The ESET scan report:
C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Default\hfgkjmhfbafcnmkkambeaemnklfnbani\contentscript.js Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\Richard\Documents\LimeWire\Saved\just another diamond day [cd rip].mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
and the ESET file located at C:\Program Files\EsetOnlineScanner\log.txt
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
The BitSCan report:
QuickScan Beta 32-bit v0.9.9.97
-------------------------------
Scan date: Thu Jun 30 23:29:21 2011
Machine ID: 7451C287
No infection found.
-------------------
Processes
---------
Flash® Player Installer/Uninstaller 4716 C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
Google Chrome 1924 C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 2520 C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 3892 C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 5208 C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
Google Chrome 6120 C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
iTunes 444 C:\Program Files\iTunes\iTunesHelper.exe
Java Platform SE Auto Updater 2 0 432 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Kies TrayAgent 1048 C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
KiesPDLR 1124 C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
Microsoft® Windows® Operating System 4508 C:\Program Files\Internet Explorer\ieuser.exe
Microsoft® Windows® Operating System 848 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 2528 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 2552 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 1948 C:\Windows\explorer.exe
Microsoft® Windows® Operating System 2276 C:\Windows\System32\taskeng.exe
PC Connectivity Solution 2544 C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
Windows® Internet Explorer 2848 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Microsoft® Windows® Operating System 1240 C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System 1496 C:\Windows\ehome\ehmsas.exe
(verified) Microsoft® Windows® Operating System 664 C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System 1676 C:\Windows\System32\dwm.exe
(verified) Microsoft® Windows® Operating System 5216 C:\Windows\System32\wuauclt.exe
Network activity
----------------
Process chrome.exe (2520) connected on port 443 (HTTP over SSL) --> 74.125.39.95
Process chrome.exe (2520) connected on port 443 (HTTP over SSL) --> 74.125.39.102
Process chrome.exe (2520) connected on port 443 (HTTP over SSL) --> 74.125.39.132
Autoruns and critical files
---------------------------
iTunes C:\Program Files\iTunes\iTunesHelper.exe
Java Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Kies C:\Program Files\Samsung\Kies\KiesHelper.exe
Kies TrayAgent C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
KiesPDLR C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
Lexmark Connect C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll
Malwarebytes' Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System C:\Windows\system32\Ribbons.scr
Nero AG NeroCheck C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
Windows® Internet Explorer C:\Windows\system32\msfeedssync.exe
Windows® Internet Explorer C:\Windows\system32\webcheck.dll
(verified) Google Update C:\Users\Richard\AppData\Local\Google\Update\GoogleUpdate.exe
(verified) Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe
(verified) Microsoft® Windows® Operating System C:\Windows\ehome\ehtray.exe
(verified) Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Browser plugins
---------------
AcroIEHelper Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BitDefender QuickScan C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.97_0\npqscan.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
doubleTwist BHO Plugin 1, 3, 0, 0 C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll
doubletwist Plugin 1, 3, 0, 0 C:\Program Files\Common Files\doubleTwist\NPPodcast.dll
Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Google Update C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
Google Update C:\Users\Richard\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
Java Platform SE 6 U26 C:\Program Files\Java\jre6\bin\jp2ssv.dll
Java Platform SE 6 U26 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Microsoft Support Diagnostic Tool C:\Windows\Downloaded Program Files\MSDCode.DLL
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll
Picasa C:\Program Files\Google\Picasa3\npPicasa3.dll
Picture Manager, Wells and Layout C:\Windows\Downloaded Program Files\EPUWALcontrol.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
RealPlayer G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
StumbleUpon Toolbar C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
Veetle TV Core C:\Program Files\Veetle\plugins\npVeetle.dll
Veetle TV Player C:\Program Files\Veetle\Player\npvlc.dll
Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\Windows\system32\ieframe.dll
Yahoo Application State Plugin C:\Program Files\Yahoo!\Shared\npYState.dll
(verified) Microsoft® Windows Live Login Helper C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(verified) RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
Scan
----
MD5: 3f665cde964fc1efda762d01fda7c71e C:\Program Files\Alwil Software\Avast5\ashShell.dll
MD5: c59640ab3a0148b800759438cd6de7fc C:\Program Files\Alwil Software\Avast5\AvastGUIProxy.dll
MD5: 7de3ee7dbee14c1f8375cb82466c9321 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
MD5: 1ae2742bc95ff26fd8868d47ce201a16 C:\Program Files\Alwil Software\Avast5\snxhk.dll
MD5: 37bc9e0e4b3657b54037777135569d1e C:\Program Files\Bonjour\mdnsNSP.dll
MD5: f2060a34c8a75bc24a9222eb4f8c07bd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: c11f6a1f61481e24be3fdc06ea6f7d2a C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: d36ed326635f4f04a330022343d3b486 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MD5: 193fa51dddd0bffded1c340f0434999a C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
MD5: dddd1d04d5f4360371bc99c7c476f70d C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: d855b0e63ecafe9ebd086af6691e0016 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: 749cf03badc40453f61fd7025e2ba2f5 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: d30dd708f05fb85ef2c53727ed3573d2 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
MD5: 38711bb50d27b7145186f61ce31b3336 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
MD5: 9e515554a3ea7b70c975f61971c6977d C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
MD5: 7ef0c8a9a1a57756f4868e3693173c08 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 258d35f5f5f5f3f6045488ecdc14faab C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 20f6f19fe9e753f2780dc2fa083ad597 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: e6748a0adc22f0595e31448cac746d3f C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 9947ad5153ecde6e41cade999c4f94da C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll
MD5: 84e410ddb217198302cab204401e2bea C:\Program Files\Common Files\doubleTwist\NPPodcast.dll
MD5: 1a7860f5544ac3c1277360c839f788da C:\Program Files\Common Files\doubleTwist\PluginCommon.dll
MD5: 13e7cfe8e269ed15e7fc9c3ebbcb7e2b C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: c55c71d48c43d55b3eb6dd34d64d1376 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MD5: 8e46a7bac823dd82d4fb2a34c3df4c1d C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
MD5: 753a8f339f231d2b857e2ccd51a6e6ca C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
MD5: e3e6c96b0ef4492c3c8fd0deef4e35a1 C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
MD5: 977aaa4398d7d6fa65d973f5b3f54e40 C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
MD5: 756e371b3b86a3d3039926d32eac0e8d C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
MD5: d7d23aee5d0a0e257c511e2a162f22ec C:\Program Files\Common Files\Steam\SteamService.exe
MD5: 45fd64f0c2b5fd2856e453d87d1cd2ca C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx
MD5: 68d19db34ba83c00b557e22647be360d C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
MD5: 45d7f2fabdfd500e3c35dc068b552544 C:\Program Files\Google\Picasa3\npPicasa3.dll
MD5: b226054bfa3d3a1920f7b95e54f3e87d C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
MD5: 5b2e1c16a2c420f60cd391b666003f14 C:\Program Files\Internet Explorer\ieuser.exe
MD5: 77b9a891222fb46b13e414b99e1af842 C:\Program Files\Internet Explorer\iexplore.exe
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: b84a28b3984185eda8867541af14cddb C:\Program Files\iPod\bin\iPodService.exe
MD5: ba0f6dcc3181a4e3cbb02ec41153bb72 C:\Program Files\iTunes\iTunesHelper.dll
MD5: 53d96678fb89f056d5285101481297d9 C:\Program Files\iTunes\iTunesHelper.exe
MD5: 99aaa6c83d40be9db1ba81141b2aebc8 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 562814461db20253b42bb806c994d20d C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 7f8aefd3bbc0f30c42c59fd27a828dcf C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: e7d55e121ff1951cb86c7e0dc6a33877 C:\Program Files\Java\jre6\bin\jp2ssv.dll
MD5: 1040bd9bf3ddab7cda2346f8375480a2 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 2487c45b64790fc210547919f18fac71 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
MD5: 269552e0e5bd5bfe0da7ad42fac34c37 C:\Program Files\Microsoft Office\Office12\msohevi.dll
MD5: c3e42cbf8215171a524d123a54ae3233 C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
MD5: 257cab50360a7d21ea237f2d8eee8478 C:\Program Files\Multimedia Mouse Driver\v5\KMWDSrv.exe
MD5: 3bae2bfcb6d69e19c8373f635dd544dc C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
MD5: 77faa749c34193f003f666d2e368a1f8 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
MD5: 10ef3a89cd61f1b931216016383853ab C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
MD5: 4dfe4cef1aeec1025380d7ebf40e8e2b C:\Program Files\PeerBlock\pbfilter.sys
MD5: afdae59fe562a7cdb44f9d4abedac316 C:\Program Files\QuickTime\QTSystem\QTCF.dll
MD5: 1d856e6e7490447fcfaa46e09a2bf9c9 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
MD5: 29b060079a9129553e3fa75edb8243bb C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
MD5: 4c23e74ef7f99d8b07c9aa7dc087e200 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
MD5: 9c524852db071fef821d28672a4da929 C:\Program Files\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MD5: b3a3c31b5c1482ca4cabfa4ef3f7aeb2 C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MD5: 431ff52cca2f788c59eb8850dac8bcd7 C:\Program Files\Samsung\Kies\KiesHelper.exe
MD5: b2fac44d4746cd6dbe74b63ddd1c8613 C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MD5: 086223ebbf52794016f6292dfddfd19c C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
MD5: 866b027053f3a40bc36126d265c78e96 C:\Program Files\Veetle\Player\npvlc.dll
MD5: c50b22c8d91a76069a993a2b5197a296 C:\Program Files\Veetle\plugins\npVeetle.dll
MD5: fd278e51a7d6f52d22fce6c67e037ad6 C:\Program Files\Windows Sidebar\sidebar.exe
MD5: 17e426ef164563ef79588a764876e5e9 C:\Program Files\Yahoo!\Shared\npYState.dll
MD5: d7c0a1d1dda5e0dbed1532a3932fed5d C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\avcodec-52.dll
MD5: 6223afd48d4aca148a8491984b047b5d C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\avformat-52.dll
MD5: 18bc712e0634e385ae16ff11f082f28b C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\avutil-50.dll
MD5: 4375470e685d6a02c4cae2fa4ef43a3a C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\chrome.dll
MD5: 70e875b0760af23814b562981135c88f C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\icudt.dll
MD5: a08998a4b4c4e0a4ee8a35540474de7e C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\pdf.dll
MD5: 0aec04837002925dc3f7aa2c8d47d760 C:\Users\Richard\AppData\Local\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll
MD5: 2c1b3203c86eeba979c3edbba4aa0698 C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
MD5: 52db04cdedc71a2c3e01bf962839e629 C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.97_0\npqscan.dll
MD5: b226054bfa3d3a1920f7b95e54f3e87d C:\Users\Richard\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
MD5: ab26aa5f24fa96fec4a7b0c70df5af27 C:\Users\Richard\AppData\Local\Temp\9b93aee4-5d0f-43c6-98ae-ec0b1e7534ab\CliSecureRT.dll
MD5: 05e3bac0d6d3bf468754dd9fe8f5e9d2 C:\Windows\AppPatch\AcLayers.DLL
MD5: f4d241169a2635e28732ca51c3adb1ec C:\Windows\AppPatch\AcRedir.DLL
MD5: 5598696fc642ff1409bb27bb3fd20767 C:\Windows\AppPatch\AcSpecfc.DLL
MD5: a0b22cd7628dbda754fb254e55f0ac80 C:\Windows\AppPatch\iebrshim.dll
MD5: a2b9047463f1297403dec0de4df2298a C:\Windows\Downloaded Program Files\EPUWALcontrol.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: 3519f985b5c3980ea0ebeb8f056692b9 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MD5: 1986443c2f2c0e2a18e908dd241bf84d C:\Windows\Microsoft.NET\Framework\v4.0.30319\culture.dll
MD5: ae32215e48ca54cde97b9f55a6784c58 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MD5: 9383d302f0d95db0802308cf250727f3 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MD5: 56d16a44691c0337dd0ef3f3008a9977 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MD5: ebc6332093aec6a4fbf2c3919d03877a C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
MD5: c77f71aa825263541965846edd9e8729 C:\Windows\system32\ADVPACK.DLL
MD5: 58ee7f5e68310bc8d4e7cebd8358c12e C:\Windows\System32\bthserv.dll
MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe
MD5: ee11e4fe19d61275246e5772bc1ec795 C:\Windows\system32\comsvcs.dll
MD5: bf6f0c2df119f71c22c00525adf2ee56 C:\Windows\system32\corpol.dll
MD5: 615a3b1cda204e8123c5472540d229c0 C:\Windows\system32\CRYPTUI.dll
MD5: 9b95c40449b6953cc3cf8bd1ebd836ed C:\Windows\system32\dlbkcoms.exe
MD5: 5665120753fce7123c4deace241ee715 C:\Windows\system32\DNSAPI.dll
MD5: 4805d9a6d281c7a7defd9094dec6af7d C:\Windows\System32\dnsrslvr.dll
MD5: 48eb99503533c27ac6135648e5474457 C:\Windows\system32\drivers\afd.sys
MD5: 9bdc8e9ce17b773f69d2c6696c768c4f C:\Windows\system32\drivers\aswMonFlt.sys
MD5: dcdfc3a5a8b239055aab6bd975ada889 C:\Windows\system32\DRIVERS\athr.sys
MD5: 3c4b9850a2631c2263507400d029057b C:\Windows\system32\DRIVERS\atksgt.sys
MD5: 8153396d5551276227fa146900f734e6 C:\Windows\system32\DRIVERS\bowser.sys
MD5: 82b8c91d327cfecf76cb58716f7d4997 C:\Windows\system32\drivers\compbatt.sys
MD5: a3e9fa213f443ac77c7746119d13feec C:\Windows\System32\Drivers\dfsc.sys
MD5: 6216fd7fd227de454238a702b218cec7 C:\Windows\System32\drivers\dgderdrv.sys
MD5: 97469037714070e45194ed318d636401 C:\Windows\system32\drivers\intelide.sys
MD5: ce44cc04262f28216dd4341e9e36a16f C:\Windows\system32\DRIVERS\intelppm.sys
MD5: cf79ff3d10864f73660a34e006b6b8f8 C:\Windows\system32\drivers\iPodDrv.sys
MD5: e50a95179211b12946f7e035d60af560 C:\Windows\system32\DRIVERS\irda.sys
MD5: 5896b5ff6332ab2be1582523e9656a67 C:\Windows\system32\DRIVERS\irsir.sys
MD5: 4127e8b6ddb4090e815c1f8852c277d3 C:\Windows\system32\DRIVERS\lirsgt.sys
MD5: b309912717c29fc67e1ba4730a82b6dd C:\Windows\system32\drivers\mbamswissarmy.sys
MD5: 5734a0f2be7e495f7d3ed6efd4b9f5a1 C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: cf6e972f8e0d0f2970360a17572b366b C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: 5c80d8159181c7abf1b14ba703b01e0b C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: 417334447945c9e111ffd881f7bf4d08 C:\Windows\System32\Drivers\NETMD033.sys
MD5: bd409de5681c74c1de51d72427dc202d C:\Windows\system32\DRIVERS\nvlddmkm.sys
MD5: d668632606d1cebf0b6ec64c1df7ed6f C:\Windows\system32\DRIVERS\nvmfdx32.sys
MD5: 4a5fcab82d9bf6af8a023a66802fe9e9 C:\Windows\system32\drivers\nvstor.sys
MD5: dc5f166422beebf195e3e4bb8ab4ee22 C:\Windows\system32\DRIVERS\nvstor32.sys
MD5: 8a79fdf04a73428597e2caf9d0d67850 C:\Windows\system32\DRIVERS\parport.sys
MD5: 6c580025c81caf3ae9e3617c22cad00e C:\Windows\system32\DRIVERS\parvdm.sys
MD5: fd2041e9ba03db7764b2248f02475079 C:\Windows\system32\DRIVERS\pccsmcfd.sys
MD5: e56e57cfb75b1ee2bb001ad036c27fbb C:\Windows\system32\DRIVERS\point32k.sys
MD5: e1ab463b36a7ef31d8a73a97a9b57afa C:\Windows\system32\DRIVERS\s115bus.sys
MD5: e24113fc13b8737c94cf4e3415488c76 C:\Windows\system32\DRIVERS\s115mdfl.sys
MD5: 4029e49e7c673aa0670bd206b0af1b5b C:\Windows\system32\DRIVERS\s115mdm.sys
MD5: eb02ab4ca8bccecfde236cad8fc6e135 C:\Windows\system32\DRIVERS\s115mgmt.sys
MD5: 089869db9ffd2ac807fa87fe82ac7761 C:\Windows\system32\DRIVERS\s115obex.sys
MD5: 1f561844318914e7eb6e54673a4cc54c C:\Windows\system32\DRIVERS\s117bus.sys
MD5: ba93eec3cdf6a63b77ae66221aa4f902 C:\Windows\system32\DRIVERS\s117mdfl.sys
MD5: cba12fd8a8ee5b5cdfbbae2381cd6703 C:\Windows\system32\DRIVERS\s117mdm.sys
MD5: bd6483e64b1da17e812b34bcdefd9459 C:\Windows\system32\DRIVERS\s117mgmt.sys
MD5: c7ca36c3054b4cd47a1f6611b046e2f9 C:\Windows\system32\DRIVERS\s117nd5.sys
MD5: e290b3a6b58fb72ca97dd48d64e4fc1c C:\Windows\system32\DRIVERS\s117obex.sys
MD5: 5c4d1ba23c7511ac880e8ba7baa80dba C:\Windows\system32\DRIVERS\s117unic.sys
MD5: ce9ec966638ef0b10b864ddedf62a099 C:\Windows\system32\DRIVERS\serenum.sys
MD5: 6d663022db3e7058907784ae14b69898 C:\Windows\system32\DRIVERS\serial.sys
MD5: 103b79418da647736ee95645f305f68a C:\Windows\system32\drivers\sffdisk.sys
MD5: 9cfa05fcfcb7124e69cfc812b72f9614 C:\Windows\system32\drivers\sffp_sd.sys
MD5: 2252aef839b1093d16761189f45af885 C:\Windows\System32\DRIVERS\srv.sys
MD5: b7ff59408034119476b00a81bb53d5d1 C:\Windows\System32\DRIVERS\srv2.sys
MD5: 2accc9b12af02030f531e6cca6f8b76e C:\Windows\System32\DRIVERS\srvnet.sys
MD5: 48f44a1be434830b7c90fb730745f65a C:\Windows\system32\DRIVERS\ssadbus.sys
MD5: 9630b486b62cc0adb0a89152ed0218d7 C:\Windows\system32\DRIVERS\ssadmdfl.sys
MD5: 9afaa23421622c392b55508fa9613949 C:\Windows\system32\DRIVERS\ssadmdm.sys
MD5: 069351a1d7d291013177a90ae6edccbc C:\Windows\system32\DRIVERS\sscdbus.sys
MD5: 1c925be223a5c0f9f469252292a48df6 C:\Windows\system32\DRIVERS\sscdmdfl.sys
MD5: ae3e77ae0fbdb07eb1ac3fed74a0695e C:\Windows\system32\DRIVERS\sscdmdm.sys
MD5: eb2283c0a4dfbd2e53d14f2c4d5a1e89 C:\Windows\system32\drivers\tmcomm.sys
MD5: ee181a08e09db23cf4a49b46a1e66bb8 C:\Windows\system32\DRIVERS\usb8023x.sys
MD5: c1ca131f4e3ed63d6bc89a35ffad4cda C:\Windows\System32\Drivers\usbaapl.sys
MD5: 7bdb7b0e7d45ac0402d78b90789ef47c C:\Windows\system32\DRIVERS\usbohci.sys
MD5: a96191470581a7091420d25ecd444502 C:\Windows\system32\drivers\usbser.sys
MD5: 325dbbacb8a36af9988ccf40eac228cc C:\Windows\system32\DRIVERS\usbuhci.sys
MD5: f03110711b17ad31271cb2baf0dbb2b1 C:\Windows\system32\DRIVERS\winusb.sys
MD5: 701a9f884a294327e9141d73746ee279 C:\Windows\system32\drivers\wmiacpi.sys
MD5: 0cec23084b51b8288099eb710224e955 C:\Windows\system32\DRIVERS\wpdusb.sys
MD5: b68fcc1f8684ab3ec4be4d0a2537d26d C:\Windows\system32\Dxtmsft.dll
MD5: d12feb0e3ea6063a65a5498ed90fd790 C:\Windows\system32\Dxtrans.dll
MD5: b7bf68e1fee5fbc360fabdf8c4f4540a C:\Windows\system32\fdproxy.dll
MD5: b07663a810e861eebfd0eac7e82ca62d C:\Windows\system32\FsUsbExDisk.SYS
MD5: f96c429788350db4ba6771c3034dfd88 C:\Windows\system32\FsUsbExService.Exe
MD5: d547391c463e4b329b597a3bc07ea29d C:\Windows\system32\FunDisc.dll
MD5: d5e8f09e9db9eb3a81925f7e634b95be C:\Windows\system32\ieapfltr.dll
MD5: 92047ade3fe9ff51132bc14fb8d77997 C:\Windows\system32\ieframe.dll
MD5: 43ab7846279a09104e5e04cce8b241be C:\Windows\system32\iepeers.dll
MD5: 962abfb0805210936f0c149f9154bedf C:\Windows\system32\iertutil.dll
MD5: f2f627e24fc6adf67526840d68a3544d C:\Windows\system32\IEUI.dll
MD5: 5a005676a0252fbafec8f68162eb9f88 C:\Windows\system32\ImgUtil.dll
MD5: 875e4e0661f3a5994df9e5e3a0a4f96b C:\Windows\system32\IoctlSvc.exe
MD5: cbb0d940221a281bcfeaea695bd1cda5 C:\Windows\System32\irmon.dll
MD5: dcb288183cf77605110944232c6a2665 C:\Windows\system32\jscript.dll
MD5: db6e3731e6f5c8ae2843f80b5787f7c6 C:\Windows\system32\kernel32.dll
MD5: 4408de295e63c202f59261b67caf62af C:\Windows\system32\lxcrcoms.exe
MD5: eea6f3cfc1f7e8709ebd8a78fba1674a C:\Windows\system32\msfeeds.dll
MD5: 82e9a1e0bac666c4a8b6d45ec807abd6 C:\Windows\system32\msfeedssync.exe
MD5: d6c2ceacb1ee184ea0c1d6bd594b398f C:\Windows\system32\mshtml.dll
MD5: c5bbd8bdcf29c18e9646a2f7af2a2a33 C:\Windows\system32\mshtmled.dll
MD5: f3ebda850cc141768498decaad513299 C:\Windows\system32\msls31.dll
MD5: 365fef29b22f626c5756ac0dee91c249 C:\Windows\System32\msshsq.dll
MD5: e3c52cd56f4cb2d9736c75efaa62a07f C:\Windows\system32\NetworkExplorer.dll
MD5: 5a0b0235899ec846fc914458d5cb5332 C:\Windows\System32\NLSLexicons0009.dll
MD5: 2e1b11a499eca8935ec13f7e1c2fd5e6 C:\Windows\system32\nvd3dum.dll
MD5: e55877be77a8a31b0416b4e7c3dbe3f2 C:\Windows\system32\nvvsvc.exe
MD5: fa6bd25a5a65a6ff5be4385098e3bdef C:\Windows\system32\OLEAUT32.dll
MD5: f68e07f8aa19d60df2e7467d75448b3d C:\Windows\system32\Pdh.dll
MD5: b8d3bf818defe1da9a754f214e528221 C:\Windows\system32\pngfilt.dll
MD5: 5a32d90a3d3d63e9011869a07a720ab3 C:\Windows\system32\Ribbons.scr
MD5: 9a120d6eeb7fa55dabf7731da892972c C:\Windows\system32\RICHED20.dll
MD5: 9de05ce950e4bc8820464f137029b358 C:\Windows\system32\RPCRT4.dll
MD5: 301ae00e12408650baddc04dbc832830 C:\Windows\system32\rpcss.dll
MD5: 6528ee11efa77f8c8b1c6ead401f907f C:\Windows\system32\schannel.dll
MD5: 7b587b8a6d4a99f79d2902d0385f29bd C:\Windows\system32\schedsvc.dll
MD5: 83433ecfb05e44ab1529004cca561fe9 C:\Windows\system32\scrrun.dll
MD5: 048b65ec931a39a5f42016be04775274 C:\Windows\system32\SHELL32.dll
MD5: 44338cab70f1db264d2f3f9f86a5d281 C:\Windows\system32\SHLWAPI.dll
MD5: 1e3fdb80e40a3ce645f229dfbdfb7694 C:\Windows\System32\shsvcs.dll
MD5: 5610d60c7230bb56647ab40b88ac9476 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll
MD5: 3665f79026a3f91fbca63f2c65a09b19 C:\Windows\System32\spoolsv.exe
MD5: 234cb691fba69e8c1be489a341586252 C:\Windows\System32\srchadmin.dll
MD5: 1925e63c91cf1610ae41bfd539062079 C:\Windows\System32\srvsvc.dll
MD5: eafb5897ac9cd84890171ac38862320f C:\Windows\System32\taskeng.exe
MD5: fedf099539e39797a58f136ac3144be4 C:\Windows\system32\urlmon.dll
MD5: a23e4692716c25e5aea300ed74e73a1c C:\Windows\system32\USP10.dll
MD5: d5f28df4c4100b233d7f5c708673696d C:\Windows\system32\vbscript.dll
MD5: 52a53bcccf489d4097191b7b78dffa58 C:\Windows\system32\wbem\fastprox.dll
MD5: da39b480239feb2cc0f4be7b185b63db C:\Windows\system32\wbem\wbemprox.dll
MD5: 4f4889a9d680714be11b31bd01a0411a C:\Windows\system32\webcheck.dll
MD5: da5a72211661c7f162b332fea4f09a69 C:\Windows\system32\WININET.dll
MD5: e9d1ef681e0f3b95c9b5fd648fa95371 C:\Windows\System32\wshirda.dll
MD5: 8f97d374ad1857e1eed85a79f29a1d3d C:\Windows\WindowsMobile\rapimgr.dll
MD5: 59e19bd13c3bdb857646b9e436ba27f7 C:\Windows\WindowsMobile\wcescomm.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: e402a6e79d1e4dbfeba8b364c67a3158 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\COMCTL32.dll
MD5: d702b4e30b31bfcab7bd4e5965c1a5dc C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MD5: 81e199bfe82c106d38f989674d0dec1f C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\gdiplus.dll
No file uploaded.
Scan finished - communication took 1 sec
Total traffic - 0.02 MB sent, 0.94 KB recvd
Scanned 710 files and modules - 30 seconds
==============================================================================
After doing the sfc /scannow this was the result:
Windows Recource Protection found corrupt files but was unable to fix some of them.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example CWindows\Logs\CBS\CBS.log
The system file repair changes will take effect after the next reboot.
but I am denied access to that file so I cannot copy/paste it for you.
And Sigverif found only 2 files. Both of these state they were last modified last year which was before the problems started.
These flies are Fsusbexdisk.sys and Ipoddrv.sys
The Output log for the Event viewer tool when selecting 'system' was this:
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 01/07/2011 00:09:34
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/06/2011 22:34:36
Type: Error Category: 0
Event: 6 Source: Microsoft-Windows-Kernel-Processor-Power
Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
Log: 'System' Date/Time: 30/06/2011 22:35:31
Type: Error Category: 0
Event: 15016 Source: Microsoft-Windows-HttpEvent
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/06/2011 22:34:06
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
and when selecting 'application' gave me this:
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 01/07/2011 00:10:33
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/06/2011 22:35:48
Type: Error Category: 0
Event: 11 Source: Microsoft-Windows-CAPI2
Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. .
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~