Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP security 2012 virus/ping.exe


  • Please log in to reply

#16
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I can not even get it to open to do this. I tried clicking on the shortcut, and going in through program files. It will not open either way.
thanks
Dana
  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Try right clicking on the IE icon on your desktop and select Properties.
  • 0

#18
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
nope, the tabs only give me general - shortcut and compatibility. Even when I click on the advanced tabs I can not access tools. When I click on find target, nothing comes up.
thanks,
Dana
  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Uninstall Windows Internet Explorer 8, reboot and it should revert back to Windows Internet Explorer 7. Does it work?
  • 0

#20
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
yes, that worked, thank you
  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
You should be able to download and install IE8

http://www.microsoft...ails.aspx?id=43

If that works I think we are done.

That's about all I see so I think we can clean up now.

We need to clean up System Restore. Follow Jim's procedure here:
http://aumha.net/vie...581099691bf108f


You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

You probably do not have the latest Java (Java™ 6 Update 29 or 7 update 1). Get the latest at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Note on Java and Firefox. For some reason Java does not remove old consoles from Firefox. Any time you update Java you should do Firefox, Add-ons, Extensions and disable any old Java Consoles

They will look like: Java Console 6.xx. The xx corresponds to the update number. When they switch to 7 update 0 then it will be Java Console 7.

Multiple Java Consoles will slow down the Firefox boot. After any change to Firefox or its extension you should run Speedyfox. (Mentioned later.)



Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

#22
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
sorry, i havent gotten back to you, I haven't felt well, I am in the process of cleaning everything up, I will let you know when I am done with the rest of your instructions,
thanks,
dana
  • 0

#23
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I am doing the system clean up, and the instructions said to make sure the computer was clean before doing it so I ran malware bytes, avg and superantispyware again just in case the malwarebytes found this:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8351

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/11/2011 8:41:22 AM
mbam-log-2011-12-11 (08-41-09).txt

Scan type: Quick scan
Objects scanned: 186625
Time elapsed: 10 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AH (Rogue.MultipleAV) -> No action taken.

Registry Values Infected:
HKEY_CLASSES_ROOT\ah\Content Type (Rogue.MultipleAV) -> Value: Content Type -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I removed them according to the instructions. The other scans did not find anything.


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a report option. Click on it and copy and paste the report (even if it says nothing found).
  • 0

#25
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Hi,
The eset scan says no threats found, it is not giving me the options that you indicated (copy to file). It just gives me a finish button and select uninstall box. I did have to run it twice - i started the scan and went out for a while when I came back there was a popup for a free trial and it didn't say anything about the scan results. I'm thinking it might have been interrupted or something (cats?) I will run the other scan now and let you know
thanks,
Dana


  • 0

Advertisements


#26
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Here is the log for the quickscan


QuickScan 32-bit v0.9.9.100
---------------------------
Scan date: Sun Dec 11 18:01:32 2011
Machine ID: 704DC6D3



No infection found.
-------------------



Processes
---------
AOL Instant Messenger 1204 C:\Program Files\AIM\aim.exe
ArcSoft Connect 316 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
ATI External Event Utility for WindowsN 912 C:\WINDOWS\system32\ati2evxx.exe
AVG Internet Security 2704 C:\Program Files\AVG\AVG9\avgam.exe
AVG Internet Security 1456 C:\Program Files\AVG\AVG9\avgchsvx.exe
AVG Internet Security 1612 C:\Program Files\AVG\AVG9\avgcsrvx.exe
AVG Internet Security 3216 C:\Program Files\AVG\AVG9\avgcsrvx.exe
AVG Internet Security 2572 C:\Program Files\AVG\AVG9\avgcsrvx.exe
AVG Internet Security 2668 C:\Program Files\AVG\AVG9\avgemc.exe
AVG Internet Security 2740 C:\Program Files\AVG\AVG9\avgnsx.exe
AVG Internet Security 1464 C:\Program Files\AVG\AVG9\avgrsx.exe
AVG Internet Security 956 C:\Program Files\AVG\AVG9\avgwdsvc.exe
AVG Internet Security 588 C:\PROGRA~1\AVG\AVG9\avgtray.exe
BCM Modem Messaging Applet 544 C:\WINDOWS\BCMSMMSG.exe
Bonjour 1072 C:\Program Files\Bonjour\mDNSResponder.exe
Core Service 2028 C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
EEventManager Application 128 C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
EPSON PC-FAX SOFTWARE 804 C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
FileHippo.com Update Checker 1776 C:\Program Files\FileHippo.com\UpdateChecker.exe
iTunes 3776 C:\Program Files\iPod\bin\iPodService.exe
iTunes 1156 C:\Program Files\iTunes\iTunesHelper.exe
iWinGames Application 2168 C:\Program Files\iWin Games\iWinTrusted.exe
Java™ Platform SE 6 U29 2240 C:\Program Files\Java\jre6\bin\jqs.exe
Microsoft Search Enhancement Pack 2356 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
Microsoft® Windows® Operating System 1452 C:\WINDOWS\system32\spoolsv.exe
MobileDeviceService 1376 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SMax4PNP Application 488 C:\Program Files\Analog Devices\Core\smax4pnp.exe
SUPERAntiSpyware 1264 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(verified) Microsoft® Windows® Operating System 216 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 3968 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 656 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 1628 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 740 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 728 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 608 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1304 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1228 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1104 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1008 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2508 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 928 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 684 C:\WINDOWS\system32\winlogon.exe
(verified) Windows® Internet Explorer 464 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 2144 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 2488 C:\Program Files\Internet Explorer\iexplore.exe


Network activity
----------------
Process iexplore.exe (464) connected on port 80 (HTTP) --> 74.125.225.42
Process aim.exe (1204) connected on port 443 (HTTP over SSL) --> 205.188.0.199
Process aim.exe (1204) connected on port 443 (HTTP over SSL) --> 205.188.248.130
Process iexplore.exe (2144) connected on port 80 (HTTP) --> 69.171.228.12
Process iexplore.exe (2144) connected on port 443 (HTTP over SSL) --> 209.85.225.95
Process iexplore.exe (2144) connected on port 80 (HTTP) --> 23.32.12.186
Process iexplore.exe (2144) connected on port 80 (HTTP) --> 66.235.142.2
Process iexplore.exe (2144) connected on port 80 (HTTP) --> 23.32.12.192
Process iexplore.exe (2144) connected on port 80 (HTTP) --> 74.125.225.77

Process EEventManager.exe (128) listens on ports: 2968
Process svchost.exe (1008) listens on ports: 135 (RPC)


Autoruns and critical files
---------------------------
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
AOL Instant Messenger C:\Program Files\AIM\aim.exe
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
ArcSoft Connect C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
AVG Internet Security C:\Program Files\AVG\AVG9\avgtray.exe
AVG Internet Security C:\WINDOWS\system32\avgrsstx.dll
BCM Modem Messaging Applet C:\WINDOWS\BCMSMMSG.exe
Default Manager C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
EEventManager Application C:\Program Files\Epson Software\Event Manager\EEventManager.exe
EPSON PC-FAX SOFTWARE C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\ssmypics.scr
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
MobileMe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
PRegScheduler Application C:\Documents and Settings\Dell\Start Menu\Programs\Startup\PowerReg Scheduler.exe
QuickTime C:\Program Files\QuickTime\qttask.exe
SMax4PNP Application C:\Program Files\Analog Devices\Core\smax4pnp.exe
SuperAntiSpyware C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
Adobe® Flash® Player ActiveX C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
AVG Internet Security c:\program files\avg\avg9\avgssie.dll
Bing Bar c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Facebook Photo Uploader 5 C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx
G726 Player Control C:\WINDOWS\Downloaded Program Files\pmjpegaudio.ocx
Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll
Google Update C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
HP Smart Web Printing c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
HP Smart Web Printing c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll
Java™ Platform SE 6 U29 C:\Program Files\Java\jre6\bin\jp2ssv.dll
Java™ Platform SE 6 U29 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Java™ Platform SE 6 U29 C:\Program Files\Java\jre6\bin\ssv.dll
Java™ Platform SE 6 U29 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft Search Enhancement Pack c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
pmjpegcam Control C:\WINDOWS\Downloaded Program Files\pmjpegcam.ocx
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
Unity Player C:\Documents and Settings\Dell\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Missing files
-------------
File not found: C:\Program Files\Java\jre6\bin\jusched.exe
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"SunJavaUpdateSched"


Scan
----
MD5: 031ccdff85a57172f3402cb99b3e9d46 C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MD5: 2786afc6ab1f04d7600228e39df2e186 C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MD5: db4b28b8f25b3a2548b947a42b2df3b3 C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MD5: 11ab72d5d603db401c190b454fb935a7 C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MD5: 09b4e13d25623d879d35286e2d29ff13 C:\Documents and Settings\Dell\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
MD5: 748492545412b161e3b1fd4d1b40f620 C:\Documents and Settings\Dell\Start Menu\Programs\Startup\PowerReg Scheduler.exe
MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 55c2e2127b7ce19ba4f68980896b1ba1 C:\Program Files\AIM\acccore.dll
MD5: b06f0b4297afa7e76a8b2d81082fa426 C:\Program Files\AIM\aim.exe
MD5: e5cdac7f5a7b0f6c2b7eddc54b928018 C:\Program Files\AIM\coolcore61.dll
MD5: f4e0946911e54a8c9716cfbedab0d072 C:\Program Files\AIM\jgtktlk.dll
MD5: 537dba28451a112efeccbd850b8c961f C:\Program Files\AIM\nspr4.dll
MD5: f96e7e2f6e0fa294b4c117f53c8115d4 C:\Program Files\AIM\nss3.dll
MD5: 93deb816c6985dd75d5a84ad5d266cac C:\Program Files\AIM\nssckbi.dll
MD5: 60b8974fa964f568c25a55c19d59883a C:\Program Files\AIM\plc4.dll
MD5: 3bb617ef942280b0be09d844bde4af56 C:\Program Files\AIM\plds4.dll
MD5: b1ddf206a4b97c1ed89c3abe2ecbe3ef C:\Program Files\AIM\smime3.dll
MD5: 0efb3626c2899955bc22c050842c1db1 C:\Program Files\AIM\softokn3.dll
MD5: 31c79e69aab3f66f84853b6a78de8239 C:\Program Files\AIM\ssl3.dll
MD5: 4e0469bad610fc6a83669a2daea120c2 C:\Program Files\AIM\xprt6.dll
MD5: ff6f0f6a2d72065ae4300426fa414693 C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
MD5: 10247c15d999cc116c87da36bd0ad64d C:\Program Files\Analog Devices\Core\smax4pnp.exe
MD5: 17cc0a9b3abb69ed96d1eeb8117df856 C:\Program Files\Analog Devices\Core\SMWDMIF.dll
MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: a812317a25801da7ccefede002662692 C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll
MD5: 92ae26f2caf4a67e24a0ba6ddf32cc3c C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
MD5: 25d18be0e181c9e8c38973a3b2111d7f C:\Program Files\AVG\AVG9\avgapix.dll
MD5: 14722a961dd3f3862335ca2656a45ded C:\Program Files\AVG\AVG9\avgcclix.dll
MD5: 6060390ac5b9f7ec2e62b1eb2d5d50c6 C:\Program Files\AVG\AVG9\avgcfgx.dll
MD5: 05573096e8c9574ac733114d74fb2ecd C:\Program Files\AVG\AVG9\avgchclx.dll
MD5: e9dc2ece7a0c77821b2c6364086f239b C:\Program Files\AVG\AVG9\avgchjwx.dll
MD5: c4bd9b642be1f65663b34fbad79ffab2 C:\Program Files\AVG\AVG9\avgclitx.dll
MD5: 507ce205c9bdaaf928c52420afac5859 C:\Program Files\AVG\AVG9\avgcorex.dll
MD5: a43e97f3ff01b6f0a21c848454e98c13 C:\Program Files\AVG\AVG9\avgcslx.dll
MD5: 737a5253008be7f12acedd6876f24b4b C:\Program Files\AVG\AVG9\avgcsrvx.exe
MD5: 24192e5f8af8692837e7b76041666646 C:\Program Files\AVG\AVG9\avglogx.dll
MD5: 4728d3bc556d677591797d600c47467c C:\Program Files\AVG\AVG9\avgnsx.exe
MD5: 0f80a1a931a25a39a6f339fbd001bf3f C:\Program Files\AVG\AVG9\avgsched.dll
MD5: 7c0d60ceb9d710b70d50fcad7955f406 C:\Program Files\AVG\AVG9\avgsrmx.dll
MD5: 7f18c04f815ddcbeb9e836756cafc479 c:\program files\avg\avg9\avgssie.dll
MD5: 91116b8ae59b0f0d2f0d7830c53dcde2 C:\Program Files\AVG\AVG9\avgtray.exe
MD5: 91b4689702cc07266246dd2b4e8a4a33 C:\Program Files\AVG\AVG9\avgwd.dll
MD5: a4366a74809a0c5f4e8a25d3df8d4356 C:\Program Files\AVG\AVG9\avgxpl.dll
MD5: 5f2917842d9fbb4cb11f76b0c00a1f5b C:\Program Files\Bonjour\mdnsNSP.dll
MD5: 673cf4f6bb1fbe09331b526802fbb892 C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 6397ea2e883422f04527da68a6941f26 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: 8c4ac22616e77925135c221c46dc6307 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: 0cf54607b862bf6cdc7eb21be189be84 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 10274c74857fc47b86b85e6410091f56 C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
MD5: e220d2b30e0d49886cf4cde06306ead8 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 1f13fa2297baf4c989d88e05173cb2bf C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: f503d4832d84c4ea71e467a24e14259c C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 3fd1216394195466e8c216179a0bf213 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 2d84049be852a816ef2b0c90b329a5ec C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: a3609397ef273b03295dbb10274be12c C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: e7d2e0983db35f3eb8ab49a17d157688 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 5aa788d5a2c6737bb9c45933985bc1b8 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 91607a5e321cf2b9043dde0d6681a6c5 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 310638ebdd87b49df3d12edb853d5166 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MD5: 9015a97248a75212b5fdb7684acfbaa8 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: a7810b302294793de88542aae177d1b1 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MD5: fb4c7b747d17882f8c5e3644cf07012f C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll
MD5: dfd0d26d2056f1d01adcdbb1e851119f C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\fioall32.dll
MD5: 0bf1785d199b5da3cb6c61d7aeece654 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Ism.dll
MD5: 5f725d2b7428ba815126f9efa21a1db9 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\SASM.dll
MD5: d3f8a00d598090bfb18e70e02c12e38e C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MD5: 80117dbe266de563c7c661562530b556 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MD5: 7741f775060e84319198a7a67f1fe664 C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Tcm.dll
MD5: 90a3525c7399b7784d28f99ea1a51c4c C:\Program Files\Epson Software\Event Manager\EEventManager.exe
MD5: baf7bdd5a1eb63acd6eea20d4f731cb0 C:\Program Files\Epson Software\Event Manager\EPNSM.dll
MD5: 637124cdbff5819cb8a8478838a33048 C:\Program Files\Epson Software\Event Manager\ESPSUTL.dll
MD5: 4d197238fdfaa5793d1b0961aaef649a C:\Program Files\Epson Software\Event Manager\Mfc42.dll
MD5: 24602821914632ea9616dc3bfa65a9a6 C:\Program Files\Epson Software\FAX Utility\EbpD4Fax.dll
MD5: 454b4597ccab2a9c1ac56ab4a7627fd4 C:\Program Files\Epson Software\FAX Utility\FUADRFIL.dll
MD5: 88e703c2b2b046d9594b4ac33bc8e496 C:\Program Files\Epson Software\FAX Utility\FUFAXCFG.dll
MD5: b456ecb177782a07919d9fdb32df32fa C:\Program Files\Epson Software\FAX Utility\FUFAXCSR.DLL
MD5: 098e01788db0a151ffe47bcdbd30469d C:\Program Files\Epson Software\FAX Utility\FUFAXLDB.dll
MD5: b05763cd99eb4ca9f8d0a95bd182736b C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
MD5: 0747433908a47c49e3b7db6d51d7447c C:\Program Files\Epson Software\FAX Utility\FUFAXTIF.dll
MD5: 543194e2595ee689d13750f4b77042a8 C:\Program Files\Epson Software\FAX Utility\FUIMGCDC.dll
MD5: b14d5ac2f7f5583d9945afe911734e8b C:\Program Files\Epson Software\FAX Utility\FUSTMMSG.dll
MD5: d64bdbc80b4be2119cbdd4592232cf4e C:\Program Files\Epson Software\FAX Utility\FUSVCCLT.dll
MD5: 1a969bc3e4216d21816bf85677c96c2d C:\Program Files\Epson Software\FAX Utility\FUUSBHLP.dll
MD5: 53d22eaa51c503dc92b37218d0bef981 C:\Program Files\Epson Software\FAX Utility\FUVERDLG.dll
MD5: 684f88b5b258464c75acf9f3b80dd601 C:\Program Files\Epson Software\FAX Utility\Library\ENCM.dll
MD5: 86ef02941b66a97001165113d44762cb C:\Program Files\Epson Software\FAX Utility\Library\ENNW.dll
MD5: fec316b4f870807bdb7aa5829ebf4918 C:\Program Files\Epson Software\FAX Utility\Library\ENUTIL.dll
MD5: 1311ee72da75652ee4259182fef9abfe C:\Program Files\Epson Software\FAX Utility\Library\FUDEVCOM.dll
MD5: 2fd5fe04c8301ff3372d2771641cfd71 C:\Program Files\Epson Software\FAX Utility\Library\FUDRVUTL.dll
MD5: bacc136da74d87338a1d7d34b62d1925 C:\Program Files\Epson Software\FAX Utility\Library\FUPRBDEV.dll
MD5: 5e9d825913a97b934b9f73f4851d1fa9 C:\Program Files\Epson Software\FAX Utility\Library\FUSNMPUT.dll
MD5: 29f477570fdd796d979bb5a781bd07f3 C:\Program Files\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
MD5: dcff1d3fa1aba1e701bfc321e3fb0b13 C:\Program Files\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
MD5: 7beb1df81373e7327a01a5ef4ddce42e C:\Program Files\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
MD5: 3cbde730e43f5cec3b5886ca0688324d C:\Program Files\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
MD5: 1e60c2b180925f84ce3f25d71d262f30 C:\Program Files\FileHippo.com\UpdateChecker.exe
MD5: b2bbf2c1f9a146d80862b4b5488de0d8 c:\program files\google\google toolbar\googletoolbar_32.dll
MD5: bbd2d60b8f0f0dc68d6211c81b755b6d C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: 8eb0a2a9040cf4b66690fc80ca355902 C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 198bed114015c2671c88fdc32cdcb21d C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: 1115eea4ae0da72e416b210adba424a2 C:\Program Files\Internet Explorer\xpshims.dll
MD5: 8e5e5a8cc84da3f683e3bbc045138d52 C:\Program Files\iPod\bin\iPodService.exe
MD5: 4f264a44d0052ee96370498dd6549361 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL
MD5: 56c4ec716c35a55e46ace2b653f0c361 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL
MD5: 55e99350f98919c21125f6b29bd24d6a C:\Program Files\iTunes\iTunesHelper.dll
MD5: f3deaa1f2fcf70faf6de3757ca343fa5 C:\Program Files\iTunes\iTunesHelper.exe
MD5: 68fdfdfc378750959c87211ece2ccb2d C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 95b9d5e9c09bd2de0dce1ea852112f93 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 2658ce01d183bc62e7c46a1c9969632e C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 168c6caa3ec7f95d6b95d46986835912 C:\Program Files\iWin Games\iWinTrusted.exe
MD5: dc365b6e595683f67bc21a203432e336 C:\Program Files\Java\jre6\bin\jp2ssv.dll
MD5: 381b25dc8e958d905b33130d500bbf29 C:\Program Files\Java\jre6\bin\jqs.exe
MD5: 1e96525ae85d402f9f8047f8caef5f06 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: e725d112498d1365605160e194ed40ef C:\Program Files\Java\jre6\bin\ssv.dll
MD5: e3a7850421a4ab8b15fc174eb587bc6b C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
MD5: 844c363b47960cafcd81e5285269f280 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: ce6db25ffa35fd051c503f11db745862 c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
MD5: 331e7bde228914574fc9ae6cd520dafa C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
MD5: 2a8da7e170010beae7aecdfdca10b626 c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
MD5: fdf0ba28b9219a842fdb3f8a598daf97 c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
MD5: c0eb44d5a557b644b90d703a9781d049 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MD5: aa59c4c6b7cc91479deb47a40bee96e7 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
MD5: 9132794c7d729764081476176a4015d0 C:\Program Files\QuickTime\QTSystem\QTCF.dll
MD5: 521e6a5e7bfbd595cbba5dea84a83a43 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
MD5: 73430e79d6df4de9055e2a7742b881d3 C:\Program Files\QuickTime\qttask.exe
MD5: c0393eb99a6c72c6bef9bfc4a72b33a6 C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
MD5: 477e08fe0114afea114fc954c983d4db C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
MD5: 39763504067962108505bff25f024345 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
MD5: 77b9fc20084b48408ad3e87570eb4a85 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
MD5: 2975c66459c426c20bc22d639df6b611 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MD5: 2ab3a3c80c935bc6c86f3880f8f34bcc C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
MD5: 6f1a4819473d934e4fbed6d105ce78b2 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
MD5: 30a23a61e651c7487407cf74176c6ab1 C:\Program Files\WinRAR\rarext.dll
MD5: 91116b8ae59b0f0d2f0d7830c53dcde2 C:\PROGRA~1\AVG\AVG9\avgtray.exe
MD5: 90a3525c7399b7784d28f99ea1a51c4c C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 77e6673a112c98f99ef44776f4de2e4d C:\WINDOWS\AppPatch\AcLayers.DLL
MD5: 2849f13593d2712ccb97ffbdd3c1232e C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MD5: 26f1623e2aa348a7a58780ab3e3a02b3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
MD5: 516fd7927172bbbe2d335ea94d816b9e C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MD5: a093e1fd3d1338d3c0ef45df07e18462 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MD5: 5f37bc7efa94df2cceba0220641834a6 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MD5: f8a84311b7f3adc0732fca6774622b2f C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MD5: 5f4ddb1a6d77eba78b408b8016b10d43 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MD5: 01d92f377f7afa834b4a3be41a28fd17 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MD5: 7400c2b29c0024ebc98b94f3ae6034d5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MD5: 2d99607f21ff368c0e335a2d91a052a1 C:\WINDOWS\BCMSMMSG.exe
MD5: 0c78701c6f42345dff2b2b6c3c3d01ef C:\WINDOWS\Downloaded Program Files\isusweb.dll
MD5: 9ea8d4271026349bba615af0045fcaca C:\WINDOWS\Downloaded Program Files\pmjpegaudio.ocx
MD5: 7fe8a623b9e8913bec100ceaf8de7f7d C:\WINDOWS\Downloaded Program Files\pmjpegcam.ocx
MD5: 1fa2274532e71bc48bbcc0046a5d4c4a C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: 2bac92e8ac5e16ed60062e9141b8d5f6 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: bf88feadc7786ea328bdcc5cb116de89 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: d892c77afa8afaba6f474a7da401bd7c C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
MD5: 96b8cf2e3ab9fe2c39cf81c31bc7142b C:\WINDOWS\system32\Ati2edxx.dll
MD5: c23082b890f21267037ca6111c385ff3 C:\WINDOWS\system32\ati2evxx.exe
MD5: 0bee3e6f2e7e18c75ac744e3a13153d4 C:\WINDOWS\system32\ati2sgag.exe
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll
MD5: 2a9e427681169f02274ad8c17d52fa2d C:\WINDOWS\system32\CSRSRV.dll
MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll
MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: fe3ea6e9afc1a78e6edca121e006afb7 C:\WINDOWS\system32\drivers\Afc.sys
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: f5fc6ac1e7bc776871361d463fc86be2 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
MD5: 80ff2b1b7eeda966394f0baa895bbf4b C:\WINDOWS\System32\Drivers\avgmfx86.sys
MD5: 9a7a93388f503a34e7339ae7f9997449 C:\WINDOWS\System32\Drivers\avgtdix.sys
MD5: 241474d01380e9ed41d4c07f4f5fd401 C:\WINDOWS\system32\DRIVERS\b57xp32.sys
MD5: 41347688046d49cde0f6d138a534f73d C:\WINDOWS\system32\DRIVERS\BCMSM.sys
MD5: 0294a30b302ca71a2c26e582dda93486 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: 90849934d37133e069f31f3e9a66c9bc C:\WINDOWS\system32\DRIVERS\OVCE.sys
MD5: 081caf42d5db1fcf8794fd77befd1b11 C:\WINDOWS\system32\drivers\OVSound2.sys
MD5: 09687a361c9f1418973a4ae17d2f52cc C:\WINDOWS\system32\drivers\portio32.sys
MD5: c6d9959e493682f872a639b6ec1b4a08 C:\WINDOWS\system32\drivers\smwdm.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 5c2bdc152bbab34f36473deaf7713f22 C:\WINDOWS\System32\Drivers\usbaapl.sys
MD5: f4f3eae16ae6fd93e1f22df295e2a7fc C:\WINDOWS\system32\E_FLBFJA.DLL
MD5: b9d2d59ff389a8c824308a08665c97f2 C:\WINDOWS\system32\EDCrypt.DLL
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: 118d5c5b6fd11ef9120feb59f8b1c2b6 C:\WINDOWS\system32\eswiaud.dll
MD5: be87245ce60329b31c94f1b4236e5832 C:\WINDOWS\system32\expsrv.dll
MD5: 303557c7f562e667b66fa406b7fa07bd C:\WINDOWS\system32\hkcmd.exe
MD5: ce9b98ee57685cf61abaef078ba0c704 C:\WINDOWS\system32\hpzll5mu.dll
MD5: 0217cd51d55ca3e693a682664d3de2bf C:\WINDOWS\system32\ieframe.dll
MD5: aaf56985933f7d3e953e1b994d22e4f4 C:\WINDOWS\system32\iepeers.dll
MD5: 7cfdeb1560eacad6006d653ec55d12d0 C:\WINDOWS\system32\iertutil.dll
MD5: a56583f05ddde0b425acbf5be60fbacc C:\WINDOWS\system32\igfxdev.dll
MD5: dbb1666dca5d49f8483cbfbeb7551c3a C:\WINDOWS\system32\igfxpers.exe
MD5: 41e653a8852072673e9fa230d360f7a9 C:\WINDOWS\system32\igfxtray.exe
MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: bd007d624e4cd905ab2e8df2c6de891c C:\WINDOWS\system32\Macromed\Flash\Flash11c.ocx
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
MD5: 9e0d70607f833470963672d170bc035d C:\WINDOWS\system32\msfeeds.dll
MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\msftedit.dll
MD5: 4963cb503600fc3bcbdbfba51fba1fac C:\WINDOWS\system32\mshtml.dll
MD5: e5de87dddb8cbe4687eadf296e58452a C:\WINDOWS\system32\msjtes40.dll
MD5: c7e39ea41233e9f5b86c8da3a9f1e4a8 C:\WINDOWS\system32\mspmsnsv.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\System32\mswsock.dll
MD5: afdc647d16b285b9ae6140335b3b3255 C:\WINDOWS\system32\mswstr10.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: 7a6a7900b5e322763430ba6fd9a31224 C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: abeedd547e939ad827b2e29dec754206 C:\WINDOWS\system32\schannel.dll
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll
MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll
MD5: c035d74b8a3afd39a61438c2cd58fedc C:\WINDOWS\system32\shellwp.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: d4eebf6e9559689034bb628b437be7e4 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5mu.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 5e453cb99df0838226defc05f3484cdf C:\WINDOWS\system32\ssmypics.scr
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: 31b6e9e116a3d6f8eb13202c9b5db403 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: cafbd14f56a68e6c1a55c0eac7e487fa C:\WINDOWS\system32\VBAJET32.DLL
MD5: 7a81d6cefb55c0abd620ef817b6248ee C:\WINDOWS\system32\wiadss.dll
MD5: 1a377838b4b468e37c3eeb5baa24f925 C:\WINDOWS\system32\WININET.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 95cf3446911a6e25ee4086df8a45b2aa C:\WINDOWS\system32\winsrv.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 277f3e3333f1d10ca428568197fcce70 C:\WINDOWS\system32\wsnmp32.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 6b5070f063ce5536a6c883b671e05884 C:\WINDOWS\TWAIN_32.DLL
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL
MD5: 28a09777d2d952122567a8a82f1a2c7b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80ENU.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.02 MB sent, 1.18 KB recvd
Scanned 692 files and modules - 41 seconds

==============================================================================




  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
You have AVG 9 installed. Obsolete. Let's uninstall it and put on the free Avast.

Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe

Download and save the free Avast installer.
http://www.avast.com...ivirus-download
Uninstall AVG

Run the Avg Remover

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)
Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?

I think on XP systems the log file can be found in text form in C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\boot.txt
If you find it copy and paste the text to a reply.
  • 0

#28
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I followed your instructions and ran the avast, I let it run overnight, and when I got up the computer was rebooted. I am not having any luck finding that log you asked for. The statistics say there are no infected files. I also ran the avg remover, but it seems that it did not remove it because there is still an avg9 folder in my program files. The program you said to use did run and it rebooted after it was done.
thank you
Dana
  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,793 posts
  • MVP
Looks OK then. Any more problems?
  • 0

#30
whenpigsfly

whenpigsfly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
not that I can tell from my end. everything seems to be ok. Should I try to get rid of the avg that is still there? Thank you for all of your help I appreciate your time.
Dana
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP