Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Moneypak FBI virus takes over the whole screen [Solved]


  • This topic is locked This topic is locked

#16
DJPeroni

DJPeroni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Here is the first log and html. The xml file is attached



Status: Deleted (events: 5)
8/12/2012 7:56:47 PM Deleted Trojan program Trojan-Downloader.Win32.Agent.gyqq C:\Documents and Settings\Kevin\Documents\Ableton Live Suite 8.1.1\AbletonLiveSuite8.1.1.exe High
8/12/2012 7:56:47 PM Deleted Trojan program Trojan-Downloader.Win32.Agent.gyqq C:\Documents and Settings\Kevin\Documents\Ableton Live Suite 8.1.1\AbletonLiveSuite8.1.1.exe//data0022.res High
8/12/2012 7:56:47 PM Deleted Trojan program Trojan-Downloader.Win32.Agent.gyqq C:\Documents and Settings\Kevin\Documents\Ableton Live Suite 8.1.1\AbletonLiveSuite8.1.1.exe//data0022.res//LiveFix.exe High
8/12/2012 7:56:47 PM Deleted Trojan program Trojan-Downloader.Win32.Agent.gyqq C:\Documents and Settings\Kevin\Documents\Ableton Live Suite 8.1.1\AbletonLiveSuite8.1.1.exe//data0022.res//LiveFix.exe//stdrt.exe High
8/12/2012 7:56:47 PM Deleted Trojan program Trojan-Downloader.Win32.Agent.gyqq C:\Documents and Settings\Kevin\Documents\Ableton Live Suite 8.1.1\AbletonLiveSuite8.1.1.exe//data0000.cab High







<!-- saved from url=(0014)about:internet -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1251">
<META http-equiv="nocache">
</HEAD>
</HEAD>
<script language="JavaScript">
function add_scr_line (s, InsMode) {
var szStr, szOldStr;
var InsPoz;
szStr = document.forms.ScriptForm.CureScript.value;
szOldStr = szStr;
if (!(szStr.length > 5))
szStr = "begin\nend.";
if (szStr.substr(0, 5).toLowerCase() != "begin")
szStr = "begin\n" + szStr;
InsPoz = szStr.lastIndexOf("end.");
if (InsPoz < 5) {
szStr = szStr + "\nend.";
InsPoz = szStr.length-4;
}
if (InsMode == 1)
InsPoz = 5;
if (!(szStr.indexOf(s) >= 5)) {
var szStr1, szStr2;
szStr1 = szStr.substr(0, InsPoz);
szStr2 = szStr.substr(InsPoz);
if (InsMode == 0)
szStr2 = "\n" + szStr2;
else
szStr1 = szStr1 + "\n";
szStr = szStr1 + s + szStr2;
}
if (szStr != szOldStr)
document.forms.ScriptForm.CureScript.value = szStr;
}
function add_f_line (s) {
var szStr;
szStr = document.forms.FilesForm.FileList.value;
if (szStr.length > 0)
szStr = szStr + "\n";
if (szStr.indexOf(s) == -1)
document.forms.FilesForm.FileList.value = szStr + s;
}
function add_scr_d (s) {
add_scr_line(" DeleteFile('"+s+"');", 0);
}
function add_scr_drk (s1, s2, s3) {
add_scr_line(" RegKeyParamDel('"+s1+"','"+s2+"','"+s3+"');", 0);
}
function add_scr_bho (s) {
add_scr_line(" DelBHO('"+s+"');", 1);
}
function add_scr_clsid (s) {
add_scr_line(" DelCLSID('"+s+"');", 1);
}
function add_scr_dpf (s) {
add_scr_line(" RegKeyDel('HKLM','SOFTWARE\\Microsoft\\Code Store Database\\Distribution Units\\"+s+"');", 1);
}
function add_scr_s1 (s) {
add_scr_line(" StopService('"+s+"');", 1);
}
function add_scr_s2 (s) {
add_scr_line(" DeleteService('"+s+"');", 1);
}
function add_scr_s3 (s) {
add_scr_line(" SetServiceStart('"+s+"', 4);", 1);
}
function add_scr_s4 (s) {
add_scr_line(" BC_DeleteSvc('"+s+"');", 0);
}
function add_scr_db (s) {
add_scr_line(" BC_DeleteFile('"+s+"');", 0);
}
function add_scr_k (s) {
add_scr_line(" QuarantineFile('"+s+"','');",1);
add_f_line(s);
}
function add_scr_t (s) {
add_scr_line(" TerminateProcessByName('"+s+"');",1);
add_f_line(s);
}
function add_scr_line_q (s, InsMode) {
add_scr_line(unescape(s),InsMode);
}
</script>
<BODY bgColor="#ffdfb7">
<H1 align=center>Results of system analysis</H1>
<p align=center>Kaspersky Virus Removal Tool 11.0.0.1245 (database released 13/08/2012; 08:09)</p>
<H2 align=center>List of processes</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>PID<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Copyright<TD align=center><b><font color=White>MD5<TD align=center><b><font color=White>Information
<TR bgColor="#ffc06d"><TD><a name="proc_1704"></a>AESTSr64.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("AESTSr64.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("AESTSr64.exe")'>Delete</a>, <a href='Javascript:add_scr_db("AESTSr64.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("AESTSr64.exe")'>Terminate</a><TD>1704<TD>&nbsp;<TD>&nbsp;<TD>??<TD>error getting file info<br>Command line:
<TR bgColor="#ffc06d"><TD><a name="proc_1808"></a>NIHardwareService.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("NIHardwareService.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("NIHardwareService.exe")'>Delete</a>, <a href='Javascript:add_scr_db("NIHardwareService.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("NIHardwareService.exe")'>Terminate</a><TD>1808<TD>&nbsp;<TD>&nbsp;<TD>??<TD>error getting file info<br>Command line:
<TR bgColor="#00CC66"><TD><a name="proc_3392"></a>c:\program files (x86)\razer\synapse\rzsynapse.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\program files (x86)\\razer\\synapse\\rzsynapse.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\program files (x86)\\razer\\synapse\\rzsynapse.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\program files (x86)\\razer\\synapse\\rzsynapse.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\program files (x86)\\razer\\synapse\\rzsynapse.exe")'>Terminate</a><TD>3392<TD>Razer Synapse<TD>© 2011 Razer USA Ltd and affiliated companies. All Rights Reserved.<TD>??<TD>306.91 kb, rsAh,<br>created: 01.07.2012 13:22:52,<br>modified: 01.07.2012 13:22:52<br>Command line: <BR>"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
<TR bgColor="#ffc06d"><TD><a name="proc_668"></a>stacsv64.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("stacsv64.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("stacsv64.exe")'>Delete</a>, <a href='Javascript:add_scr_db("stacsv64.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("stacsv64.exe")'>Terminate</a><TD>668<TD>&nbsp;<TD>&nbsp;<TD>??<TD>error getting file info<br>Command line:
<TR bgColor="#ffc06d"><TD><a name="proc_4056"></a>SynTPEnh.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("SynTPEnh.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("SynTPEnh.exe")'>Delete</a>, <a href='Javascript:add_scr_db("SynTPEnh.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("SynTPEnh.exe")'>Terminate</a><TD>4056<TD>&nbsp;<TD>&nbsp;<TD>??<TD>error getting file info<br>Command line:
<TR bgColor="#ffc06d"><TD><a name="proc_2636"></a>SynTPHelper.exe<br><font size=-2>Script: <a href='Javascript:add_scr_k("SynTPHelper.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("SynTPHelper.exe")'>Delete</a>, <a href='Javascript:add_scr_db("SynTPHelper.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("SynTPHelper.exe")'>Terminate</a><TD>2636<TD>&nbsp;<TD>&nbsp;<TD>??<TD>error getting file info<br>Command line:
<TR bgColor="#00CC66"><TD colspan=6>Detected:70, recognized as trusted 65
</TABLE>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Module name<TD align=center><b><font color=White>Handle<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Copyright<TD align=center><b><font color=White>MD5<TD align=center><b><font color=White>Used by processes
<TR bgColor="#ffc06d"><TD><a href="" title="17579.00 kb, rsAh, created: 23.05.2012 03:12:28, modified: 23.05.2012 03:12:29">C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\041b1bcf6ae9ab58925791d8198c37e2\PresentationFramework.ni.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationFramewo#\\041b1bcf6ae9ab58925791d8198c37e2\\PresentationFramework.ni.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationFramewo#\\041b1bcf6ae9ab58925791d8198c37e2\\PresentationFramework.ni.dll")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationFramewo#\\041b1bcf6ae9ab58925791d8198c37e2\\PresentationFramework.ni.dll")'>BC delete</a><TD>1769406464<TD>PresentationFramework.dll<TD>© Microsoft Corporation. All rights reserved.<TD>--<TD><a href="#proc_3392">3392</a>
<TR bgColor="#ffc06d"><TD><a href="" title="998.00 kb, rsAh, created: 10.05.2012 03:26:01, modified: 10.05.2012 03:26:01">C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runtime.Dura#\\79ac99fe5274fb82ffcff2c15f71854c\\System.Runtime.DurableInstancing.ni.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runtime.Dura#\\79ac99fe5274fb82ffcff2c15f71854c\\System.Runtime.DurableInstancing.ni.dll")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runtime.Dura#\\79ac99fe5274fb82ffcff2c15f71854c\\System.Runtime.DurableInstancing.ni.dll")'>BC delete</a><TD>1930821632<TD>System.Runtime.DurableInstancing.dll<TD>© Microsoft Corporation. All rights reserved.<TD>--<TD><a href="#proc_3392">3392</a>
<TR bgColor="#00CC66"><TD colspan=6>Modules detected:394, recognized as trusted 392
</TABLE>
<H2 align=center>Kernel Space Modules Viewer</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Module<TD align=center><b><font color=White>Base address<TD align=center><b><font color=White>Size in memory<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\system32\DRIVERS\16660388.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\DRIVERS\\16660388.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\DRIVERS\\16660388.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\DRIVERS\\16660388.sys")'>BC delete</a><TD>B209000<TD>75F000 (7729152)<TD><TD>
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\system32\DRIVERS\21215105.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\DRIVERS\\21215105.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\DRIVERS\\21215105.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\DRIVERS\\21215105.sys")'>BC delete</a><TD>1020000<TD>75F000 (7729152)<TD><TD>
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\system32\DRIVERS\9596485drv.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\DRIVERS\\9596485drv.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\DRIVERS\\9596485drv.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\DRIVERS\\9596485drv.sys")'>BC delete</a><TD>7F4B000<TD>096000 (614400)<TD><TD>
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\System32\Drivers\dump_dumpfve.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\dump_dumpfve.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\dump_dumpfve.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\dump_dumpfve.sys")'>BC delete</a><TD>6268000<TD>013000 (77824)<TD><TD>
<TR bgColor="#ffc06d"><TD><a title="error getting file info" href="">C:\Windows\System32\Drivers\dump_iaStor.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\System32\\Drivers\\dump_iaStor.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\System32\\Drivers\\dump_iaStor.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\System32\\Drivers\\dump_iaStor.sys")'>BC delete</a><TD>4600000<TD>11C000 (1163264)<TD><TD>
<TR bgColor="#00CC66"><TD colspan=5>Modules detected - 212, recognized as trusted - 207
</TABLE>
<H2 align=center>Services</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Service<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>File<TD align=center><b><font color=White>Group<TD align=center><b><font color=White>Dependencies
<TR bgColor="#ffc06d"><TD>Apache2.2<br><font size=-2>Service: <a href='Javascript:add_scr_s1("Apache2.2")'>Stop</a>, <a href='Javascript:add_scr_s2("Apache2.2")'>Delete</a>, <a href='Javascript:add_scr_s3("Apache2.2")'>Disable</a>, <a href='Javascript:add_scr_s4("Apache2.2")'>BC delete</a><TD>Apache2.2<TD>Not started<TD><a title="18.00 kb, rsAh, created: 15.05.2011 14:42:32, modified: 12.05.2011 17:27:40" href="">C:\Apache2\bin\httpd.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Apache2\\bin\\httpd.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Apache2\\bin\\httpd.exe")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Apache2\\bin\\httpd.exe")'>BC delete</a><TD>&nbsp;<TD>Tcpip
<TR bgColor="#ffc06d"><TD>DockLoginService<br><font size=-2>Service: <a href='Javascript:add_scr_s1("DockLoginService")'>Stop</a>, <a href='Javascript:add_scr_s2("DockLoginService")'>Delete</a>, <a href='Javascript:add_scr_s3("DockLoginService")'>Disable</a>, <a href='Javascript:add_scr_s4("DockLoginService")'>BC delete</a><TD>Dock Login Service<TD>Not started<TD><a title="error getting file info" href="">C:\Program Files\Dell\DellDock\DockLogin.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Dell\\DellDock\\DockLogin.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Dell\\DellDock\\DockLogin.exe")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Dell\\DellDock\\DockLogin.exe")'>BC delete</a><TD>UIGroup<TD>&nbsp;
<TR bgColor="#ffc06d"><TD>SessionLauncher<br><font size=-2>Service: <a href='Javascript:add_scr_s1("SessionLauncher")'>Stop</a>, <a href='Javascript:add_scr_s2("SessionLauncher")'>Delete</a>, <a href='Javascript:add_scr_s3("SessionLauncher")'>Disable</a>, <a href='Javascript:add_scr_s4("SessionLauncher")'>BC delete</a><TD>SessionLauncher<TD>Not started<TD><a title="error getting file info" href="">c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\DX9\\SessionLauncher.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\DX9\\SessionLauncher.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\DX9\\SessionLauncher.exe")'>BC delete</a><TD>&nbsp;<TD>&nbsp;
<TR bgColor="#00CC66"><TD colspan=7>Detected - 173, recognized as trusted - 170
</TABLE>
<H2 align=center>Drivers</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Service<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>File<TD align=center><b><font color=White>Group<TD align=center><b><font color=White>Dependencies
<TR bgColor="#ffc06d"><TD>16660388<br><font size=-2>Driver: <a href='Javascript:add_scr_s1("16660388")'>Unload</a>, <a href='Javascript:add_scr_s2("16660388")'>Delete</a>, <a href='Javascript:add_scr_s3("16660388")'>Disable</a>, <a href='Javascript:add_scr_s4("16660388")'>BC delete</a><TD>16660388<TD>Running<TD><a title="error getting file info" href="">16660388.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("16660388.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("16660388.sys")'>Delete</a>, <a href='Javascript:add_scr_db("16660388.sys")'>BC delete</a><TD>&nbsp;<TD>&nbsp;
<TR bgColor="#ffc06d"><TD>9596485drv<br><font size=-2>Driver: <a href='Javascript:add_scr_s1("9596485drv")'>Unload</a>, <a href='Javascript:add_scr_s2("9596485drv")'>Delete</a>, <a href='Javascript:add_scr_s3("9596485drv")'>Disable</a>, <a href='Javascript:add_scr_s4("9596485drv")'>BC delete</a><TD>9596485drv<TD>Running<TD><a title="error getting file info" href="">9596485drv.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("9596485drv.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("9596485drv.sys")'>Delete</a>, <a href='Javascript:add_scr_db("9596485drv.sys")'>BC delete</a><TD>&nbsp;<TD>&nbsp;
<TR bgColor="#ffc06d"><TD>ALSysIO<br><font size=-2>Driver: <a href='Javascript:add_scr_s1("ALSysIO")'>Unload</a>, <a href='Javascript:add_scr_s2("ALSysIO")'>Delete</a>, <a href='Javascript:add_scr_s3("ALSysIO")'>Disable</a>, <a href='Javascript:add_scr_s4("ALSysIO")'>BC delete</a><TD>ALSysIO<TD>Not started<TD><a title="error getting file info" href="">C:\Users\Kevin\AppData\Local\Temp\ALSysIO64.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Users\\Kevin\\AppData\\Local\\Temp\\ALSysIO64.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Users\\Kevin\\AppData\\Local\\Temp\\ALSysIO64.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Users\\Kevin\\AppData\\Local\\Temp\\ALSysIO64.sys")'>BC delete</a><TD>&nbsp;<TD>&nbsp;
<TR bgColor="#ffc06d"><TD>catchme<br><font size=-2>Driver: <a href='Javascript:add_scr_s1("catchme")'>Unload</a>, <a href='Javascript:add_scr_s2("catchme")'>Delete</a>, <a href='Javascript:add_scr_s3("catchme")'>Disable</a>, <a href='Javascript:add_scr_s4("catchme")'>BC delete</a><TD>catchme<TD>Not started<TD><a title="error getting file info" href="">C:\ComboFix\catchme.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\ComboFix\\catchme.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\ComboFix\\catchme.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\ComboFix\\catchme.sys")'>BC delete</a><TD>Base<TD>&nbsp;
<TR bgColor="#ffc06d"><TD>RxFilter<br><font size=-2>Driver: <a href='Javascript:add_scr_s1("RxFilter")'>Unload</a>, <a href='Javascript:add_scr_s2("RxFilter")'>Delete</a>, <a href='Javascript:add_scr_s3("RxFilter")'>Disable</a>, <a href='Javascript:add_scr_s4("RxFilter")'>BC delete</a><TD>RxFilter<TD>Not started<TD><a title="error getting file info" href="">C:\Windows\system32\DRIVERS\RxFilter.sys</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\DRIVERS\\RxFilter.sys")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\DRIVERS\\RxFilter.sys")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\DRIVERS\\RxFilter.sys")'>BC delete</a><TD>FSFilter Encryption<TD>FltMgr
<TR bgColor="#00CC66"><TD colspan=7>Detected - 267, recognized as trusted - 262
</TABLE>
<H2 align=center>Autoruns</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>Startup method<TD align=center><b><font color=White>Description
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\936bbefabbcb1f8b4b986d88\DW\DW20.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\936bbefabbcb1f8b4b986d88\\DW\\DW20.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\936bbefabbcb1f8b4b986d88\\DW\\DW20.exe")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\936bbefabbcb1f8b4b986d88\\DW\\DW20.exe")'>BC delete</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\VSSetup, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\PROTECTRP\Shellvrtf64.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\PROTECTRP\\Shellvrtf64.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\PROTECTRP\\Shellvrtf64.dll")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\PROTECTRP\\Shellvrtf64.dll")'>BC delete</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {7F67036B-66F1-411A-AD85-759FB9C5B0DB}<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved","{7F67036B-66F1-411A-AD85-759FB9C5B0DB}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\Dell\DellDock\DellDock.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Dell\\DellDock\\DellDock.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Dell\\DellDock\\DellDock.exe")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Dell\\DellDock\\DellDock.exe")'>BC delete</a><TD>Active<TD>Shortcut in Autoruns folder<TD>C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\, C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk,
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files\Bonjour\mDNSResponder.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Bonjour\\mDNSResponder.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Bonjour\\mDNSResponder.exe")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Bonjour\\mDNSResponder.exe")'>BC delete</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Bonjour Service, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files\Dell Support Center\LoggerMessage.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Dell Support Center\\LoggerMessage.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Dell Support Center\\LoggerMessage.dll")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Dell Support Center\\LoggerMessage.dll")'>BC delete</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\PC-Doctor, EventMessageFile
<TR bgColor="#ffc06d"><TD><a href="" title="0.36 kb, rsAh, created: 14.08.2012 21:59:44, modified: 14.08.2012 21:59:45">C:\Users\Kevin\AppData\Local\Temp\_uninst_43993192.bat</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Users\\Kevin\\AppData\\Local\\Temp\\_uninst_43993192.bat")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Users\\Kevin\\AppData\\Local\\Temp\\_uninst_43993192.bat")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Users\\Kevin\\AppData\\Local\\Temp\\_uninst_43993192.bat")'>BC delete</a><TD>Active<TD>Shortcut in Autoruns folder<TD>C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\, C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_43993192.lnk,
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Windows\system32\psxss.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\psxss.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\psxss.exe")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\psxss.exe")'>BC delete</a><TD>--<TD>Registry key<TD>HKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Session Manager\SubSystems, Posix
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">auditcse.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("auditcse.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("auditcse.dll")'>Delete</a>, <a href='Javascript:add_scr_db("auditcse.dll")'>BC delete</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{f3ccc681-b74c-4060-9f26-cd84525dca2a}, DLLName<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions\\{f3ccc681-b74c-4060-9f26-cd84525dca2a}","DLLName")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">rdpclip</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("rdpclip")'>Quarantine</a>, <a href='Javascript:add_scr_d("rdpclip")'>Delete</a>, <a href='Javascript:add_scr_db("rdpclip")'>BC delete</a><TD>Active<TD>Registry key<TD>HKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd, StartupPrograms<br><font size=-2> <a href='Javascript:add_scr_drk("HKEY_LOCAL_MACHINE","System\\CurrentControlSet\\Control\\Terminal Server\\Wds\\rdpwd","StartupPrograms")'>Delete</a>
<TR bgColor="#00CC66"><TD colspan=7> Autoruns items detected - 626, recognized as trusted - 617
</TABLE>
<H2 align=center>Microsoft Internet Explorer extension modules (BHOs, Toolbars ...)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Type<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 3, recognized as trusted - 3
</TABLE>
<H2 align=center>Windows Explorer extension modules</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Destination<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\PROTECTRP\Shellvrtf64.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\PROTECTRP\\Shellvrtf64.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\PROTECTRP\\Shellvrtf64.dll")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files (x86)\\Dell DataSafe Local Backup\\COMPONENTS\\PROTECTRP\\Shellvrtf64.dll")'>BC delete</a><TD>ShellViewRTF<TD><TD><TD>{7F67036B-66F1-411A-AD85-759FB9C5B0DB}<br><font size=-2> <a href='Javascript:add_scr_clsid("{7F67036B-66F1-411A-AD85-759FB9C5B0DB}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info"></a><TD>WinRAR shell extension<TD><TD><TD>{B41DB860-8EE4-11D2-9906-E49FADC173CA}<br><font size=-2> <a href='Javascript:add_scr_clsid("{B41DB860-8EE4-11D2-9906-E49FADC173CA}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info"></a><TD>ColumnHandler<TD><TD><TD>{F9DB5320-233E-11D1-9F84-707F02C10627}<br><font size=-2> <a href='Javascript:add_scr_clsid("{F9DB5320-233E-11D1-9F84-707F02C10627}")'>Delete</a>
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 18, recognized as trusted - 15
</TABLE>
<H2 align=center>Printing system extensions (print monitors, providers)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Type<TD align=center><b><font color=White>Name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">localspl.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("localspl.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("localspl.dll")'>Delete</a>, <a href='Javascript:add_scr_db("localspl.dll")'>BC delete</a><TD>Monitor<TD>Local Port<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">FXSMON.DLL</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("FXSMON.DLL")'>Quarantine</a>, <a href='Javascript:add_scr_d("FXSMON.DLL")'>Delete</a>, <a href='Javascript:add_scr_db("FXSMON.DLL")'>BC delete</a><TD>Monitor<TD>Microsoft Shared Fax Monitor<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">VNCpm.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("VNCpm.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("VNCpm.dll")'>Delete</a>, <a href='Javascript:add_scr_db("VNCpm.dll")'>BC delete</a><TD>Monitor<TD>MONVNC<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">tcpmon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("tcpmon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("tcpmon.dll")'>Delete</a>, <a href='Javascript:add_scr_db("tcpmon.dll")'>BC delete</a><TD>Monitor<TD>Standard TCP/IP Port<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">usbmon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("usbmon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("usbmon.dll")'>Delete</a>, <a href='Javascript:add_scr_db("usbmon.dll")'>BC delete</a><TD>Monitor<TD>USB Monitor<TD><TD>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">WSDMon.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("WSDMon.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("WSDMon.dll")'>Delete</a>, <a href='Javascript:add_scr_db("WSDMon.dll")'>BC delete</a><TD>Monitor<TD>WSD Port<TD><TD>
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 7, recognized as trusted - 1
</TABLE>
<H2 align=center>Task Scheduler jobs</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Job name<TD align=center><b><font color=White>Job status<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 5, recognized as trusted - 5
</TABLE>
<H2 align=center>SPI/LSP settings</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<B>Namespace providers (NSP)
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Provider<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>EXE file<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>GUID
<TR bgColor="#00CC66"><TD colspan=7>Detected - 8, recognized as trusted - 8
</TABLE>
<B>Transport protocol providers (TSP, LSP)</B>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Provider<TD align=center><b><font color=White>EXE file<TD align=center><b><font color=White>Description
<TR bgColor="#00CC66"><TD colspan=7>Detected - 10, recognized as trusted - 10
</TABLE>
<B>Results of automatic SPI settings check</B>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0><pre>
LSP settings checked. No errors detected
</pre></TABLE>
<H2 align=center>TCP/UDP ports</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Port<TD align=center><b><font color=White>Status<TD align=center><b><font color=White>Remote Host<TD align=center><b><font color=White>Remote Port<TD align=center><b><font color=White>Application<TD align=center><b><font color=White>Notes
<TR bgColor="#ffc06d"><TD colspan=7><b>TCP ports
<TR bgColor="#ffc06d"><TD>135<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[804] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>139<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System")'>Quarantine</a>, <a href='Javascript:add_scr_d("System")'>Delete</a>, <a href='Javascript:add_scr_db("System")'>BC delete</a>, <a href='Javascript:add_scr_t("System")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>445<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System")'>Quarantine</a>, <a href='Javascript:add_scr_d("System")'>Delete</a>, <a href='Javascript:add_scr_db("System")'>BC delete</a>, <a href='Javascript:add_scr_t("System")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>2869<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System")'>Quarantine</a>, <a href='Javascript:add_scr_d("System")'>Delete</a>, <a href='Javascript:add_scr_db("System")'>BC delete</a>, <a href='Javascript:add_scr_t("System")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>5357<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[4] System</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System")'>Quarantine</a>, <a href='Javascript:add_scr_d("System")'>Delete</a>, <a href='Javascript:add_scr_db("System")'>BC delete</a>, <a href='Javascript:add_scr_t("System")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>17500<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="26477.38 kb, rsAh, created: 24.05.2012 12:39:22, modified: 24.05.2012 12:39:22">[2072] c:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>19872<TD>ESTABLISHED<TD>127.0.0.1<TD>49178<TD><a href="" title="26477.38 kb, rsAh, created: 24.05.2012 12:39:22, modified: 24.05.2012 12:39:22">[2072] c:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49152<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[532] wininit.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("wininit.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("wininit.exe")'>Delete</a>, <a href='Javascript:add_scr_db("wininit.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("wininit.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49153<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[948] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49154<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[384] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49155<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[596] services.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("services.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("services.exe")'>Delete</a>, <a href='Javascript:add_scr_db("services.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("services.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49156<TD>LISTENING<TD>0.0.0.0<TD>0<TD><a href="" title="error getting file info">[616] lsass.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("lsass.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("lsass.exe")'>Delete</a>, <a href='Javascript:add_scr_db("lsass.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("lsass.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49178<TD>ESTABLISHED<TD>127.0.0.1<TD>19872<TD><a href="" title="26477.38 kb, rsAh, created: 24.05.2012 12:39:22, modified: 24.05.2012 12:39:22">[2072] c:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49975<TD>ESTABLISHED<TD>199.47.217.177<TD>443<TD><a href="" title="26477.38 kb, rsAh, created: 24.05.2012 12:39:22, modified: 24.05.2012 12:39:22">[2072] c:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49986<TD>ESTABLISHED<TD>199.47.216.146<TD>80<TD><a href="" title="26477.38 kb, rsAh, created: 24.05.2012 12:39:22, modified: 24.05.2012 12:39:22">[2072] c:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50066<TD>ESTABLISHED<TD>173.194.33.60<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50072<TD>ESTABLISHED<TD>74.125.142.157<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50094<TD>ESTABLISHED<TD>74.125.142.149<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50128<TD>ESTABLISHED<TD>74.125.127.125<TD>5222<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50146<TD>CLOSE_WAIT<TD>173.194.33.45<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50147<TD>CLOSE_WAIT<TD>173.194.33.45<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50148<TD>CLOSE_WAIT<TD>173.194.33.45<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50149<TD>CLOSE_WAIT<TD>173.194.33.45<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50150<TD>CLOSE_WAIT<TD>173.194.33.45<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50151<TD>CLOSE_WAIT<TD>173.194.33.45<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50157<TD>CLOSE_WAIT<TD>209.85.225.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50158<TD>CLOSE_WAIT<TD>209.85.225.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50159<TD>CLOSE_WAIT<TD>209.85.225.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50160<TD>CLOSE_WAIT<TD>209.85.225.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50161<TD>CLOSE_WAIT<TD>209.85.225.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50162<TD>CLOSE_WAIT<TD>209.85.225.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50435<TD>TIME_WAIT<TD>184.51.50.227<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50473<TD>TIME_WAIT<TD>96.17.237.229<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50478<TD>ESTABLISHED<TD>23.3.68.144<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50480<TD>TIME_WAIT<TD>96.17.237.229<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50483<TD>ESTABLISHED<TD>23.3.68.192<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50484<TD>TIME_WAIT<TD>23.3.68.192<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50486<TD>TIME_WAIT<TD>72.5.64.63<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50504<TD>TIME_WAIT<TD>23.3.68.203<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50505<TD>TIME_WAIT<TD>23.3.68.203<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50519<TD>ESTABLISHED<TD>23.3.12.34<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50520<TD>ESTABLISHED<TD>23.3.12.34<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50561<TD>TIME_WAIT<TD>205.216.12.17<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50564<TD>TIME_WAIT<TD>216.38.162.155<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50624<TD>ESTABLISHED<TD>66.135.202.211<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50628<TD>ESTABLISHED<TD>23.3.68.170<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50637<TD>ESTABLISHED<TD>216.34.207.177<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50648<TD>ESTABLISHED<TD>23.3.68.217<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50652<TD>CLOSE_WAIT<TD>74.125.142.154<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50655<TD>ESTABLISHED<TD>66.150.149.24<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50698<TD>ESTABLISHED<TD>23.62.97.184<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50728<TD>ESTABLISHED<TD>23.3.68.123<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50735<TD>ESTABLISHED<TD>63.215.202.6<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50747<TD>ESTABLISHED<TD>74.125.142.148<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50755<TD>ESTABLISHED<TD>63.215.202.9<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50761<TD>ESTABLISHED<TD>74.125.142.148<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50778<TD>ESTABLISHED<TD>66.150.149.23<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50798<TD>TIME_WAIT<TD>70.32.88.109<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50799<TD>ESTABLISHED<TD>184.169.230.74<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50807<TD>ESTABLISHED<TD>23.7.64.143<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50811<TD>ESTABLISHED<TD>69.25.24.23<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50812<TD>ESTABLISHED<TD>69.25.24.23<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50813<TD>ESTABLISHED<TD>69.25.24.23<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50814<TD>TIME_WAIT<TD>63.215.202.6<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50816<TD>ESTABLISHED<TD>23.3.68.113<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50824<TD>TIME_WAIT<TD>74.121.139.122<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50825<TD>TIME_WAIT<TD>69.25.24.26<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50828<TD>ESTABLISHED<TD>23.3.12.75<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50829<TD>ESTABLISHED<TD>63.215.202.54<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50839<TD>ESTABLISHED<TD>23.3.68.113<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50840<TD>ESTABLISHED<TD>23.3.12.74<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50841<TD>ESTABLISHED<TD>184.28.63.231<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50842<TD>CLOSE_WAIT<TD>184.28.63.231<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50843<TD>ESTABLISHED<TD>216.34.207.81<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50844<TD>ESTABLISHED<TD>216.34.207.81<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50845<TD>ESTABLISHED<TD>216.34.207.81<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50846<TD>TIME_WAIT<TD>216.34.207.81<TD>80<TD><a href="" title="error getting file info">[0] &nbsp;</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50851<TD>ESTABLISHED<TD>184.73.187.64<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50852<TD>ESTABLISHED<TD>184.73.187.64<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50853<TD>ESTABLISHED<TD>23.3.68.139<TD>80<TD><a href="" title="1201.02 kb, rsAh, created: 02.06.2010 11:14:08, modified: 08.08.2012 14:31:17">[3484] c:\users\kevin\appdata\local\google\chrome\application\chrome.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\local\\google\\chrome\\application\\chrome.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD colspan=7><b>UDP ports
<TR bgColor="#ffc06d"><TD>137<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[4] System</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System")'>Quarantine</a>, <a href='Javascript:add_scr_d("System")'>Delete</a>, <a href='Javascript:add_scr_db("System")'>BC delete</a>, <a href='Javascript:add_scr_t("System")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>138<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[4] System</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("System")'>Quarantine</a>, <a href='Javascript:add_scr_d("System")'>Delete</a>, <a href='Javascript:add_scr_db("System")'>BC delete</a>, <a href='Javascript:add_scr_t("System")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>500<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[384] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>1900<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>1900<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>3544<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[384] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>3702<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1300] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>3702<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1300] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>3702<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>3702<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>4500<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[384] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>5355<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1428] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>17500<TD>LISTENING<TD>--<TD>--<TD><a href="" title="26477.38 kb, rsAh, created: 24.05.2012 12:39:22, modified: 24.05.2012 12:39:22">[2072] c:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\users\\kevin\\appdata\\roaming\\dropbox\\bin\\dropbox.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>49152<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>50495<TD>LISTENING<TD>--<TD>--<TD><a href="" title="1146.50 kb, rsAh, created: 23.05.2011 15:28:37, modified: 20.11.2010 06:17:41">[3124] c:\program files (x86)\windows sidebar\sidebar.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\program files (x86)\\windows sidebar\\sidebar.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\program files (x86)\\windows sidebar\\sidebar.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\program files (x86)\\windows sidebar\\sidebar.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\program files (x86)\\windows sidebar\\sidebar.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>51332<TD>LISTENING<TD>--<TD>--<TD><a href="" title="823.94 kb, RsAh, created: 02.01.2012 09:07:56, modified: 02.01.2012 09:07:56">[3272] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe")'>Delete</a>, <a href='Javascript:add_scr_db("c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>55418<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>55419<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1768] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>60739<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[384] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
<TR bgColor="#ffc06d"><TD>61536<TD>LISTENING<TD>--<TD>--<TD><a href="" title="error getting file info">[1300] svchost.exe</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("svchost.exe")'>Quarantine</a>, <a href='Javascript:add_scr_d("svchost.exe")'>Delete</a>, <a href='Javascript:add_scr_db("svchost.exe")'>BC delete</a>, <a href='Javascript:add_scr_t("svchost.exe")'>Terminate</a><TD>&nbsp;
</TABLE>
<H2 align=center>Downloaded Program Files (DPF)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID<TD align=center><b><font color=White>Source URL
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">C:\Program Files\Java\jre7\bin\npjpi170.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Program Files\\Java\\jre7\\bin\\npjpi170.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Program Files\\Java\\jre7\\bin\\npjpi170.dll")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Program Files\\Java\\jre7\\bin\\npjpi170.dll")'>BC delete</a><TD><TD><TD>{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}<br><font size=-2> <a href='Javascript:add_scr_dpf("{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}")'>Delete</a><TD>http://java.sun.com/...indows-i586.cab
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 5, recognized as trusted - 4
</TABLE>
<H2 align=center>Control Panel Applets (CPL)</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer
<TR bgColor="#ffc06d"><TD><a href="" title="68.70 kb, rsAh, created: 10.06.2011 20:38:19, modified: 03.08.2012 17:32:20">C:\Windows\system32\FlashPlayerCPLApp.cpl</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("C:\\Windows\\system32\\FlashPlayerCPLApp.cpl")'>Quarantine</a>, <a href='Javascript:add_scr_d("C:\\Windows\\system32\\FlashPlayerCPLApp.cpl")'>Delete</a>, <a href='Javascript:add_scr_db("C:\\Windows\\system32\\FlashPlayerCPLApp.cpl")'>BC delete</a><TD>Adobe Flash Player Control Panel Applet<TD>Copyright © 1996 Adobe Systems Incorporated. All Rights Reserved. Adobe and Flash are either trademarks or registered trademarks in the United States and/or other countries.
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 19, recognized as trusted - 18
</TABLE>
<H2 align=center>Active Setup</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 7, recognized as trusted - 7
</TABLE>
<H2 align=center>HOSTS file</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>Hosts file record
<TR bgColor="#ffc06d"><TD><pre><code>127.0.0.1 localhost
<TR bgColor="#ffc06d"><TD> <a href='Javascript:add_scr_line_q("ClearHostsFile;", 0)'>Clear Hosts file</a>
</TABLE>
<H2 align=center>Protocols and handlers</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File name<TD align=center><b><font color=White>Type<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Manufacturer<TD align=center><b><font color=White>CLSID
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">mscoree.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mscoree.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("mscoree.dll")'>Delete</a>, <a href='Javascript:add_scr_db("mscoree.dll")'>BC delete</a><TD>Protocol<TD>Microsoft .NET Runtime Execution Engine ()<TD>© Microsoft Corporation. All rights reserved.<TD>{1E66F26B-79EE-11D2-8710-00C04F79ED0D}<br><font size=-2> <a href='Javascript:add_scr_clsid("{1E66F26B-79EE-11D2-8710-00C04F79ED0D}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">mscoree.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mscoree.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("mscoree.dll")'>Delete</a>, <a href='Javascript:add_scr_db("mscoree.dll")'>BC delete</a><TD>Protocol<TD>Microsoft .NET Runtime Execution Engine ()<TD>© Microsoft Corporation. All rights reserved.<TD>{1E66F26B-79EE-11D2-8710-00C04F79ED0D}<br><font size=-2> <a href='Javascript:add_scr_clsid("{1E66F26B-79EE-11D2-8710-00C04F79ED0D}")'>Delete</a>
<TR bgColor="#ffc06d"><TD><a href="" title="error getting file info">mscoree.dll</a><br><font size=-2>Script: <a href='Javascript:add_scr_k("mscoree.dll")'>Quarantine</a>, <a href='Javascript:add_scr_d("mscoree.dll")'>Delete</a>, <a href='Javascript:add_scr_db("mscoree.dll")'>BC delete</a><TD>Protocol<TD>Microsoft .NET Runtime Execution Engine ()<TD>© Microsoft Corporation. All rights reserved.<TD>{1E66F26B-79EE-11D2-8710-00C04F79ED0D}<br><font size=-2> <a href='Javascript:add_scr_clsid("{1E66F26B-79EE-11D2-8710-00C04F79ED0D}")'>Delete</a>
<TR bgColor="#00CC66"><TD colspan=7> Elements detected - 13, recognized as trusted - 10
</TABLE>
<H2 align=center>Suspicious objects</H2>
<TABLE cellSpacing=1 cellPadding=2 width="100%" bgColor=#ffffff border=0>
<TR BgColor="#0000FF"><TD align=center><b><font color=White>File<TD align=center><b><font color=White>Description<TD align=center><b><font color=White>Type
</TABLE>
<BR><HR></B></I>
<PRE>
Main script of analysis
Windows version: Windows 7 Professional, Build=7601, SP="Service Pack 1"
System Restore: enabled
>> Services: potentially dangerous service allowed: TermService (@%SystemRoot%\System32\termsrv.dll,-268)
>> Services: potentially dangerous service allowed: SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100)
>> Services: potentially dangerous service allowed: Schedule (@%SystemRoot%\system32\schedsvc.dll,-100)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
>> Security: sending Remote Assistant queries is enabled
>> Disable HDD autorun
>> Disable autorun from network drives
>> Disable CD/DVD autorun
>> Disable removable media autorun
>> Windows Explorer - show extensions of known file types
System Analysis in progress
<br> System Analysis - complete
<br>
<b>Script commands</b><form name="ScriptForm"> <textarea rows=10 cols=80 name="CureScript"></textarea></form>
Add commands to script:<br><ul><li><a href='Javascript:add_scr_line("SearchRootkit(true, true);", 1)'>Blocking hooks using Anti-Rootkit</a><br><li><a href='Javascript:add_scr_line("SetAVZGuardStatus(True);", 1)'>Enable AVZGuard</a><br><li><a href='Javascript:add_scr_line("SetAVZPMStatus(True);", 1)'>Operations with AVZPM (true=enable,false=disable)</a><br><li><a href='Javascript:add_scr_line("BC_ImportDeletedList;", 0)'>BootCleaner - import list of deleted files</a><br><li><a href='Javascript:add_scr_line("BC_ImportAll;", 0)'>BootCleaner - import all</a><br><li><a href='Javascript:add_scr_line("ExecuteSysClean;", 0)'>Registry cleanup after deleting files</a><br><li><a href='Javascript:add_scr_line_q("%45%78%65%63%75%74%65%57%69%7A%61%72%64%28%27%54%53%57%27%2C%32%2C%33%2C%74%72%75%65%29%3B", 0)'>ExecuteWizard ('TSW',2,3,true) - Running Troubleshooting wizard</a><br><li><a href='Javascript:add_scr_line("BC_Activate;", 0)'>BootCleaner - activate</a><br><li><a href='Javascript:add_scr_line("RebootWindows(true);", 0)'>Reboot</a><br><li><a href='Javascript:add_scr_line_q("%51%75%61%72%61%6E%74%69%6E%65%46%69%6C%65%28%27%27%2C%27%27%29%3B", 1)'>Insert template for QuarantineFile() - quarantining file</a><br><li><a href='Javascript:add_scr_line_q("%42%43%5F%51%72%46%69%6C%65%28%27%27%29%3B", 1)'>Insert template for BC_QrFile() - quarantining file via BootCleaner</a><br><li><a href='Javascript:add_scr_line_q("%44%65%6C%65%74%65%46%69%6C%65%28%27%27%29%3B", 1)'>Insert template for DeleteFile() - deleting file</a><br><li><a href='Javascript:add_scr_line_q("%44%65%6C%43%4C%53%49%44%28%27%27%29%3B", 1)'>Insert template for DelCLSID() - deleting CLSID item from registry</a><br></ul>Additional operations:<ul><li><a href='Javascript:add_scr_line_q("%53%65%74%53%65%72%76%69%63%65%53%74%61%72%74%28%27%54%65%72%6D%53%65%72%76%69%63%65%27%2C%20%34%29%3B", 1)'>Performance tweaking: disable service TermService (@%SystemRoot%\System32\termsrv.dll,-268)</a><br><li><a href='Javascript:add_scr_line_q("%53%65%74%53%65%72%76%69%63%65%53%74%61%72%74%28%27%53%53%44%50%53%52%56%27%2C%20%34%29%3B", 1)'>Performance tweaking: disable service SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100)</a><br><li><a href='Javascript:add_scr_line_q("%53%65%74%53%65%72%76%69%63%65%53%74%61%72%74%28%27%53%63%68%65%64%75%6C%65%27%2C%20%34%29%3B", 1)'>Performance tweaking: disable service Schedule (@%SystemRoot%\system32\schedsvc.dll,-100)</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%79%73%74%65%6D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%53%65%72%76%69%63%65%73%5C%5C%43%44%52%4F%4D%27%2C%27%41%75%74%6F%52%75%6E%27%2C%20%30%29%3B", 1)'>Security tweaking: disable CD autorun</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%79%73%74%65%6D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%53%65%72%76%69%63%65%73%5C%5C%4C%61%6E%6D%61%6E%53%65%72%76%65%72%5C%5C%50%61%72%61%6D%65%74%65%72%73%27%2C%27%41%75%74%6F%53%68%61%72%65%57%6B%73%27%2C%20%30%29%3B", 1)'>Security tweaking: disable administrative shares</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%59%53%54%45%4D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%43%6F%6E%74%72%6F%6C%5C%5C%4C%53%41%27%2C%27%52%65%73%74%72%69%63%74%41%6E%6F%6E%79%6D%6F%75%73%27%2C%20%32%29%3B", 1)'>Security tweaking: disable anonymous user access</a><br><li><a href='Javascript:add_scr_line_q("%52%65%67%4B%65%79%49%6E%74%50%61%72%61%6D%57%72%69%74%65%28%27%48%4B%45%59%5F%4C%4F%43%41%4C%5F%4D%41%43%48%49%4E%45%27%2C%20%27%53%59%53%54%45%4D%5C%5C%43%75%72%72%65%6E%74%43%6F%6E%74%72%6F%6C%53%65%74%5C%5C%43%6F%6E%74%72%6F%6C%5C%5C%54%65%72%6D%69%6E%61%6C%20%53%65%72%76%65%72%27%2C%27%66%41%6C%6C%6F%77%54%6F%47%65%74%48%65%6C%70%27%2C%20%30%29%3B", 1)'>Security: disable sending Remote Assistant queries</a><br></ul><hr>
<b>File list</b><form name="FilesForm"> <textarea rows=10 cols=80 name="FileList"></textarea></form>
</BODY></HTML>

Attached Files


  • 0

Advertisements


#17
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Your logs shows that your system is clean. If you have no further issues with your computer, then please proceed with the following housekeeping procedures outlined below.

Removing the tools we used:

Uninstall ComboFix

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now copy/paste this: ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /Uninstall, it needs to be there.

    Posted Image

  • Please follow the prompts to uninstall Combofix.
  • This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

NEXT...

OTL Clean-Up:

  • Reopen Posted Image on your desktop.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


There are a few things I recommend you to do once your computer is completely clean:

Updates for Windows - One of the essentials is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.

How to turn on Automatic Updates for Windows:

Updates for other installed software

A common attack method for hacking attempts and malware installs is to exploit known vulnerabilities in programs that are commonly installed on a person's computer. These vulnerabilities could allow a remote user or malware developer to install malware, keyloggers, and backdoors on to your computer without your knowledge or permission.
Some of the programs that are commonly exploited include Adobe Shockwave, Adobe Reader, Sun Java, Adobe Flash, and even Windows itself. Therefore it is crucial that everyone remain vigilant as to when a security vulnerability is found in our installed programs and to update it when a security update is released. Unfortunately, no one has the time to stay on top of these updates, which can happen frequently.

I highly recommend you to install Secunia Personal Software Inspector (PSI) that can be used to scan your computer for known vulnerable programs, provide information on the vulnerability, and provide a location to an update for the vulnerable program. A tutorial on how to use Secunia Personal Software Inspector (PSI) can be found here: Keep Software Updated with Secunia PSI.

Web Browsers - Picking the right internet browser is very important. You need to find one that suits your needs but that is also safe. All browsers listed below are far more secure than Internet Explorer, immune to almost all known browser hijackers, and also have the best built-in pop up blockers.

Although, if you prefer staying with Internet Explorer I highly recommend you do this :

Make Internet Explorer more secure:
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the options Download signed and unsigned ActiveX controls to Prompt, and Initialize and Script ActiveX controls not marked as safe to Disable.
  • Next click OK, then Apply button and then OK to exit the Internet Properties page.

Tips to protect yourself against malware and reduce the potential for re-infection:

Now after all these steps, your PC will be more secure. However it is important to note that you can still get infected if you are not careful. One of the best security programs you can have is common sense. As malware gets more sophisticated, you need to be more wary. If you do get caught though and the above steps can't help prevent it, we will be here to help you out.

Stay secure and thank you for choosing GeeksToGo.
  • 0

#18
DJPeroni

DJPeroni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Your help is invaluable to those of us that use our computers to make a living. Thank you!
  • 0

#19
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
You are welcome.
  • 0

#20
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP