Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC Infected...Virus/Malware Uknown [Solved]

Started by XPorter , Oct 05 2012 10:50 PM

  • This topic is locked This topic is locked

#31
emeraldnzl
Posted 21 October 2012 - 07:19 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Let's see if your machine will cope with this now:

Please run a free on line scan with BitDefender Online Scanner

Disable your anti-virus/anti-malware programs before running.

Note: these instructions were compiled using Firefox. IE users may find slight differences... just follow the prompts.

  • Click the green Start Scanner button
  • Click the green Free Scan Now button
  • Accept the plug in installation
  • Restart your browser if requested
  • Click the green Free Scan Now button again
  • Accept the eula agreement
  • The scan should start. It will be relatively quick.
  • Click View Report (note: this is not the facebook one - just click on the words View Report)
  • Notepad will open with a log
  • Save to your desktop
  • Copy and paste the report back here

  • 0

Advertisements

#32
XPorter
Posted 21 October 2012 - 07:38 PM

XPorter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Let's see if your machine will cope with this now:


Nope, failed to connect to the server again...here are the results; no blank notepad this time though:


QuickScan 32-bit v0.9.9.119
---------------------------
Scan date: Sun Oct 21 21:39:29 2012
Machine ID: D0D57883



Scan failed! Couldn't access QuickScan server.
----------------------------------------------
connect() timed out!



Processes
---------
Adobe Acrobat Update Service 1512 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
DisplayFusion Hook x86 2956 D:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
ESET Smart Security 1572 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
Everything 3296 D:\Program Files (x86)\Everything\Everything.exe
Firefox 3540 D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Firefox 8972 D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
HostsMan 3188 D:\Utilities\HostsMan_4.0.82_beta3\hm.exe
PnkBstrA.exe 1692 C:\Windows\SysWOW64\PnkBstrA.exe
PowerPanel Personal Edition 1.3 1752 D:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
PowerPanel Personal Edition 1.3 3280 D:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
RAID Monitor 1044 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


Network activity
----------------
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.192
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.160
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.192
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.192
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.192
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.192
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.192
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.168
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.168
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.168
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.168
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.168
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.168
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.30.224.42
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.71
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.33
Process firefox.exe (3540) connected on port 80 (HTTP) --> 23.60.207.139
Process firefox.exe (3540) connected on port 443 (HTTP over SSL) --> 74.125.226.46
Process firefox.exe (3540) connected on port 80 (HTTP) --> 209.17.68.209
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.161
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.161
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.161
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.161
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.161
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.161
Process firefox.exe (3540) connected on port 80 (HTTP) --> 72.247.244.80
Process firefox.exe (3540) connected on port 80 (HTTP) --> 72.247.244.80
Process firefox.exe (3540) connected on port 80 (HTTP) --> 72.247.244.80
Process firefox.exe (3540) connected on port 80 (HTTP) --> 216.137.33.21
Process firefox.exe (3540) connected on port 80 (HTTP) --> 23.60.207.144
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.71
Process firefox.exe (3540) connected on port 443 (HTTP over SSL) --> 74.125.226.78
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.46
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.37
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.37
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.37
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.37
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.226.37
Process firefox.exe (3540) connected on port 80 (HTTP) --> 107.23.55.64
Process firefox.exe (3540) connected on port 443 (HTTP over SSL) --> 74.125.226.79
Process firefox.exe (3540) connected on port 80 (HTTP) --> 23.60.207.144
Process firefox.exe (3540) connected on port 80 (HTTP) --> 23.60.207.144
Process firefox.exe (3540) connected on port 80 (HTTP) --> 216.239.120.50
Process firefox.exe (3540) connected on port 80 (HTTP) --> 64.71.251.147
Process firefox.exe (3540) connected on port 443 (HTTP over SSL) --> 23.60.194.110
Process firefox.exe (3540) connected on port 80 (HTTP) --> 69.171.228.74
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.194
Process firefox.exe (3540) connected on port 80 (HTTP) --> 24.156.130.194
Process firefox.exe (3540) connected on port 80 (HTTP) --> 50.97.236.19
Process firefox.exe (3540) connected on port 80 (HTTP) --> 74.125.133.95
Process firefox.exe (3540) connected on port 80 (HTTP) --> 50.97.236.19
Process firefox.exe (3540) connected on port 80 (HTTP) --> 50.97.236.19
Process firefox.exe (3540) connected on port 80 (HTTP) --> 50.97.236.19
Process firefox.exe (3540) connected on port 80 (HTTP) --> 66.235.142.57
Process firefox.exe (3540) connected on port 80 (HTTP) --> 66.235.142.57
Process firefox.exe (3540) connected on port 80 (HTTP) --> 37.59.67.149



Autoruns and critical files
---------------------------
Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
DisplayFusion D:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
ESET Smart Security D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
Everything D:\Program Files (x86)\Everything\Everything.exe
HostsMan D:\Utilities\HostsMan_4.0.82_beta3\hm.exe
Logitech Gaming Framework C:\Program Files\Logitech Gaming Software\LCore.exe
Logitech SetPoint C:\Program Files\Logitech\SetPointP\SetPoint.exe
Microsoft Xbox 360 Accessories C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
PowerPanel Personal Edition 1.3 D:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
(verified) Google Update C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe


Browser plugins
---------------
2007 Microsoft Office system D:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat D:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Bitdefender QuickScan C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
Bitdefender QuickScan C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\hz2nt2be.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
Foxit Reader Plugin for Mozilla D:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
Google Update C:\Users\Dan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
Java Deployment Toolkit 6.0.300.12 D:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
Microsoft® Windows Live ID c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft® Windows Live ID C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows Media Player Firefox D:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
NPSWF32_11_4_402_287.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
NPWebSLLauncher.dll C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
Uplay PC C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
Winamp Application Detector D:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
Windows® Internet Explorer c:\windows\syswow64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(verified) nppdf32.DEU D:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.DEU
(verified) nppdf32.FRA D:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.FRA


Scan
----
MD5: 84cbd6f6aa7ee399fbdc265b8ea64474 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: ba0ed7aa3c36a8da27ded1d6b3508158 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: d19c4ee2ac7c47b8f5f84fff1a789d8a C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: c8bd651e13895b93ed9ec5b4f1df42bc C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
MD5: c8bd651e13895b93ed9ec5b4f1df42bc C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
MD5: bc7b9ba1f4d4c982ae23dcc0d121c4b0 C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
MD5: f4554ec3e1a949b07f083bd52d7b279e C:\Program Files (x86)\Common Files\Steam\SteamService.exe
MD5: ae6f0a6562d3eccd613de1fd8612ac4e C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
MD5: 15c42334805b711fbf0c788a1d751528 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
MD5: 984bdac9f4fc9993ce8d3a7d7da3e9a5 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
MD5: 0a7b01235b1cbfa387b04a91e2f2b7d0 C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
MD5: 4d7f2682d29b92a6251b17957aa0b985 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: f835116b5ceeb4b88dd7b7b680c1ddde C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
MD5: 7772dfab22611050b79504e671b06e6e C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
MD5: 0a888754c63c3a5d8cd8f7492c62b40d C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 6b15a74a2d7bae2452c1ad84e717b166 C:\Program Files\Logitech Gaming Software\LCore.exe
MD5: df72d700cc33611206675b8a2fd4d4f9 C:\Program Files\Logitech\SetPointP\SetPoint.exe
MD5: ed43758bf94b8a5221d69f1b7f63f13d C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: e3bf29ced96790cdaafa981ffddf53a3 C:\Program Files\Windows Sidebar\sidebar.exe
MD5: 853e987a635c0008f53e3cc13290af6b C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
MD5: 8f628060daecf76c537bd89a53228d3b C:\Users\Dan\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
MD5: 6d74290856347cf8682277a54b433d4b C:\Users\Dan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
MD5: c9e3864fb9cbfa93d9010bcfe18a5697 C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\hz2nt2be.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: ac4c51eb24aa95b77f705ab159189e24 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: 06e771aa596b8761107ab57e99f128d7 C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\cryptui.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 64ca3862d74ea610cd64dc6ad652db5e C:\Windows\system32\d2d1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: a29d734f650f958424743be3baa052c8 C:\Windows\system32\dwrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
MD5: 40d777b7a95e00593eb1568c68514493 C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 1e8d06aae74fed674c1156b3fea911c2 C:\Windows\system32\faultrep.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: 0ba3f31e2b4d8d99df8dd19e81155374 C:\Windows\system32\ieframe.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\iphlpapi.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 0ce4d3bd306da6d1f6f233c403f5b667 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\system32\netapi32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\system32\NLAapi.dll
MD5: eb77db354791a5932ca559b6f6374e95 C:\Windows\system32\ntshrui.dll
MD5: 40132dc4a9d01bae33ee8a81143fd0f3 C:\Windows\system32\nvwgf2um.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\olepro32.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: a42e7748be906434c5fd17161d168c20 C:\Windows\system32\SCHEDCLI.DLL
MD5: f93674263f6b07c77956e966953242d9 C:\Windows\system32\secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\system32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\userenv.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\system32\wer.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\System32\winhttp.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\winmm.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\system32\WSCAPI.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\wtsapi32.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\comdlg32.dll
MD5: 1295338cfe6f249823ef9bc8d4368a84 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: 0ba3f31e2b4d8d99df8dd19e81155374 c:\windows\syswow64\ieframe.dll
MD5: eb8a00e8e9931a7ec04f920b09d880d8 C:\Windows\syswow64\iertutil.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\syswow64\IMM32.dll
MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\Windows\syswow64\kernel32.dll
MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\Windows\syswow64\KERNELBASE.dll
MD5: e7bc792810ec02dd1f7ed25d830e9324 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: e73b0f1819602cb6ef176fb78d76a47b C:\Windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: 1713d9de407313138118d501b0e3c05b C:\Windows\SysWOW64\PnkBstrA.exe
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
MD5: 3d3cbd1847f980fb03343a63671e7886 C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\setupapi.dll
MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: eda7ad21df8945528f01f0a86d69e524 C:\Windows\syswow64\SspiCli.dll
MD5: 9fac0f6d5f3d922db294e30cd3f62369 C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\syswow64\USP10.dll
MD5: 5553611e2f9ea6f613079177f1233068 C:\Windows\syswow64\WININET.dll
MD5: a7d79e9f660340ab20cd73f12910985f C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll
MD5: 2f8f37bc4a29726c65aedc3bade242a6 D:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
MD5: 4efeada6f8c0b6921d9476473ae6cc67 D:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
MD5: 066708b24047b549797ea99abf640769 D:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
MD5: c8e721917dda6e2b3cf197959239d236 D:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.dll
MD5: 21689d1e53e9bcbf082306456c7689a1 D:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
MD5: 4dab37e8beda1f286f0c40b8aab0d65c D:\Program Files (x86)\Everything\Everything.exe
MD5: 0c0195c48b6b8582fa6f6373032118da D:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
MD5: dbc50c88618094aeee22723c11d6307a D:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MD5: bc03475ec281aa1e685388896acade8d D:\Program Files (x86)\Mozilla Firefox\firefox.exe
MD5: ea2a401f59cae941df233ac8b347f83b D:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MD5: 1cdb643f6561e4648d47b6bbf7333122 D:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
MD5: c2695f2c77081f68269d93014953657e D:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MD5: cc6feb2186a2537dbd300da012428c8f D:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MD5: 461e8171cc252ce0be406f7928653493 D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MD5: ad4e1f7a31b0d1df306e16aaeeac3a19 D:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MD5: 03e9314004f504a14a61c3d364b62f66 D:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll
MD5: 67ec459e42d3081dd8fd34356f7cafc1 D:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll
MD5: bba763abf2de608fb5d196d4037695d8 D:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MD5: ae3023742879c317a1b1ca576185da98 D:\Program Files (x86)\Mozilla Firefox\nss3.dll
MD5: 6ade2a1469d6cc8263d0bbe05fa60b5c D:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MD5: 45357a45cb97c45a21a675cfc0070223 D:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MD5: a20918072f6e8d1175f1ccf4b3809e2c D:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MD5: b67dd248876685c9c6f981b462876fad D:\Program Files (x86)\Mozilla Firefox\plc4.dll
MD5: b1c8afe8e448dab0d8e9d4eaef2c5fe4 D:\Program Files (x86)\Mozilla Firefox\plds4.dll
MD5: 0a9153fe672d620a8e8d921f2934749d D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MD5: 99f97c9fe748c37528c338a423577fcb D:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
MD5: ff030b5f429a1a8c18821e4595599c1f D:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 9a6101f29e2e9d41b99cbcc8f106e8fe D:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
MD5: 0a7b01235b1cbfa387b04a91e2f2b7d0 D:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
MD5: f6a25814f6d9df2c2c14189bf7231258 D:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
MD5: b5589f1f0aedc9cdfc6a3bab55b9a340 D:\Program Files (x86)\Mozilla Firefox\smime3.dll
MD5: b6a4e9a4364ee9a6cd8d81ca3ab9ee36 D:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MD5: b2a0cb1c0a17a6c04625de4457b4b847 D:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MD5: f3ca1c3694eac2b2e44aef94406e3768 D:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MD5: c9cb0a6626b731206bf9e1007ce4755d D:\Program Files (x86)\Mozilla Firefox\xul.dll
MD5: 293bbb2f26200f92dc5917751a489f3d D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
MD5: c7bb95cf9631aa401e4aded1648f6af7 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
MD5: 6850a67df27e42a51805af2a0f8235f1 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll
MD5: 3629d654b61c49ee199b6c7822d5645d D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll
MD5: 56a494af81a76498e93ed0091f9557e4 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll
MD5: f1f2e1983d5a32590002702c634f9ad2 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll
MD5: d23bbc0827b1d8730c8c1cfa1d82ccd5 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll
MD5: 225b0dfb3490fd7860b0c12a8103031a D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll
MD5: aa7f66b5d4b20a8bf4d0607ecfa0d274 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll
MD5: 8bd055a8eb90193b72f5175fa8506156 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll
MD5: f26102500a90e72fa73e9ab40c1dfb81 D:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll
MD5: 309d4e087d3005aec1f486c7ee0d0050 D:\Utilities\HostsMan_4.0.82_beta3\hm.exe


Scan finished - communication took 20 sec
Total traffic - 0.00 MB sent, 0.00 KB recvd
Scanned 291 files and modules - 20 seconds

==============================================================================
  • 0

#33
emeraldnzl
Posted 21 October 2012 - 08:07 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello XPorter,

Nope, failed to connect to the server again...here are the results; no blank notepad this time though:


Looks as though it was pretty much successful though. :thumbsup:

I think we have done as much as we can for now. My suggestion is that we remove the tools we have been using. After that, use your computer for a day or two and see if you are happy with things.

I will leave the topic open for say four days so that you have time to come back if need be.

Now

We have a couple of last steps to perform and then you're all set.Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.
  • Go to Start > Programs > Accessories and click on Run
  • Copy and paste the the bolded text below in the box then hit OK

    Combofix /Uninstall

    Posted Image
Step 2
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. Erunt can also be uninstalled via the add/remove programs utility.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if unistalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:

  • If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

    And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  • Malwarebytes
  • SuperAntiSpyWare
Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0

#34
XPorter
Posted 21 October 2012 - 09:06 PM

XPorter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hey,

I followed your instructions and removed the utilities we used for all the scans and fixes. Some of them that did not get removed from that process or ones that were not in "add/remove programs" I deleted manually from the desktop.

Thank you very much for taking the time to help me figure this out...I will do as you suggested and if I encounter any abnormalities I will post back here.

Thanks again mate!

Hopefully I will not need to post back here...

Dan Porter

P.s. thanks for the links and suggestions!
  • 0

#35
emeraldnzl
Posted 21 October 2012 - 09:13 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hopefully I will not need to post back here...


I will keep my fingers crossed. :P


Thanks again mate!


Your welcome. :)
  • 0

#36
emeraldnzl
Posted 07 November 2012 - 01:50 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP