================================================
  • 0

#35
emeraldnzl
Posted 17 February 2011 - 06:04 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

.i ran it again and it came out clean.


Well done. :D

thanks for all the support.


Your welcome. :D

I will leave this topic open for a few days in case any issues arise.
  • 0

#36
sue dinym
Posted 19 February 2011 - 03:13 PM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
okay, some more weirdness on the windows update front.

my anti-virus scan told me yesterday that i still had MS updates to install yesterday, and got onto the microsoft site and got all but two of them installed.

one of them is this guy, and the other is service pack 3.

weird thing about service pack 3 is that under "system properties" on my computer, it tells me i'm running service pack 3.

so i'm not sure whether i should tell windows update to ignore that SP3 update, and i'm not sure how to get that last update to install.

any thoughts?
  • 0

#37
emeraldnzl
Posted 19 February 2011 - 03:31 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello sue dinym,

I guess you are doing this but it may help you to use the link below.

You will need to use Internet Explorer to download:

Please go to Windows updates

You may need to allow Microsoft to install an active x component to check your machine before it downloads. Let it do that.

It may be good to reinstall SP3 if it want's to. It will replace any missing system files. After that see if the security update is still outstanding and if it is see if you can download.

Also

Question: Do you have automatic updating enabled?

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.
  • 0

#38
sue dinym
Posted 19 February 2011 - 06:00 PM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

Please go to Windows updates



that's actually the same place i was at. no luck on getting SP3 installed.

i've got windows update configured to notify me when updates are available, and then i choose when to download/install them. i get a little yellow badge on the bottom right of my screen when i need to download something. it used to be no big deal, but for some reason i just can't get sp3 to install. i don't even get a specific error message, just a little note that says "failed!" where it normally says "done!" if the installation worked.


weird?
  • 0

#39
emeraldnzl
Posted 19 February 2011 - 06:53 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hi again sue,

Well the OTL log says you already have SP3 installed so I don't know why (unless Windows updater can't verify that it is installed for some reason) it is wanting to do that. Could be it won't install on the update because when it starts it finds it is already there.

I guess you could uninstall and reinstall SP3 and see if that works. The only reservation I would have is that if there is something faulty about your machine you may get stuck at some point. Up to you really.

Here's the link for SP3 download

Link: http://www.softwarep...ice-pack-3.html

Care: Do not install SP3 on systems with AMD chips unless a special hotfix has been applied first. See Important notes in the link.

To uninstall SP3

  • Click Start > Control Panel >Add or Remove Programs
  • Click Windows XP Service Pack 3
  • Click Remove

  • 0

#40
sue dinym
Posted 19 February 2011 - 07:11 PM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

To uninstall SP3

  • Click Start > Control Panel >Add or Remove Programs
  • Click Windows XP Service Pack 3
  • Click Remove


...i think it's worth it to try to do a reinstall. so i tried, but when i got to the SP3 portion of the add/remove programs window, there's not a "remove" option. are there any other ways of removing a program?
  • 0

Advertisements

#41
emeraldnzl
Posted 19 February 2011 - 10:07 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello sue,

Go to the link below and you will find a range of ways to uninstall SP3. If one doesn't work move on to the next.

How to remove Windows XP Service Pack 3
  • 0

#42
sue dinym
Posted 20 February 2011 - 02:49 PM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

Hello sue,

Go to the link below and you will find a range of ways to uninstall SP3. If one doesn't work move on to the next.

How to remove Windows XP Service Pack 3


alright. complications ensue. :-)

so, SP3 is definitely uninstalled. and i needed to restart in order for the changes to take effect. i did that, and when my computer came back on, windows update told me i had a bunch of updates i needed to download, so i click on "download" and it took forever and eventually shut itself off. i tried to go to the windows update site, and that won't work on firefox. i tried to download a recent internet explorer (version 8.0), and when i ran that to install it, it said i was missing updates it needed in order to install itself.

so then IE8 spent awhile downloading stuff, and eventually told me that my computer refused to install one of the updates (it didn't specify which one), and then shut itself down.

i then tried to go to the windows update site via my old IE and was told "the requested lookup key was not found in any active activation context."


thoughts?

UPDATE

i found a spot online where i could download SP3 manually (here: /www.microsoft.com/downloads/en/details.aspx?FamilyID=85af7bfd-6f69-4289-8bd1-eb966bcdfb5e)

i downloaded it and ran it, and received this error message: "the expected version of the product was not found on your system."

...which i'm assuming is more bad news.

Edited by sue dinym, 20 February 2011 - 03:18 PM.

  • 0

#43
emeraldnzl
Posted 21 February 2011 - 12:31 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Sue,

"the expected version of the product was not found on your system."


See the link below for an explanation for that message.

http://support.microsoft.com/kb/837826

You will see there that one solution is to download the full version of SP3 which is the one I gave you at post #39

That is, the one that when you scroll down the page looks like this

[Click here to Download]

In any event have a look at link kb/837826 and see if that answers your problem.
  • 0

#44
sue dinym
Posted 21 February 2011 - 02:19 AM

sue dinym

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
okay.

i went to that site, and got the service pack download and got it installed and spent hours installing the backlog of updates that followed.

now i'm down to three pending updates: a security update - 2378111, a regular update - 2443685, and a security update for service pack 3 - 973540. i can't get any of them to install. two of them involve windows media player, and i didn't have that installed. so i tried to install it by going to add/remove programs and the "install windows components" tab, which seemed to work, but when i opened it the first time it said it had encountered an error and needed to close.

so then i downloaded windows media player 11 to see if that would work, but that gets about 80% of the way through and then hits me with a generic error message that "it was not possible to complete setup."


thoughts?
  • 0

#45
emeraldnzl
Posted 21 February 2011 - 12:14 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Well when I research that I find a whole lot of tech answers and I don't know which would be appropriate for you.

Really not my area. There is very probably a simple answer.

You could try the tech people here and see if they can help. The link below leads to the forum dealing with people having trouble installing applications. Tell them you have been here first and got a clean bill of health. :D

http://www.geekstogo...2-applications/
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP