Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Only plain white screen appears after start up! NO Desktop, No Too


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
OEMINFO.ini is definitely the file that is putting the text in and OEMLOGO.bmp is the picture.

I don't have either file so I think you can delete both of them. As for the other 3 I would leave them alone. I think they are something else altogether. Once you remove the oeminfo.ini and oemlogo.bmp files, reboot and see if our friend is gone.
  • 0

Advertisements


#17
Steven Burnish

Steven Burnish

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
YES!! He is gone for good!! :)

So any more tests I have to run??
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
I'm a little concerned that neither OTL or Combofix is able to create a log any more. Let's try ESET:

It will run faster if you turn off or pause Bitdefender while it is running.

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a report option. Click on it and copy and paste the report (even if it says nothing found).

Ron
  • 0

#19
Steven Burnish

Steven Burnish

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
ESET Scan

C:\BitDefender Total Security 2012 (x86x64) include Patch{h33t}{mad dog}\Bitdefender Total Security 2012\patch.exe Win32/RiskWare.HackAV.IS application cleaned by deleting - quarantined
C:\Documents and Settings\Sakush\Desktop\New Folder (2)\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application deleted - quarantined
C:\Documents and Settings\Sakush\Desktop\New Folder (2)\pen dri\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application deleted - quarantined
C:\Program Files\Hotspot Shield\bin\openvpnas.exe a variant of Win32/HotSpotShield application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\P\P\New Folder\Softwares\SoftonicDownloader_for_kmplayer.exe.vir a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP342\A0119372.exe probably a variant of Win32/Spy.Agent.EVKIWXG trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP342\A0119373.exe probably a variant of Win32/Spy.Agent.EVKIWXG trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP354\A0139760.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP356\A0144898.exe Win32/RiskWare.HackAV.IS application cleaned by deleting - quarantined
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP356\A0144899.exe a variant of Win32/HotSpotShield application deleted - quarantined
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP356\A0144900.exe a variant of Win32/HotSpotShield application cleaned by deleting - quarantined


>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


ESET Log


[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0707ee2fa066f14fb50af890fa375a0d
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-25 12:03:15
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 1206 1206 0 0
# scanned=211127
# found=11
# cleaned=11
# scan_time=8473
C:\BitDefender Total Security 2012 (x86x64) include Patch{h33t}{mad dog}\Bitdefender Total Security 2012\patch.exe Win32/RiskWare.HackAV.IS application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Sakush\Desktop\New Folder (2)\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Sakush\Desktop\New Folder (2)\pen dri\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Hotspot Shield\bin\openvpnas.exe a variant of Win32/HotSpotShield application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\P\P\New Folder\Softwares\SoftonicDownloader_for_kmplayer.exe.vir a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP342\A0119372.exe probably a variant of Win32/Spy.Agent.EVKIWXG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP342\A0119373.exe probably a variant of Win32/Spy.Agent.EVKIWXG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP354\A0139760.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP356\A0144898.exe Win32/RiskWare.HackAV.IS application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP356\A0144899.exe a variant of Win32/HotSpotShield application (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{7471DDEE-C517-42CF-B462-8B6EFDC18CC5}\RP356\A0144900.exe a variant of Win32/HotSpotShield application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


BitDefener Log



QuickScan 32-bit v0.9.9.114
---------------------------
Scan date: Wed Apr 25 18:17:29 2012
Machine ID: 14AB6EF5



No infection found.
-------------------



Processes
---------
Alps Pointing-device Driver 2968 C:\Program Files\Apoint2K\Apoint.exe
Alps Pointing-device Driver for Windows 3676 C:\Program Files\Apoint2K\ApntEx.exe
ApMsgFwd 3220 C:\Program Files\Apoint2K\ApMsgFwd.exe
Bonjour 1952 C:\Program Files\Bonjour\mDNSResponder.exe
Conexant SmartAudo 2992 C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
CwService 192 C:\WINDOWS\system32\FsUsbExService.Exe
cyberlink brs 3100 C:\Program Files\CyberLink\Shared files\brs.exe
Fast Restore 2084 C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
Hotspot Shield Helper Service 248 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
hsswd.exe 264 C:\Program Files\Hotspot Shield\bin\hsswd.exe
Intel® Common User Interface 3240 C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface 2932 C:\WINDOWS\system32\igfxpers.exe
Intel® Common User Interface 3232 C:\WINDOWS\system32\igfxtray.exe
Intel® PROSet/Wireless 924 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
Intel® PROSet/Wireless 876 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
Intel® PROSet/Wireless 2196 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Intel® PROSet/Wireless 1160 C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
Intel® PROSet/Wireless 3988 C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
iTunes 2348 C:\Program Files\iPod\bin\iPodService.exe
iTunes 3196 C:\Program Files\iTunes\iTunesHelper.exe
IviRegMgr Module 288 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
Java™ Platform SE 6 U31 340 C:\Program Files\Java\jre6\bin\jqs.exe
Java™ Platform SE Auto Updater 2 0 2788 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Kies TrayAgent 2212 C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
Lenovo Care 3044 C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.EXE
Lenovo Fn+F5 Service 148 C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
Malwarebytes Anti-Malware 3372 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Malwarebytes Anti-Malware 356 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
Message Center 3056 C:\Program Files\ThinkVantage\AMSG\Amsg.exe
Microsoft Office Outlook 2007 with Busi 1916 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
Microsoft SQL Server 1472 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
Microsoft SQL Server 1564 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Microsoft Xbox 360 Accessories 3692 C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
Microsoft® Windows® Operating System 3516 C:\Program Files\Windows Media Player\wmpnetwk.exe
Microsoft® Windows® Operating System 3924 C:\Program Files\Windows Media Player\wmpnscfg.exe
Microsoft® Windows® Operating System 5844 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 1792 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 3272 C:\WINDOWS\system32\wbem\unsecapp.exe
Microsoft® Windows® Operating System 636 C:\WINDOWS\system32\wbem\unsecapp.exe
Microsoft® Windows® Operating System 2824 C:\WINDOWS\system32\wscntfy.exe
MobileDeviceService 1900 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MSSvc.exe 140 C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
On Screen Display 2984 C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PManage.exe 3012 C:\Program Files\Lenovo\VeriFaceIII\PManage.exe
PMHandler 2960 C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
PMSveH 828 C:\Program Files\Lenovo\PMDriver\PMSveH.exe
PowerDVD RC Service 3112 C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
Presentation Director 2980 C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
rrpservice Module 1632 C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
rrservice Module 2004 C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
scheduler_proxy Application 3008 C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
ThinkVantage System Update Service 2260 C:\Program Files\Lenovo\System Update\SUService.exe
ThinkVantage Technologies 1648 C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
tvtsched Module 2060 C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
UAService.exe 2124 C:\WINDOWS\system32\UAService.exe
WD Spindown Utility 3792 C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe
Windows Live Toolbar 1168 C:\Program Files\Windows Live\Toolbar\wltuser.exe
(verified) Microsoft Search Enhancement Pack 1340 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(verified) Microsoft® Windows® Operating System 2584 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 3360 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 1972 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 2572 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 508 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 488 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 1588 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1408 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2876 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1112 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1072 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1868 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 968 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 900 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1656 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1528 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 3468 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 320 C:\WINDOWS\system32\winlogon.exe
(verified) Microsoft® Windows® Operating System 1500 C:\WINDOWS\system32\wuauclt.exe
(verified) Windows® Internet Explorer 2488 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 1676 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 1040 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 3600 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 2740 C:\Program Files\Internet Explorer\iexplore.exe


Network activity
----------------
Process iexplore.exe (1040) connected on port 843 --> 178.237.165.87
Process iexplore.exe (1040) connected on port 80 (HTTP) --> 96.17.181.16
Process iexplore.exe (1040) connected on port 80 (HTTP) --> 96.17.181.16
Process iexplore.exe (2488) connected on port 80 (HTTP) --> 173.194.38.168
Process iexplore.exe (2488) connected on port 80 (HTTP) --> 173.194.38.168

Process svchost.exe (968) listens on ports: 135 (RPC)
Process svchost.exe (1528) listens on ports: 2869 (SSDP event notification, UPNP)


Autoruns and critical files
---------------------------
Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Alps Pointing-device Driver C:\Program Files\Apoint2K\Apoint.exe
Conexant SmartAudo C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
cyberlink brs C:\Program Files\CyberLink\Shared files\brs.exe
Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
Intel® PROSet/Wireless C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
Intel® PROSet/Wireless C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
Java™ Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Kies TrayAgent C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
Lenovo C:\Program Files\PCDR5\pcdr5cuiw32.exe
Lenovo Care C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
Malwarebytes Anti-Malware C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Message Center C:\Program Files\ThinkVantage\AMSG\Amsg.exe
Microsoft Xbox 360 Accessories C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
On Screen Display C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
PManage.exe C:\Program Files\Lenovo\VeriFaceIII\PManage.exe
PMHandler C:\Program Files\Lenovo\PMDriver\PMHandler.exe
PowerDVD RC Service C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
Presentation Director C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
QuickTime C:\Program Files\QuickTime\QTTask.exe
scheduler_proxy Application C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
WD Spindown Utility C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe
(verified) Google Update C:\Documents and Settings\Sakush\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
2007 Microsoft Office system C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Download Accelerator Plus (DAP) MSIE Lo C:\Program Files\DAP\dapieloader.dll
Google Talk Plugin C:\Documents and Settings\Sakush\Application Data\Mozilla\plugins\npgoogletalk.dll
Google Talk Plugin Video Accelerator C:\Documents and Settings\Sakush\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
Google Update C:\Documents and Settings\Sakush\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
IEHelp.dll C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll
InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
Java Deployment Toolkit 6.0.310.5 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Java™ Platform SE 6 U31 C:\Program Files\Java\jre6\bin\jp2ssv.dll
Java™ Platform SE 6 U31 C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
Java™ Platform SE 6 U31 C:\Program Files\Java\jre6\bin\ssv.dll
Java™ Platform SE 6 U31 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_2_202_233.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
Software Manager C:\WINDOWS\Downloaded Program Files\isusweb.dll
Windows Live Toolbar C:\Program Files\Windows Live\Toolbar\wltcore.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\IEFRAME.dll
Yahoo Application State Plugin C:\Program Files\Yahoo!\Shared\npYState.dll
(verified) AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
(verified) Microsoft Search Enhancement Pack C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
(verified) Microsoft® Windows Live Login Helper C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Scan
----
MD5: 31570e4e3362e1c6b31154e25626ad6e C:\Documents and Settings\Sakush\Application Data\Mozilla\plugins\npgoogletalk.dll
MD5: af6986a0ac409b9a192c09974bfccf57 C:\Documents and Settings\Sakush\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Documents and Settings\Sakush\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: 20b2c339361e82a6707533bac481fce4 C:\Program Files\7-Zip\7-zip.dll
MD5: 69b16c7b7746ba5c642fc05b3561fc73 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MD5: b3353d24f65e3520199e68ffc50bc667 C:\Program Files\Apoint2K\ApMsgFwd.exe
MD5: 359937efd1763df9f8b8d166bd4cc022 C:\Program Files\Apoint2K\ApntEx.exe
MD5: 25756db3c61ca00cac9deba73fb1cff5 C:\Program Files\Apoint2K\Apoint.dll
MD5: 4fff728cd684a4480ac1f97b12b35dc8 C:\Program Files\Apoint2K\Apoint.exe
MD5: 81b43f7e896d65cfa3d5f1b640c88f12 C:\Program Files\Apoint2K\EzAuto.dll
MD5: 9ddc1146b4a609621be94859a56daf7b C:\Program Files\Apoint2K\EzLaunch.DLL
MD5: c69dbfa61fe3dea653a9b83c3a2b052b C:\Program Files\Bonjour\mdnsNSP.dll
MD5: f832f1505ad8b83474bd9a5b1b985e01 C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 831f44b34d30fe259c533605b6933c41 C:\Program Files\Clarus\Samsung SecretZone\gdbm3.dll
MD5: 7ad11a5b5ea3bb3093a24c85e653ce54 C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys
MD5: 6b594f5e82809c1799d6a4fedb33e69e C:\Program Files\Clarus\Samsung SecretZone\MSMgrSDK.dll
MD5: ff6f0303d2783ddb8999f4e757212264 C:\Program Files\Clarus\Samsung SecretZone\MSMgrSDK.EN
MD5: 9da8fd98e368730e38589aa1952ac37f C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
MD5: 86b82f76fc18bf3743697b61cda6d848 C:\Program Files\Clarus\Samsung SecretZone\MSUtilSdk.dll
MD5: 04ad4bc3f3829cbb5fa4d2cc9c2c824b C:\Program Files\Clarus\Samsung SecretZone\MSVCP60.dll
MD5: 648ab52693d42c015d6062583b48d786 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: 3998f895e95b6cc147bf7815ee90424a C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: dddd1d04d5f4360371bc99c7c476f70d C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 56ff2d47d9f0e776431b40e4f76a4a68 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: 7caac9543318a1ee9056859f073a00da C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 6c74d73032bd60694ccf485a6dfcdbd3 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
MD5: 3808dd8f3b80549c140d22147441b1fb C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
MD5: 12562870da441564f4cf80ccbea646fe C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
MD5: f64a630c746dcefb640fe724f911d317 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 87305fef54f6787331812deec2620b70 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 5aa788d5a2c6737bb9c45933985bc1b8 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 91607a5e321cf2b9043dde0d6681a6c5 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 9015a97248a75212b5fdb7684acfbaa8 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 2492121f5422bee0185d2737042492ed C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\ConnMgr.dll
MD5: 1b6c11df0b05d367c942d10a51352106 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
MD5: ee2d9a7f17327f6b130e1037dd7e9a30 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
MD5: c56ee8c650cbb70a20a3b2e3df3fe996 C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
MD5: 680e958bc4a07b438039b8ccf021f5d9 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
MD5: 9155c9cd54f1f8f85b68440d896b6d63 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
MD5: 8e44eb9343c89ec23787a47c908fccaf C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.DLL
MD5: 213822072085b5bbad9af30ab577d817 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
MD5: 98a078f838a70f84e1bd490d7c7675f4 C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: a5fdede57463bb949ee4cd4da457bf39 c:\Program Files\Common Files\Lenovo\CDRecord.dll
MD5: a0c18ba160e57a293e2b65999b05036e C:\Program Files\Common Files\Lenovo\rr_res.dll
MD5: 68a43e92f3bc5ad312d05dc934c13a9a C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
MD5: 49851e0177f2044184c125e919d1917c C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
MD5: 34ee5b570d804e134d9c1d1fb630f7af c:\Program Files\Common Files\Lenovo\tvt_lenovo_res2.dll
MD5: 9626746a9b120d2ed537dd8d76278405 C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
MD5: d5762f87806d86913446157b72ff8333 c:\Program Files\Common Files\Lenovo\ui.dll
MD5: 7c334636b539fbfa65bd3b6da75b9d30 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
MD5: eb9eeb379848f356797eb9ef31114ca5 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
MD5: 640e33efb13278bedd3699dfa88185e5 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
MD5: 1d0063597c3666404fcf97698abeb019 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
MD5: 26687d8e9feed2ebab77670c72007b48 C:\Program Files\Common Files\System\ado\msado15.dll
MD5: 142cedecae89e372ee347681c3fbb257 C:\Program Files\Common Files\System\msadc\msadce.dll
MD5: 81e9041dac0983aace5c8920af73d64e C:\Program Files\Common Files\System\msadc\msadcer.dll
MD5: 1ed4c96ec76c3ddfcabd7644da23f4b6 C:\Program Files\Common Files\System\Ole DB\msdasql.dll
MD5: 8985fcece06a74017e23ddd093e34d4e C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL
MD5: 73baffa0b02320690cdc606241078ce4 C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll
MD5: d81672404dd71d6a4b7b989655fa4411 C:\Program Files\CONEXANT\SMARTAUDIO\dll\res0409.dll
MD5: d3ed6781554b19d622bd42c7c513e7e0 C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
MD5: 809a1ec7868924b5e92421f018587ac9 C:\Program Files\CyberLink\PowerDVD10\CLRCEngine3.dll
MD5: 1020c0c4bac624daf56712ea6d5865ce C:\Program Files\CyberLink\PowerDVD10\MSVCR71.dll
MD5: 22ec0852dbf032a93d8da697065fa189 C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
MD5: 5f2ae48e395c93278efbabc5ff3a98af C:\Program Files\CyberLink\Shared files\brs.exe
MD5: 7ab7011fa21f101ebacba8348fdd31da C:\Program Files\DAP\DAPIEEngine.dll
MD5: a43f74a25c2f94ef52f1e41da67a03b5 C:\Program Files\DAP\dapieloader.dll
MD5: a445933d0aff1fdcd800429d8373acc5 C:\Program Files\DAP\DAPIEMonitor.dll
MD5: f9d4c6d607a98b653b708c516f679510 C:\Program Files\DAP\Privacy Package\DAPCtxMenuShell.dll
MD5: 3b61db29136b42f1e820a3602280249b C:\Program Files\Hotspot Shield\bin\curllib.dll
MD5: c5bf8240e12ef056bfd6838abc8bb916 C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
MD5: cd85ba2ba40f0fb7b5231c780d9b6057 C:\Program Files\Hotspot Shield\bin\hsswd.exe
MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files\Hotspot Shield\bin\LIBEAY32.dll
MD5: 55f5a245d14b1f6db138860dbeb6ca2d C:\Program Files\Hotspot Shield\bin\libsasl.dll
MD5: 9eba4562872965f59edeecd4a4efafb9 C:\Program Files\Hotspot Shield\bin\OpenLDAP.dll
MD5: ac1937ff8a2a411efb7c5400d8df2bc5 C:\Program Files\Hotspot Shield\bin\SSLEAY32.dll
MD5: d5687c8c02df0eb4687b044a10df5cb4 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
MD5: a58ed4e268822b13dbe290af962bcd91 C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll
MD5: 546b02e524f1eeb7b97ce9cf1cae70c9 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
MD5: 891f02e6a45b19481fe3b707a3de90c0 C:\Program Files\Intel\WiFi\bin\DbEngine.dll
MD5: f969b2632fc5ace069a1fb9decf5581b C:\Program Files\Intel\WiFi\bin\EvtEng.exe
MD5: a5367baa3c7ada2d215c17be488f022c C:\Program Files\Intel\WiFi\bin\IntStngs.dll
MD5: 2ef7242d95cf7b22bd2615912bd76024 C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
MD5: 2c455cccb0d16df101a0b1abbcf60ab9 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\SupplicantPlugin.dll
MD5: 52121388c4121e5ad82ae103b17514db C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\WSCPlugin.dll
MD5: 81690359a00f0ddf7981c9090e164bba C:\Program Files\Intel\WiFi\bin\MurocApi.dll
MD5: 3389a101e63cb9506fe60f0ba3005a53 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
MD5: 2dff7fcff417ee054f511ac9790ce20f C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
MD5: f911b1afe543be0797001f30226b8b0a C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
MD5: 70209993de03f79704b4d5f19660cbe0 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
MD5: 081613550f667c3f484a76b3bb680e82 C:\Program Files\Intel\WiFi\bin\supplicant.dll
MD5: 449db4588757db33abc18840c59e2b2b C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
MD5: 2ad2e831fb023915188008f5b3103f5b C:\Program Files\Internet Explorer\ieproxy.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: 065b2f67ebf71130e9126b161f3740dc C:\Program Files\Internet Explorer\xpshims.dll
MD5: ca1962dd635feea4902055169b90fb03 C:\Program Files\IObit\Game Booster 3\GBV3ContextMenu.dll
MD5: 8e5e5a8cc84da3f683e3bbc045138d52 C:\Program Files\iPod\bin\iPodService.exe
MD5: 4f264a44d0052ee96370498dd6549361 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL
MD5: 56c4ec716c35a55e46ace2b653f0c361 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL
MD5: 55e99350f98919c21125f6b29bd24d6a C:\Program Files\iTunes\iTunesHelper.dll
MD5: f3deaa1f2fcf70faf6de3757ca343fa5 C:\Program Files\iTunes\iTunesHelper.exe
MD5: 68fdfdfc378750959c87211ece2ccb2d C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 95b9d5e9c09bd2de0dce1ea852112f93 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 2658ce01d183bc62e7c46a1c9969632e C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: a9770771b622a871643ea2a4a3983e95 C:\Program Files\Java\jre6\bin\jp2ssv.dll
MD5: 0a5709543986843d37a92290b7838340 C:\Program Files\Java\jre6\bin\jqs.exe
MD5: 34e3709244736b8976820f730e5a8815 C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
MD5: 8e6c86726b67d3faa3144849b9aac06c C:\Program Files\Java\jre6\bin\ssv.dll
MD5: 59b9f6abac6cbbc356e092c556ff8ea5 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
MD5: 513140dfe5141b38a84bc222dd2a9720 C:\Program Files\Lenovo\Drag-to-Disc\Shellex.dll
MD5: 0c65f30754ffb4f9e0f90646f8f0b10a C:\Program Files\Lenovo\Drag-to-Disc\ShellRes.dll
MD5: c4c9a48c3339b6335f8f0db1f47bb668 C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
MD5: b88aedc37f38e014dfd9c404ca2bbdeb C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
MD5: 56e86b434c2e3f48f3b1370a5fb1af74 C:\Program Files\Lenovo\HOTKEY\TpWAudHk.dll
MD5: 8338e8d8d5b07f10a80d420ceb305015 C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
MD5: fe97b169ce902cf21ad05c4cc5d17a17 C:\Program Files\Lenovo\LenovoCare\US\LPRESMGR.DLL
MD5: 8a0bfb1fc46b90a1c582270699f9f710 C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
MD5: 0b31826d46ccbf7c04913773382acefe C:\Program Files\Lenovo\PMDriver\PMEbLib.dll
MD5: be21364c588f116f35369ce3adf68a3b C:\Program Files\Lenovo\PMDriver\PMHandler.exe
MD5: 0d5b3ab1b120fae6f5da558a62e59cc6 C:\Program Files\Lenovo\PMDriver\PMHlerIO.dll
MD5: 29a26236447e5b5e3fce5e33168c43e0 C:\Program Files\Lenovo\PMDriver\PMSveH.exe
MD5: a5fdede57463bb949ee4cd4da457bf39 C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll
MD5: 069b0a10ccf0a303d783946d106a9145 C:\Program Files\Lenovo\Rescue and Recovery\FileCtrl.dll
MD5: d6e17e07b15c5da466e49e4281d73d9a C:\Program Files\Lenovo\Rescue and Recovery\rnr_lenovo_res.dll
MD5: a0c18ba160e57a293e2b65999b05036e C:\Program Files\Lenovo\Rescue and Recovery\rr_res.dll
MD5: 027c8a0bb9195c8a3584748a77419c7c C:\Program Files\Lenovo\Rescue and Recovery\rrapi.dll
MD5: 1aa675a55e169bc45b5685355bec2c66 C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
MD5: ff86960cf29eab25cddecc92cbba43d4 C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
MD5: 22a001f3fbb92e3811c3bfd8fdad3ed3 C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
MD5: 537391d77be91ca49505acc55a5fdb5d C:\Program Files\Lenovo\Rescue and Recovery\zlib.dll
MD5: c2191c1a5dfed0795e3d3b68905b195b C:\Program Files\Lenovo\System Update\SUService.exe
MD5: ba73bba1fd98084d92c7e0bc99a9ffb4 c:\program files\lenovo\system update\TvsuServiceCommon.dll
MD5: 68e607929cebe780d4c72934dd1a0486 C:\Program Files\Lenovo\VeriFaceIII\PManage.exe
MD5: 82d2c381c150bfe510b6b8e189aeb44e C:\Program Files\Lenovo\VeriFaceIII\time.dll
MD5: 64cc5502c69fc6d67735c10cb579c548 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MD5: 0d4f461d515bb1c933533c712d99e75b C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
MD5: 55b8c7b701c4d1b0c479f3ffea83850f C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: 1b82bcf0b8f9228b39f75b0dfa079a21 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MD5: 60721aa3316a200a8de23f1c502382fd C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MD5: ba400ed640bca1eae5c727ae17c10207 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 269552e0e5bd5bfe0da7ad42fac34c37 C:\Program Files\Microsoft Office\Office12\msohevi.dll
MD5: 6163664c7e9cd110af70180c126c3fdc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
MD5: c06ea83f6fc2959e897c117255b6b1d5 c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
MD5: b2ec3e1deac5f0a764bd3486d213a0af C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
MD5: d89083c4eb02daca8f944b0e05e57f9d C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
MD5: d1e2786d29a34009a54868b6b0449296 c:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss_xp.dll
MD5: c4aa81ea4434c2c14b6648ad7cd8294e C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
MD5: 2c394f44766b83a5b590a374dcea159f C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll
MD5: 6565242c64a88fd3786cd5a86c1f2986 C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\srchbxex.dll
MD5: a878453a1714870eaada83e6434bdb77 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 9a6101f29e2e9d41b99cbcc8f106e8fe C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: a25641b6b2ea0c110ffd27b737ea5aca C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 668043f192ab9659761a349a4703600d C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
MD5: 6fcde0e3de5b938229014b3503eaeb92 C:\Program Files\PCDR5\pcdr5cuiw32.exe
MD5: afdae59fe562a7cdb44f9d4abedac316 C:\Program Files\QuickTime\QTSystem\QTCF.dll
MD5: 1d856e6e7490447fcfaa46e09a2bf9c9 C:\Program Files\QuickTime\QTSystem\QuickTime.qts
MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\QTTask.exe
MD5: ada991d7a02130fa78413281a134330b C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
MD5: 11f07111105072f81c03a437423e88ee C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
MD5: 8052561661ce0dd47188e4f45870af76 C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll
MD5: 8fa3860fa448ccf9eae4de6bef190735 C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
MD5: a49300c0aa14137630c27c29c3bafd71 C:\Program Files\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MD5: 2970962901fc085bb348f053c434695c C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MD5: db0405d9aad62f0762e0876ac142b7e1 C:\Program Files\Skype\Updater\Updater.exe
MD5: e92cf84dc812bddf0e1c11a9c25fcc6d C:\Program Files\ThinkVantage\AMSG\AHLPRUNL.dll
MD5: 1201eb1157498a56e27df70da3b333ee C:\Program Files\ThinkVantage\AMSG\Amsg.exe
MD5: 340e2938ab37c3c01dc76c93157323dc C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe
MD5: 50234d25e3490987060eedd8c2b4e4a5 C:\Program Files\Windows Live\Toolbar\en-us\wltcore.market.dll.mui
MD5: 256f246f2bf87cb5dcd780b6d5898463 C:\Program Files\Windows Live\Toolbar\en\wltcore.dll.mui
MD5: 731f05b5c01b3ca9b813561c0b90e722 C:\Program Files\Windows Live\Toolbar\wltuser.exe
MD5: ebc6ace28e58ba5be4a8190b613b6f02 C:\Program Files\Windows Media Connect 2\wmccds.exe
MD5: b4426bea42bc1a0cf13044be2626a822 C:\Program Files\Windows Media Player\wmpnscfg.exe
MD5: c26842dc2066d1a66043a73e6505b627 C:\Program Files\Windows Media Player\wmpnssci.dll
MD5: a070b8c38ceb3a30cc18d1b7c433144c C:\Program Files\WinRAR\rarext.dll
MD5: 8338e8d8d5b07f10a80d420ceb305015 C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.EXE
MD5: be21364c588f116f35369ce3adf68a3b C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 617fb85504f7be3d0231b5c67724b1ba C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MD5: 5e037dc4af43c0d687953048b8c525b3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MD5: 9cc7fa87f38daad1fcd80be2ab9bf557 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MD5: e222e168339fad312c7c4a60ffc4ac91 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MD5: a8959295bdcd7a111acde9fae77c7ab1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MD5: 01e2eca759056f23c73a035fdabb2d6d C:\WINDOWS\Downloaded Program Files\dwusplay.exe
MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: 9a2d686c89acc36e3aa7cde3d1c45c1a c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
MD5: 2bac92e8ac5e16ed60062e9141b8d5f6 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 429e3efafcae6c89a57cd5d8e3442cae c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 35a936c7c029a5b705d3ffd40518d660 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: 8ddf0253e783e740bf053e0fe7d8b6fe C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\COMCTL32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll
MD5: 2a9e427681169f02274ad8c17d52fa2d C:\WINDOWS\system32\CSRSRV.dll
MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
MD5: 5b149ccfe275f4de0b4b8ec6b9f6821e C:\WINDOWS\System32\DLA\DLABMFSM.SYS
MD5: ad4cb3d783634c90a9d0ce360933a63c C:\WINDOWS\System32\DLA\DLABOIOM.SYS
MD5: 93d03238cc3f0ee3c0b3985d110ec575 C:\WINDOWS\System32\DLA\DLADResM.SYS
MD5: 6a82f77c4a6f5235bf352f0028e2ef52 C:\WINDOWS\System32\DLA\DLAIFS_M.SYS
MD5: 0e6052c0ada37504896a847231a3907d C:\WINDOWS\System32\DLA\DLAOPIOM.SYS
MD5: 29670bb4e2b973c5b55a76107d4910b2 C:\WINDOWS\System32\DLA\DLAPoolM.SYS
MD5: bbeecb95f2841ae4a3e3690d46d7153d C:\WINDOWS\System32\DLA\DLAUDF_M.SYS
MD5: 6b087732b86c1d866d69dbbe463ea90a C:\WINDOWS\System32\DLA\DLAUDFAM.SYS
MD5: 6279a396b79778b3ef215f2e15b3ac70 C:\WINDOWS\system32\DLAAPI_W.DLL
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: 0f83cb9bcb247869bcad28026b8f134b C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
MD5: a64529781e5b9cc454666a33a24e3e1d C:\WINDOWS\system32\DRIVERS\avchv.sys
MD5: 2bce314a25e71298add6794bfbd66266 C:\WINDOWS\system32\DRIVERS\avckf.sys
MD5: a9d0f6efc61d1ff69b55c495f85dd868 C:\WINDOWS\system32\DRIVERS\b57xp32.sys
MD5: 631783a00f11ea25abf597c9c33053d0 C:\WINDOWS\System32\Drivers\BisonC07.sys
MD5: b0a67de1a128389aea4d42c5a56215fd C:\WINDOWS\system32\drivers\ccdcmb.sys
MD5: 025c54f9f8c8bc1894ea38529c742c54 C:\WINDOWS\system32\drivers\ccdcmbo.sys
MD5: e2d7f6af93fe72dd840802797fafe4d3 C:\WINDOWS\system32\drivers\CHDAU32.sys
MD5: 6216fd7fd227de454238a702b218cec7 C:\WINDOWS\System32\drivers\dgderdrv.sys
MD5: 5230cdb7e715f3a3b4a882e254cdd35d C:\WINDOWS\System32\Drivers\DLACDBHM.SYS
MD5: 77fe51f0f8d86804cb81f6ef6bfb86dd C:\WINDOWS\System32\Drivers\DLARTL_M.SYS
MD5: 83106585494d5eb96f59187200c144bd C:\WINDOWS\System32\Drivers\DRVMCDB.SYS
MD5: ffc371525aa55d1bae18715ebcb8797c C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
MD5: ed10a3d367dd5596506022d5e2a3cba0 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
MD5: d92272a376bba4a0ed61f92280d71a10 C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
MD5: 03a51d7d5666df3d4331581b3a3109dc C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
MD5: 2f91ca49fb204262d234cae40e51c8cd C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
MD5: f5c70e41b19d33cc764998786ab74165 C:\WINDOWS\system32\drivers\IntcHdmi.sys
MD5: a69a1b991824b98f744913555f665893 C:\WINDOWS\system32\DRIVERS\jmcr.sys
MD5: fb097bbc1a18f044bd17bd2fccf97865 C:\WINDOWS\system32\drivers\mbam.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: 05743fffc2bc88cc8e426321bc6a762e C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
MD5: 78edacb732c05f6a7b15856929e6fe5f C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
MD5: fd2041e9ba03db7764b2248f02475079 C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
MD5: dedef40e1d05842639491365cb2c069e C:\WINDOWS\System32\drivers\pmemnt.sys
MD5: c6114ccd63db3925a0450b1089ece503 C:\WINDOWS\system32\drivers\PMHler.sys
MD5: f8a25f1dd8b2c332cbc663e3579566e7 C:\WINDOWS\system32\DRIVERS\psadd.sys
MD5: 96b4494d4734970f47c566e098c4f527 C:\WINDOWS\system32\DRIVERS\s24trans.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 3f0164fbc0bd1adbd02df9759181451a C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
MD5: b89d62206034e5fe573c80a24dd55675 C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
MD5: 1ed0fcea586fe2a416ee15196e5631dd C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
MD5: 994d2e5378cc337ec7dd73c1e04fcaa4 C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
MD5: 1e89de7a4fb7a854ebb241d0aa8996dd C:\WINDOWS\system32\DRIVERS\tap0901.sys
MD5: f10f36e20448a5500a5f83f67ee4aad4 C:\WINDOWS\System32\drivers\TSMAPIP.SYS
MD5: 49258a02a1e8d304ed88b0f1c56b1738 C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
MD5: 7e66dda1ef146bfc3a6e36e08e036602 C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
MD5: 930b8b8ef659a714cf1c755928b8850c C:\WINDOWS\system32\DRIVERS\tvtumon.sys
MD5: 78b74af8727a28c128e164e9b53a5413 C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
MD5: 4f8fbc51a1c0a17310846b417a447f91 C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
MD5: c60dc16d4e406810fad54b98dc92d5ec C:\WINDOWS\System32\Drivers\wpdusb.sys
MD5: 09e5340bd9b2cb730bf4dc6be7721291 C:\WINDOWS\system32\DRIVERS\xusb21.sys
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: b07663a810e861eebfd0eac7e82ca62d C:\WINDOWS\system32\FsUsbExDisk.SYS
MD5: f96c429788350db4ba6771c3034dfd88 C:\WINDOWS\system32\FsUsbExService.Exe
MD5: f3c74e7e588e09117e620659a8dba121 C:\WINDOWS\system32\hccutils.DLL
MD5: b1dc08dd8d1b1c4c2920aacbca243b7a C:\WINDOWS\system32\hkcmd.exe
MD5: 254ca8f8b2a387cd59e659991e3e3dbd C:\WINDOWS\system32\iepeers.dll
MD5: 6d30ef0daa21bf0fac227b3f986bc353 C:\WINDOWS\system32\igfxdev.dll
MD5: c8b2d85292794e5649c8db1c03d05c1c C:\WINDOWS\system32\igfxpers.exe
MD5: e99952e0c8f261ddcd91e62800941b39 C:\WINDOWS\system32\igfxpph.dll
MD5: b0b3b7593563473de47aceccbadce328 C:\WINDOWS\system32\igfxrENU.lrc
MD5: bf55338647c0c42d01f96099a8caa587 C:\WINDOWS\system32\igfxress.dll
MD5: 42f84b46c2d5c0c33d79b247eecc279e C:\WINDOWS\system32\igfxsrvc.dll
MD5: 6b3e08c213e3a0b0ce1657f777f31ab3 C:\WINDOWS\system32\igfxtray.exe
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: 459ac130c6ab892b1cd5d7544626efc5 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 62059985af996f4ffe5451cb0d5924bf C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.DLL
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\MFC71.DLL
MD5: 3f790874a85819e94574f3e7af9c5806 C:\WINDOWS\system32\msctfime.ime
MD5: 63f6826e5c59cb04c5835bf95bc87b52 C:\WINDOWS\system32\msfeeds.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: 9e70016c950b1f8fdeaa6f067e2e25a8 C:\WINDOWS\system32\msjet40.dll
MD5: 7e2b58ce8c4013287371667880b1080d C:\WINDOWS\system32\MSJINT40.DLL
MD5: 29bd913d8fd1feb6728dc9b43b55c1d2 C:\WINDOWS\system32\MSRATING.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: afdc647d16b285b9ae6140335b3b3255 C:\WINDOWS\system32\mswstr10.dll
MD5: c50768b4c71a8141c3ac59731a148302 C:\WINDOWS\system32\netprovcredman.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\System32\netshell.dll
MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll
MD5: 5ce275cdc5ffb77b1ec29dbdfe4b6689 C:\WINDOWS\system32\odbcji32.dll
MD5: 1b05dcc75fbb903a17e3e0ddaea8d508 C:\WINDOWS\system32\odbcjt32.dll
MD5: 7a6a7900b5e322763430ba6fd9a31224 C:\WINDOWS\system32\OLE32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: abeedd547e939ad827b2e29dec754206 C:\WINDOWS\system32\schannel.dll
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\shdocvw.dll
MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: 392fa02c1fbf0bcd2228c959180b76c3 C:\WINDOWS\system32\SimpleExt.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: ae24f1a4c2d92ed8132254aad3b8486e C:\WINDOWS\system32\UAService.exe
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: ee7e442cc7a7990f3d264a5a5694dda9 C:\WINDOWS\system32\Vxdif.dll
MD5: c7000f2db2a5515c64c257478769a481 C:\WINDOWS\system32\wbem\unsecapp.exe
MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: bf67ac2c1f41be892b98e9b8e91c0cb8 C:\WINDOWS\system32\wiashext.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 95cf3446911a6e25ee4086df8a45b2aa C:\WINDOWS\system32\winsrv.dll
MD5: 9eefe69139fdbb4a3c327630f8eb993a C:\WINDOWS\system32\wlanapi.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 2d03fffdee8e6b2439d0836a644e8038 C:\WINDOWS\system32\wmp.dll
MD5: 3f476505b239f65c5d67b6686af097d4 C:\WINDOWS\system32\wmploc.dll
MD5: ab7f6d6bf9633781b3e13a99ec20471b C:\WINDOWS\system32\wmpmde.dll
MD5: 4fb452bb899f99849716b6565cb8a29e C:\WINDOWS\system32\wmpps.dll
MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\system32\wscntfy.exe
MD5: 77f595dee5ffacea72b135b1fce1312e C:\WINDOWS\system32\XINPUT1_3.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll
MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll


No file uploaded.

Scan finished - communication took 8 sec
Total traffic - 0.01 MB sent, 1.30 KB recvd
Scanned 842 files and modules - 91 seconds

==============================================================================
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
ESET seems to not like something about your BitDefender. If this is a legal copy I would uninstall it and reinstall. If it was a cracked version, replace with the free Avast!
http://www.avast.com...ivirus-download

I don't know anything about Hotspot shield which it also seems to object to. It appears to be a legitimate program but the install program mentions conduit which I don't trust.

I see from BitDefender that your Adobe Reader is out of date. You need to uninstall it and download the latest version from adobe.com. Do not let them foist a toolbar or the McAfeee Security Scan on you (uncheck before downloading or uninstall if you get stuck with something.)

Perhaps now the OTL scan will work. Try it and let's see.
  • 0

#21
Steven Burnish

Steven Burnish

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Yup! I was using cracked version of Bitdefender Total Security 2012. As it could not protect me from this malware, i have removed it already!!

I am using Avast free version in my other laptop but it fails to update every single time! I have not been able to update ever since I installe it :(


HotspotShield is a VPN. It enables me to use banned sites like facebook,torrents at work! It makes the browser slow with tons of adds so I have stopped using it!! Maybe I should uninstall it!!

OTL Scan is up and running when i run normally!!
Here is the log!

OTL logfile created on: 4/26/2012 3:32:43 PM - Run 5
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Sakush\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 54.30% Memory free
7.34 Gb Paging File | 6.13 Gb Available in Paging File | 83.51% Paging File free
Paging file location(s): C:\pagefile.sys 4646 4691 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.75 Gb Total Space | 12.77 Gb Free Space | 5.58% Space Free | Partition Type: NTFS

Computer Name: LENOVO-832649CA | User Name: Sakush | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Documents and Settings\Sakush\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe ()
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\WINDOWS\system32\UAService.exe ()
PRC - C:\Program Files\Lenovo\VeriFaceIII\PManage.exe ()
PRC - C:\Program Files\Lenovo\PMDriver\PMHandler.exe (Lenovo)
PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
PRC - C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe (Conexant)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.)
PRC - C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Lenovo\PMDriver\PMSveH.exe (Lenovo)
PRC - C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe (Western Digital Technologies, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Sakush\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)
SRV - (EvtEng) Intel® -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV - (RegSrvc) Intel® -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (HssSrv) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (MSR Service) -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe ()
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (UserAccess) -- C:\WINDOWS\system32\UAService.exe ()
SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)
SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (TVT_UpdateMonitor) -- C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe (Lenovo Group Limited)
SRV - (Roxio Upnp Server 10) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (RoxLiveShare10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (Sonic Solutions)
SRV - (RoxWatch10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe (Sonic Solutions)
SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (FNF5SVC) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (ThinkVantage Registry Monitor Service) -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (PMSveH) -- C:\Program Files\Lenovo\PMDriver\PMSveH.exe (Lenovo)


========== Driver Services (SafeList) ==========

DRV - (mvd20) -- File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (NETwNx32) ___ Intel® -- C:\WINDOWS\system32\drivers\NETwNx32.sys (Intel Corporation)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\WINDOWS\system32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (mdf15) -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys ()
DRV - (IntcHdmiAddService) Intel® -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel® Corporation)
DRV - (NETw5x32) Intel® -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (Cam5607) -- C:\WINDOWS\system32\drivers\BisonC07.sys (Bison Electronics. Inc. )
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (JMCR) -- C:\WINDOWS\system32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (tvtumon) -- C:\WINDOWS\system32\drivers\tvtumon.sys (Lenovo)
DRV - (CnxtHdAudService) -- C:\WINDOWS\system32\drivers\CHDAU32.sys (Conexant Systems Inc.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (PMHler) -- C:\WINDOWS\system32\drivers\PMHler.sys (Lenovo )


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.2.0.5
FF - prefs.js..extensions.enabledItems: fa[email protected]:0.7.5
FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.6.1
FF - prefs.js..flock.keyword.provider: "Yahoo!"

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_5.0 [2012/01/21 20:16:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.5\extensions\\Components: C:\Program Files\Flock\components [2011/02/02 21:01:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.5\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/02/02 21:03:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components [2011/02/02 21:01:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/02/02 21:03:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/25 18:52:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/09 18:43:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012/01/21 20:16:50 | 000,000,000 | ---D | M]

[2010/02/03 10:59:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Extensions
[2010/02/03 10:59:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2012/04/21 19:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions
[2010/06/03 20:20:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/03/02 19:46:53 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/04/21 19:51:21 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\[email protected]
[2010/08/23 18:59:58 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\[email protected]
[2012/04/09 18:43:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/09 18:43:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2010/08/22 22:24:39 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\DOCUMENTS AND SETTINGS\SAKUSH\APPLICATION DATA\FLOCK\BROWSER\PROFILES\W46NR51B.DEFAULT\EXTENSIONS\[email protected]
[2009/11/11 03:15:41 | 000,000,000 | ---D | M] (Download Accelerator Plus Integration) -- C:\PROGRAM FILES\DAP\DAPFLOCK
[2012/03/13 10:24:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/04/09 18:43:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2012/03/13 10:23:32 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2012/03/13 10:23:32 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/04/25 00:54:01 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll ()
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LPManager] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PMDriver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe ()
O4 - HKLM..\Run: [WD Spindown Utility] C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe (Western Digital Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Sakush\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sakush\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/22 03:47:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/04/25 00:43:23 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/25 14:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/04/25 00:43:23 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012/04/24 22:44:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/04/24 13:11:51 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/04/23 23:20:42 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/04/23 23:14:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sakush\PrivacIE
[2012/04/22 23:51:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Application Data\Malwarebytes
[2012/04/22 23:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/04/22 23:51:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/22 23:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/22 23:45:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/21 20:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/04/21 19:53:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/04/21 19:53:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/04/21 19:53:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/04/21 19:53:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/04/21 19:51:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/04/21 19:48:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/21 19:48:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sakush\Start Menu\Programs\Administrative Tools
[2012/04/21 19:47:17 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Sakush\Desktop\mbam-setup-1.61.0.1400.exe
[2012/04/21 19:47:17 | 004,470,025 | R--- | C] (Swearware) -- C:\Documents and Settings\Sakush\Desktop\ComboFix.exe
[2012/04/21 19:47:16 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Sakush\Desktop\aswMBR.exe
[2012/04/21 19:47:16 | 002,072,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sakush\Desktop\tdsskiller.exe
[2012/04/21 19:33:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/21 19:29:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sakush\Desktop\OTL.exe
[2012/04/14 15:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011
[2012/04/14 15:17:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sakush\IETldCache
[2012/04/14 15:07:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/04/13 20:26:40 | 000,000,000 | ---D | C] -- C:\Rock Star Supernova
[2012/04/13 11:00:15 | 000,000,000 | ---D | C] -- C:\Mission Impossible III (2006)
[2012/04/13 10:59:25 | 000,000,000 | ---D | C] -- C:\Mission Impossible II (2000)
[2012/04/13 10:58:50 | 000,000,000 | ---D | C] -- C:\Mission Impossible (1996)
[2012/04/09 21:18:20 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys
[2012/04/09 21:18:20 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bserd.sys
[2012/04/09 21:18:20 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys
[2012/04/09 21:18:20 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys
[2012/04/09 21:18:19 | 000,098,432 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys
[2012/04/09 21:18:19 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys
[2012/04/09 20:20:01 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2012/04/09 19:38:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/04/09 18:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012/04/09 18:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/04/09 18:43:38 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/04/09 18:43:38 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/04/09 18:43:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/04/09 18:43:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/04/09 18:43:38 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/04/09 18:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\Samsung
[2012/04/09 18:20:34 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2012/04/09 18:20:01 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2012/04/09 18:20:01 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2012/04/09 18:20:01 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2012/04/09 18:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\Downloaded Installations
[2012/04/09 16:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\BlueStacksSetup
[2012/04/09 16:49:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\BlueStacks
[2012/04/05 21:14:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\New Folder (2)
[2012/04/03 20:40:03 | 000,000,000 | ---D | C] -- C:\Mission Impossible Ghost Protocol (2011)
[2012/04/02 20:51:29 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/01 22:55:36 | 000,000,000 | ---D | C] -- C:\BitDefender Total Security 2012 (x86x64) include Patch{h33t}{mad dog}
[2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Application Data\Intel
[2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2012/04/01 20:50:07 | 007,477,120 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETwNx32.sys
[2012/04/01 20:50:07 | 002,760,704 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETwNr32.dll
[2012/04/01 20:50:07 | 000,684,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETwNc32.dll
[2012/04/01 20:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless
[2012/04/01 20:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/04/01 20:48:20 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/04/01 20:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012/04/01 20:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Application Data\SystemRequirementsLab
[2012/03/28 22:11:08 | 000,325,552 | ---- | C] ((주)마크애니) -- C:\WINDOWS\MASetupCaller.dll
[2012/03/28 22:11:08 | 000,090,112 | ---- | C] ((주)마크애니) -- C:\WINDOWS\MAMCityDownload.ocx
[2012/03/28 22:11:06 | 000,569,344 | ---- | C] (© MusicCity) -- C:\WINDOWS\System32\muzdecode.ax
[2012/03/28 22:11:06 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.dll
[2012/03/28 22:11:06 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\WINDOWS\System32\MSLUR71.dll
[2012/03/28 22:11:06 | 000,258,048 | ---- | C] (© PeeringPortal) -- C:\WINDOWS\System32\muzoggsp.ax
[2012/03/28 22:11:06 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\WINDOWS\System32\MSCLib.dll
[2012/03/28 22:11:06 | 000,200,704 | ---- | C] ( © MusicCity) -- C:\WINDOWS\System32\muzwmts.dll
[2012/03/28 22:11:06 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\WINDOWS\System32\MSFLib.dll
[2012/03/28 22:11:06 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzaf1.dll
[2012/03/28 22:11:06 | 000,131,072 | ---- | C] (© MusicCity) -- C:\WINDOWS\System32\muzmpgsp.ax
[2012/03/28 22:11:06 | 000,122,880 | ---- | C] (© MUSICCITY) -- C:\WINDOWS\System32\muzeffect.ax
[2012/03/28 22:11:06 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\WINDOWS\System32\MaDRM.dll
[2012/03/28 22:11:06 | 000,110,592 | ---- | C] (© MusicCity) -- C:\WINDOWS\System32\muzmp4sp.ax
[2012/03/28 22:11:06 | 000,057,344 | ---- | C] (Marktek) -- C:\WINDOWS\System32\MK_Lyric.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\WINDOWS\System32\MTXSYNCICON.dll
[2012/03/28 22:11:06 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MaJGUILib.dll
[2012/03/28 22:11:06 | 000,045,320 | ---- | C] (MARKANY) -- C:\WINDOWS\System32\MAMACExtract.dll
[2012/03/28 22:11:06 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MaXMLProto.dll
[2012/03/28 22:11:06 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MACXMLProto.dll
[2012/03/28 22:11:06 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\WINDOWS\System32\MTTELECHIP.dll
[2012/03/28 22:11:06 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\WINDOWS\System32\MASetupCleaner.exe
[2012/03/28 22:11:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avrt.dll
[2012/03/28 16:12:53 | 000,000,000 | ---D | C] -- C:\Stacy Schiff - Cleopatra_A Life
[2012/03/28 16:04:30 | 000,000,000 | ---D | C] -- C:\The Silmarillion (444)
[2012/03/28 15:55:19 | 000,000,000 | ---D | C] -- C:\The Silmarillion (AudioBook & E-Book)
[2011/06/16 23:03:31 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/26 15:34:54 | 000,013,074 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\The_Samaritan_2012.torrent
[2012/04/26 15:27:02 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2955907764-2073543447-3033106246-1008UA.job
[2012/04/26 15:26:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/25 03:05:50 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/25 03:05:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/25 03:05:24 | 3179,868,160 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/25 00:54:01 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/04/25 00:35:28 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Flash_Disinfector.exe
[2012/04/24 16:53:36 | 000,044,765 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\sov.JPG
[2012/04/23 23:20:49 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/04/23 02:05:14 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Sakush\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/23 01:27:43 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/23 01:27:43 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/04/23 00:47:03 | 000,084,099 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1335121103.bdinstall.bin
[2012/04/22 23:50:27 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\MBR.dat
[2012/04/21 19:51:34 | 000,075,254 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1335017161.bdinstall.bin
[2012/04/21 19:46:06 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Sakush\Desktop\mbam-setup-1.61.0.1400.exe
[2012/04/21 19:32:54 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Sakush\Desktop\aswMBR.exe
[2012/04/21 19:24:52 | 002,072,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Sakush\Desktop\tdsskiller.exe
[2012/04/21 19:24:08 | 004,470,025 | R--- | M] (Swearware) -- C:\Documents and Settings\Sakush\Desktop\ComboFix.exe
[2012/04/14 15:17:57 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/14 14:38:01 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012/04/12 13:27:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2955907764-2073543447-3033106246-1008Core.job
[2012/04/09 20:20:04 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/09 20:19:37 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/04/09 20:19:37 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/04/09 19:39:06 | 000,000,440 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/04/09 18:43:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/04/09 18:43:23 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/04/09 18:43:23 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/04/09 18:43:23 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/04/09 18:43:23 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/04/09 18:20:42 | 000,001,669 | ---- | M] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/04/09 10:52:10 | 384,418,649 | ---- | M] () -- C:\Game.of.Thrones.S02E02.HDTV.x264-ASAP.mp4
[2012/04/08 13:48:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/06 04:16:45 | 1963,042,257 | ---- | M] () -- C:\Sternberg's Diagnostic Surgical Pathology, 5th ed. 2010, Pg.chm
[2012/04/05 12:58:49 | 000,000,323 | ---- | M] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/01 20:51:34 | 000,531,862 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/01 20:51:34 | 000,098,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/28 22:11:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll
[2012/03/28 22:11:08 | 000,325,552 | ---- | M] ((주)마크애니) -- C:\WINDOWS\MASetupCaller.dll
[2012/03/28 22:11:08 | 000,090,112 | ---- | M] ((주)마크애니) -- C:\WINDOWS\MAMCityDownload.ocx
[2012/03/28 22:11:08 | 000,030,568 | ---- | M] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/03/28 22:11:06 | 000,974,848 | ---- | M] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/03/28 22:11:06 | 000,569,344 | ---- | M] (© MusicCity) -- C:\WINDOWS\System32\muzdecode.ax
[2012/03/28 22:11:06 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.dll
[2012/03/28 22:11:06 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\WINDOWS\System32\MSLUR71.dll
[2012/03/28 22:11:06 | 000,258,048 | ---- | M] (© PeeringPortal) -- C:\WINDOWS\System32\muzoggsp.ax
[2012/03/28 22:11:06 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\WINDOWS\System32\MSCLib.dll
[2012/03/28 22:11:06 | 000,200,704 | ---- | M] ( © MusicCity) -- C:\WINDOWS\System32\muzwmts.dll
[2012/03/28 22:11:06 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\WINDOWS\System32\MSFLib.dll
[2012/03/28 22:11:06 | 000,143,360 | ---- | M] () -- C:\WINDOWS\System32\3DAudio.ax
[2012/03/28 22:11:06 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzaf1.dll
[2012/03/28 22:11:06 | 000,131,072 | ---- | M] (© MusicCity) -- C:\WINDOWS\System32\muzmpgsp.ax
[2012/03/28 22:11:06 | 000,122,880 | ---- | M] (© MUSICCITY) -- C:\WINDOWS\System32\muzeffect.ax
[2012/03/28 22:11:06 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\WINDOWS\System32\MaDRM.dll
[2012/03/28 22:11:06 | 000,110,592 | ---- | M] (© MusicCity) -- C:\WINDOWS\System32\muzmp4sp.ax
[2012/03/28 22:11:06 | 000,081,920 | ---- | M] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/03/28 22:11:06 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | M] (Marktek) -- C:\WINDOWS\System32\MK_Lyric.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\WINDOWS\System32\MTXSYNCICON.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/03/28 22:11:06 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MaJGUILib.dll
[2012/03/28 22:11:06 | 000,045,320 | ---- | M] (MARKANY) -- C:\WINDOWS\System32\MAMACExtract.dll
[2012/03/28 22:11:06 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MaXMLProto.dll
[2012/03/28 22:11:06 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MACXMLProto.dll
[2012/03/28 22:11:06 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\WINDOWS\System32\MTTELECHIP.dll
[2012/03/28 22:11:06 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\WINDOWS\System32\MASetupCleaner.exe
[2012/03/28 22:11:06 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\avrt.dll
[2012/03/28 22:11:02 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2012/03/28 22:11:02 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2012/03/28 22:11:02 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/26 15:34:53 | 000,013,074 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\The_Samaritan_2012.torrent
[2012/04/25 00:42:25 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Flash_Disinfector.exe
[2012/04/24 13:09:09 | 000,044,765 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\sov.JPG
[2012/04/23 23:20:49 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/04/23 23:20:45 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/04/23 00:47:03 | 000,084,099 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1335121103.bdinstall.bin
[2012/04/23 00:42:06 | 3179,868,160 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/22 23:50:27 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\MBR.dat
[2012/04/21 19:53:23 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/04/21 19:53:23 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/04/21 19:53:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/04/21 19:53:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/04/21 19:53:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/04/21 19:51:34 | 000,075,254 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1335017161.bdinstall.bin
[2012/04/14 15:17:57 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/04/09 19:39:06 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/04/09 18:20:42 | 000,001,669 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/04/09 08:21:58 | 384,418,649 | ---- | C] () -- C:\Game.of.Thrones.S02E02.HDTV.x264-ASAP.mp4
[2012/04/05 21:03:36 | 1963,042,257 | ---- | C] () -- C:\Sternberg's Diagnostic Surgical Pathology, 5th ed. 2010, Pg.chm
[2012/04/04 19:48:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/02 20:51:29 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/03/28 22:11:08 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/03/28 22:11:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/03/28 22:11:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\3DAudio.ax
[2012/03/28 22:11:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/03/28 22:11:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/03/26 23:24:50 | 000,528,423 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1332783350.bdinstall.bin
[2012/03/26 22:56:53 | 000,021,611 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1332781903.bdinstall.bin
[2011/06/16 23:03:30 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2011/02/21 18:41:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imblacklist.dat
[2011/02/21 14:08:15 | 001,540,166 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2010/11/22 18:15:54 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool.dat
[2010/11/22 18:15:53 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\bsrmgcv.dll
[2010/11/22 18:15:53 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\bsrmgps.dll
[2010/11/22 18:15:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\bsrgvas.dll
[2010/11/22 18:15:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2010/11/22 18:15:28 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2010/11/11 21:31:05 | 004,932,426 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2955907764-2073543447-3033106246-1008-0.dat
[2010/11/07 14:08:35 | 000,359,226 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/08/14 00:26:56 | 001,244,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/13 22:01:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/08/13 22:01:22 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/08/13 22:01:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\$_hpcst$.hpc
[2010/08/02 02:01:09 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/07/11 00:56:10 | 000,000,571 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/06/03 17:25:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2010/02/10 11:15:04 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\bdfvconp.ini
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_unmip.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_histprot.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat
[2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat
[2009/12/06 22:35:32 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/12/06 07:07:59 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2009/12/06 07:07:59 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2009/12/04 17:28:33 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2009/11/11 02:19:07 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/10 06:49:40 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/09/25 22:22:07 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\UAService.exe
[2009/09/25 22:22:07 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/09/21 21:52:33 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/09/11 22:09:30 | 000,000,208 | ---- | C] () -- C:\WINDOWS\POD.INI
[2009/09/11 22:08:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009/09/04 02:32:11 | 000,113,152 | ---- | C] () -- C:\Documents and Settings\Sakush\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/03 19:54:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/07/13 11:51:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/07/13 11:36:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2009/07/13 11:33:24 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/07/13 11:33:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/07/13 11:33:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/07/13 11:33:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/07/13 11:33:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/07/13 11:33:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/07/13 11:32:54 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2009/07/13 11:32:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/13 11:28:49 | 009,338,880 | ---- | C] () -- C:\WINDOWS\System32\Facev.dll
[2009/07/13 11:28:49 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\picn.dll
[2009/07/13 11:28:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\image.dll
[2009/07/13 11:28:48 | 000,655,360 | ---- | C] () -- C:\WINDOWS\System32\EncIcons.dll
[2009/07/13 11:28:48 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\SimpleExt.dll
[2009/07/13 11:28:48 | 000,241,752 | ---- | C] () -- C:\WINDOWS\System32\IcnOvrly.dll
[2009/07/13 11:28:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\FunFrm.dll
[2009/07/13 11:28:47 | 009,502,720 | ---- | C] () -- C:\WINDOWS\System32\FaceVerify.dll
[2009/07/13 11:28:47 | 001,974,272 | ---- | C] () -- C:\WINDOWS\System32\Imagereog.dll
[2009/07/13 11:28:47 | 001,564,672 | ---- | C] () -- C:\WINDOWS\System32\MainOp.dll
[2009/07/13 11:28:47 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\Apblend.dll
[2009/07/13 11:28:47 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SetDev.dll
[2009/07/13 11:28:47 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\VideoOp.dll
[2009/07/13 11:28:47 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Momo.dll
[2009/07/13 11:28:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\DevFilt.dll
[2009/07/13 11:28:45 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\3DImageRenderer.dll
[2009/07/13 11:23:12 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009/07/13 11:23:12 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2009/07/13 11:23:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4977.dll
[2009/07/13 11:17:26 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2009/07/13 11:14:32 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2008/07/22 04:35:02 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/07/22 04:35:00 | 000,531,862 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/07/22 04:35:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/07/22 04:35:00 | 000,098,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/07/22 04:35:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/07/22 04:34:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/07/22 04:34:59 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/07/22 04:34:58 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/07/22 04:34:55 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/07/22 04:34:55 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/07/22 04:34:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/07/22 04:34:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/07/22 03:49:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/07/22 03:45:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/07/21 20:40:48 | 000,004,307 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/21 20:40:02 | 000,399,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2004/12/20 15:53:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 15:48:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/09/10 19:21:12 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\QFClient2.dll
[2002/12/15 03:31:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
[2002/12/15 03:31:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/12/15 03:31:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/12/15 02:31:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/11/15 17:56:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll

========== LOP Check ==========

[2011/02/21 14:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4fdb0000-3fd7-41bd-4053-3d24a308378b
[2011/02/21 14:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\aa080000-27c5-4bde-4bdc-603f579e61b6
[2011/02/25 16:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch
[2012/03/27 02:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BDLogging
[2010/09/10 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/06 12:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2012/01/19 10:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/07/13 11:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2012/01/21 20:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/01/21 20:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2012/01/21 20:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/07/13 11:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2009/07/13 11:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2012/04/09 18:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/11/11 03:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/11/29 17:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2010/03/01 01:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/07/13 11:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2011/06/15 18:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VeriFace
[2010/02/20 12:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2011/06/15 22:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab
[2011/02/02 21:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/11 03:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/01 01:19:57 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011/02/04 15:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\cald3
[2010/09/10 22:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\DAEMON Tools Lite
[2012/03/27 04:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Esnyzi
[2010/02/03 10:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Flock
[2009/10/03 15:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\InterVideo
[2009/09/03 22:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Leadertech
[2012/02/29 23:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Maxthon3
[2011/11/11 21:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Mefy
[2012/01/21 20:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Nokia
[2012/01/21 20:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Nokia Suite
[2009/09/25 22:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\oald7
[2012/01/21 20:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\PC Suite
[2012/04/25 18:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\QuickScan
[2012/04/09 18:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Samsung
[2011/12/05 22:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Sports Interactive
[2012/04/01 20:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\SystemRequirementsLab
[2012/02/26 22:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\TeamViewer
[2011/02/19 16:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\temp
[2010/03/01 01:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\TuneUp Software
[2012/04/23 23:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\uTorrent
[2011/06/15 22:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Zbshareware Lab
[2012/03/14 03:00:27 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/02/21 15:01:45 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\Sakush\?????) -- C:\Documents and Settings\Sakush\獷楬汢捯污

< End of report >
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
I would uninstall Hotspot.

If you can't get Avast to update, it may be a firewall issue. There are three other free anti-viruses you can try if you can't get Avast to work:

Avira
http://www.avira.com...-free-antivirus
MSSE
http://windows.micro...rity-essentials
AVG
http://free.avg.com/...ivirus-download

You log looks OK now. If there are not other problems I think we can clean up:

We need to clean up System Restore.

Copy the following:

:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]

Run OTL. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.


Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

#23
Steven Burnish

Steven Burnish

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hello Ron,

First of all my apologies for the late reply. I was busy lately.


I ran OTL Scan with the Fix.

I uninstalled ComboFix

Changed the hidden folder options.

Optimized my Firefox


Am running updates of the adobo softwares

I use utorrent. Tried Virustotal.com but it says 32mb max. I generally download movies which are 700mb plus. But Ill be doing the checks when I download files of that size!!


I have WiFi security enabled. I am using WPA key enabled password to log in!!

Thanks a ton!! Cheers
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP