Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan agent/ Gen-Zbot [Solved]


  • This topic is locked This topic is locked

#16
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
OK we will do some cleanup and use an alternate online scanner to check things.

Step 1.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image




  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: f:\Program Files\Babylon\Babylon-Pro\Utils\[email protected] [2013/04/23 01:28:14 | 000,000,000 | ---D | M]
    O4 - HKU\S-1-5-21-299502267-1606980848-839522115-1007..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H File not found
    O4 - HKU\S-1-5-21-299502267-1606980848-839522115-1007..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
    O4 - HKU\S-1-5-21-299502267-1606980848-839522115-1007..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
    [2012/11/23 14:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Allaho akbar\Application Data\Registry Mechanic
    [2013/06/01 15:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Allaho akbar\Application Data\uTorrent
    
    :files
    ipconfig /flushdns /c
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 2.

Please run a free on line scan with BitDefender Online Scanner

  • Click the green Start Scanner button
  • Click the green Scan Now button and wait a few seconds until a request appears from Bitdefender
  • Accept the plugin installation
  • Restart your browser in Administation mode if requested
  • Click the green Scan Now button again
  • Accept the eula agreement if asked
  • The scan should start. It will be relatively quick.
  • Click View report (note: this is not the green button - Free download - just click on the words View report under the black button "Get QuickScan for your website")
  • Notepad will open with a log
  • Save to your desktop
  • Copy and paste the report back here


What I need from you:

  • OTL fix log
  • Bitdefender log

Also give me an update on any issues.
  • 0

Advertisements


#17
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
In MBAM , the protection tab has only the start trial feature which I have not started. I do not see all those choices so I will assume I dont get all those features with the non trial free version
  • 0

#18
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Correct just run the OTL fix and the Bitdefender online scanner.
  • 0

#19
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
I just ran OTL and here is the log



All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
f:\Program Files\Babylon\Babylon-Pro\Utils\[email protected]\chrome\skin folder moved successfully.
f:\Program Files\Babylon\Babylon-Pro\Utils\[email protected]\chrome\content folder moved successfully.
f:\Program Files\Babylon\Babylon-Pro\Utils\[email protected]\chrome folder moved successfully.
f:\Program Files\Babylon\Babylon-Pro\Utils\[email protected] folder moved successfully.
Registry key HKEY_USERS\S-1-5-21-299502267-1606980848-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-299502267-1606980848-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-299502267-1606980848-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\Allaho akbar\Application Data\Registry Mechanic folder moved successfully.
C:\Documents and Settings\Allaho akbar\Application Data\uTorrent\share folder moved successfully.
C:\Documents and Settings\Allaho akbar\Application Data\uTorrent\ie folder moved successfully.
C:\Documents and Settings\Allaho akbar\Application Data\uTorrent\dlimagecache folder moved successfully.
C:\Documents and Settings\Allaho akbar\Application Data\uTorrent\Cache folder moved successfully.
C:\Documents and Settings\Allaho akbar\Application Data\uTorrent\apps folder moved successfully.
C:\Documents and Settings\Allaho akbar\Application Data\uTorrent folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Allaho akbar\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Allaho akbar\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Allaho akbar
->Temp folder emptied: 47731430 bytes
->Temporary Internet Files folder emptied: 5344901 bytes
->Google Chrome cache emptied: 246095873 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32969 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP
->Temp folder emptied: 0 bytes

User: TEMP.ALLAHO-3FEA220E
->Temp folder emptied: 0 bytes

User: TEMP.ALLAHO-3FEA220E.000
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2176856 bytes
%systemroot%\System32 .tmp files removed: 6604561 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3222287 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 30250100 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 25982231 bytes

Total Files Cleaned = 351.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 06032013_224954

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...





After reboot , a report came up about an unknown device on the pc and it is marked in a yellow question mark in the device manager

I will run Bitdefender now and I am crossing my fingers that there wont be a power outage during the scan
  • 0

#20
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
wow that was quick :D




QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Mon Jun 03 23:27:07 2013
Machine ID: F8686FBE



No infection found.
-------------------



Processes
---------
essvr.exe 1468 C:\Program Files\Gigabyte\EasySaver\essvr.exe
Google Chrome 3504 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 4060 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 984 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 2288 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 1616 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 1756 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 3348 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 3852 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 3988 C:\Program Files\Google\Chrome\Application\chrome.exe
GrooveMonitor Utility 3244 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
IEMonitor Application 688 C:\Program Files\Internet Download Manager\IEMonitor.exe
Internet Download Manager (IDM) 3424 C:\Program Files\Internet Download Manager\IDMan.exe
Kaspersky Anti-Virus 1388 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
Kaspersky Anti-Virus 3296 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
LightScribe 1660 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Microsoft® Windows® Operating System 2056 C:\WINDOWS\system32\mmc.exe
Microsoft® Windows® Operating System 1212 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 3548 C:\WINDOWS\system32\searchfilterhost.exe
Microsoft® Windows® Operating System 3204 C:\WINDOWS\system32\searchprotocolhost.exe
Microsoft® Windows® Operating System 880 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 444 C:\WINDOWS\system32\wuauclt.exe
NVIDIA Driver Helper Service, Version 3 1716 C:\WINDOWS\system32\nvsvc32.exe
NVIDIA Update Components 1856 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
RealPlayer (32-bit) 3252 C:\Program Files\Real\RealPlayer\Update\realsched.exe
Realtek HD Audio Sound Effect Manager 3312 C:\WINDOWS\RTHDCPL.EXE
Sandboxie 1968 C:\Program Files\Sandboxie\SbieSvc.exe
Skype Click to Call 484 C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
USB Disk Security 3160 C:\Program Files\USB Disk Security\USBGuard.exe
(verified) Microsoft® Windows® Operating System 1232 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 3600 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 1416 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 1504 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 3336 C:\WINDOWS\system32\rundll32.exe
(verified) Microsoft® Windows® Operating System 2124 C:\WINDOWS\system32\searchindexer.exe
(verified) Microsoft® Windows® Operating System 1492 C:\WINDOWS\system32\Services.exe
(verified) Microsoft® Windows® Operating System 888 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 2944 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1356 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 220 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 524 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 296 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1684 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1772 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2024 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2060 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1448 C:\WINDOWS\system32\winlogon.exe


Network activity
----------------
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.39
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 92.123.211.139
Process chrome.exe (3504) connected on port 80 (HTTP) --> 54.240.172.104
Process chrome.exe (3504) connected on port 80 (HTTP) --> 31.186.225.24
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.45
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.25
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.121
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.157
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.95
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 77.67.28.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 88.221.31.167
Process chrome.exe (3504) connected on port 80 (HTTP) --> 213.158.175.58
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.95
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.50
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.51
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.43
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 77.67.28.43
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 31.13.80.17
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.39
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.58
Process chrome.exe (3504) connected on port 80 (HTTP) --> 95.101.159.196
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 69.171.248.16
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.39
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.32
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.57
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.38
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.121
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.39
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.56
Process chrome.exe (3504) connected on port 80 (HTTP) --> 213.158.175.112
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.47
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.57
Process chrome.exe (3504) connected on port 80 (HTTP) --> 213.158.175.16
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43

Process avp.exe (1388) listens on ports: 1110
Process svchost.exe (1772) listens on ports: 135 (RPC)


Autoruns and critical files
---------------------------
Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Facebook Update C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
GrooveMonitor Utility C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe
Kaspersky Anti-Virus C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
Kaspersky Anti-Virus C:\WINDOWS\system32\klogon.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\upnpui.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
NVIDIA Media Center Library C:\WINDOWS\system32\NvMCTray.dll
NVIDIA Windows Display driver, Version C:\WINDOWS\system32\NvCpl.dll
nwiz.exe C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
RealPlayer (32-bit) C:\Program Files\Real\RealPlayer\Update\realsched.exe
Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE
RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe
USB Disk Security C:\Program Files\USB Disk Security\USBGuard.exe
Windows® Search C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Bitdefender QuickScan C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
Facebook Video Calling Plugin C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
Google Update C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Internet Download Manager Module c:\program files\internet download manager\idmiecc.dll
Internet Download Manager Plugin C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.14_0\IDMGCExt.dll
Java Deployment Toolkit 7.0.210.11 C:\WINDOWS\system32\npDeployJava1.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\plugin\npUrlAdvisor.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0\plugin\online_banking_npapi.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\plugin\npVKPlugin.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0\plugin\npABPlugin.dll
Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
MSIExecWatcher.exe C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\MSIExecWatcher.exe
QUICKfind e:\program files\idm\quickfind\plugins\iehelp.dll
RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
RealNetworks™ Chrome Background Exte C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
RealPlayer Download and Record Plugin c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
RealPlayer Download Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
RealPlayer™ HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
Skype Click to Call C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\npSkypeChromePlugin.dll
Skype Click to Call c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Yahoo Application State Plugin C:\Program Files\Yahoo!\Shared\npYState.dll
Yahoo! Toolbar c:\program files\yahoo!\companion\installs\cpn1\yt.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Scan
----
MD5: 92baa7debedc6ebe803bc14bc5180ab3 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3
MD5: 4177f7840572920573fa800b3519c744 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\avengine.dll.4177f7840572920573fa800b3519c744
MD5: 5d36dc0bd740bc9d5c5aea9e6b8e67fe C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\bsshlp2.kdl.5d36dc0bd740bc9d5c5aea9e6b8e67fe
MD5: 5e27e54f3b4175e0e6dfee726b87a311 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\kavbase.kdl.5e27e54f3b4175e0e6dfee726b87a311
MD5: 7b53984bb934e599a4e3668b2f678d48 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48
MD5: a918b448be75f1e6825549ddb6692d7a C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\kjim.kdl.a918b448be75f1e6825549ddb6692d7a
MD5: 2ce40beffd5b79c62535ba2f9ce7942e C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\klavasyswatch.dll.2ce40beffd5b79c62535ba2f9ce7942e
MD5: 6cb560907292a84cd0a6ba0e9e8b632c C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\klavemu.kdl.6cb560907292a84cd0a6ba0e9e8b632c
MD5: fed411a74cc5c5dac6ac7d81339fc781 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781
MD5: 41dc267440bc79cb8c2216bd28f1f254 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254
MD5: be99d2031eb3aa6699eecce74df88b01 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\pdm.kdl.be99d2031eb3aa6699eecce74df88b01
MD5: fb1fec251baaa2ab4237fb3cff510751 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\qscan.kdl.fb1fec251baaa2ab4237fb3cff510751
MD5: 80a1fcd7c0dfdce2c316d7830ffafe93 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\uds.dll.80a1fcd7c0dfdce2c316d7830ffafe93
MD5: 317df7c0eff0939e6289f5c72f65ba51 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51
MD5: 6df1b9a5143ce44b2d19ca255f94692d C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\sys_critical_obj.dll
MD5: 78693efb803c77f731726e7fa65a6517 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll
MD5: eada87878d898aa6fd9dd67201cb6da0 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpcommon150browserrecordplugin.dll
MD5: c61e4513204bcc4b330e7ad50c4c82c0 c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
MD5: 555e65306a5d3a5978be74e1dd62cdd9 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
MD5: e32771b0ae3f18ceffc12d682025238a C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: 0c1b2e3a897397738d9f81cd3d152af0 C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
MD5: 2a3fb4c98f139038e23330d2439db8a4 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
MD5: 0b31b0f8fa99cfd009c8fbea9e20c9de C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
MD5: 3844598f18aa24f6405a9d8dc1aa3e65 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\plugin\npUrlAdvisor.dll
MD5: ab581254bd4bfdd2334ef828f55f691a C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0\plugin\online_banking_npapi.dll
MD5: fa79316a3c05a849a2a3ab92871caf28 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\plugin\npVKPlugin.dll
MD5: 25e267dceaee1985f2f1e86243d5aa7a C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.14_0\IDMGCExt.dll
MD5: fccc3b6980d5f0387ce9718fe82f7b67 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\MSIExecWatcher.exe
MD5: e748ee5cc148102ec918bee1a13c7f80 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\npSkypeChromePlugin.dll
MD5: 853e987a635c0008f53e3cc13290af6b C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
MD5: 3a9c232439009165c1189b9bde9daaf6 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0\plugin\npABPlugin.dll
MD5: b1bb8edc9d83d8096ee873f04cee600c C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
MD5: f9616d202b0124d373d2d82a4aa66b1d c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: 75b9d3fe25d597301fb7334147db2498 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: c4ebbbd7165be535f0bfd06b80601d91 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
MD5: c1a3af85dbfc67988fb71ce5e8f3b570 C:\Program Files\Common Files\LightScribe\LSLog.dll
MD5: f3918787f9d5f5ff2da57cdefb858ec5 C:\Program Files\Common Files\LightScribe\LSSProxy.dll
MD5: 6e5dac168d1ff9843e84a59d51d31107 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
MD5: bb0667b0171b632b97ea759515476f07 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
MD5: 42fc6190353e63b415870b8da84cf1aa C:\Program Files\FreeArc\bin\ArcShellExt\ArcShellExt.dll
MD5: 2c31dcaa88d269e13a935910dbb4cc61 C:\Program Files\Gigabyte\EasySaver\essvr.exe
MD5: db8edc434deb6ed687108817e6b3c7f3 C:\Program Files\Gigabyte\EasySaver\YCC.DLL
MD5: 9a741077112de8f9a12806ee228c2307 C:\Program Files\Google\Chrome\Application\27.0.1453.94\chrome.dll
MD5: 4763adc41ba4e0ff8740251705ca3f7f C:\Program Files\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MD5: 59b55c1a2e4b2f8b65d3175a1782af5a C:\Program Files\Google\Chrome\Application\27.0.1453.94\icudt.dll
MD5: 9820ccff5cd068ac9c0fffb9f688f4f8 C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
MD5: 7985b2f574f116f73d3b5772e3dc3301 C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
MD5: d68678e3a6fed6c81b5a2f5ce64a8e8f C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
MD5: 51c392ec9da1119ec86d562ff3e7344f C:\Program Files\Google\Chrome\Application\chrome.exe
MD5: 3d928b3fe97c403a33f803b3d1a260c9 C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
MD5: 506708142bc63daba64f2d3ad1dcd5bf C:\Program Files\Google\Update\GoogleUpdate.exe
MD5: 3b264541b6ae34afd6554872a769a0f3 C:\Program Files\Internet Download Manager\IDMan.exe
MD5: 90359dc6eaf19eb4cba0c4ad3d087560 c:\program files\internet download manager\idmiecc.dll
MD5: f3d66d5aff658162d93edbcda2da35dc C:\Program Files\Internet Download Manager\idmmkb.dll
MD5: 109e86dfb7ded3234f0ffeec710843f7 C:\Program Files\Internet Download Manager\IDMNetMon.DLL
MD5: 36503cd4506f7a2033a3330c2a2bcc4e C:\Program Files\Internet Download Manager\IDMShellExt.dll
MD5: faa729bc3b4ec2900d14e1f0f4d30ed0 C:\Program Files\Internet Download Manager\IEMonitor.exe
MD5: 83fe7fe9b5517e778facf064cec60715 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ac_facade.dll
MD5: f1a0027050ac41c6802faf28888957ba C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ac_meta.dll
MD5: 919a4739c4b8ceda369405530a889d0a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\acassembler.dll
MD5: 957a2927ec4c8b02cb7706ba6cdb6cd3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ahids.ppl
MD5: 0acdc5b7073072e52dc4b4190bb0c925 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\am_facade.dll
MD5: 07f196a739dc3348a9c383fa482a8479 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\am_meta.dll
MD5: 16cb6eb0cafe1c54c1be0c28b999595e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\anti_phishing_http_filter.dll
MD5: 2d5cb83e8418de45a0b4e41299c87304 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\antispam.ppl
MD5: 6b4a35d9e6d1e54754fb7748d080bc13 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\aphishex.ppl
MD5: e900ae4dcadbe638f49bb325790d0b26 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\app_core_legacy.dll
MD5: a5c4621630c53bceb98e733905e29e30 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\app_core_meta.dll
MD5: d075349164dce1cd47099daa85a62c03 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\appcat.ppl
MD5: 5a3fe1edb84c92dda14ea19cb66962ab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\arj.ppl
MD5: 6fddd18a650764a59302a018765e5521 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
MD5: e4ef421e71be48db62d510504404d71b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpgui.ppl
MD5: 88434b11d5dcd027ffa80183ecd9cf00 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpinit.dll
MD5: f213534aff8c78a87e2c5abcbde30e76 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpmain.dll
MD5: 56f79b31a74f7e121dd2e51e3df34102 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpservice.dll
MD5: a5b9b29600d3486bae6e31cfad9a403d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avs.ppl
MD5: da2bd3528312e758442e19a89c520545 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avzkrnl.dll
MD5: 7f26b09ab4ab6a006e04ae3ecfc41e7a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\basegui.ppl
MD5: f28cc871387bb313be5c4ba9f7f8b166 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\bl.ppl
MD5: 057ffe925cd91ee79871ecaf66121142 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\buffer.ppl
MD5: 3ccc41c80269b0a94561d729c958ec9e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cab.ppl
MD5: d940842ba6027bd8fe97917e1ee5c837 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cbi.dll
MD5: da51ffd17e14bd52c226d91c138c867e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_anti_malware.dll
MD5: cf8a9e8a7f12c8707cba7e4e12d78d3f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_anti_malware_facade.dll
MD5: 582b55700c685eb85f087dfc746eb09c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_anti_malware_http_filter.dll
MD5: f4ce45681a9697ac9f464e65f15914d1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_facade.dll
MD5: 454f384b7a0ebb338103fce2bf9d5e3e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_http_transformer.dll
MD5: 215e67ebc26e977267d62bbad5029f46 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_prague_adapter.ppl
MD5: 5fce0236e964e5304b4da507c67ab60a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_response_provider.dll
MD5: 6653c88dc87bc5bbad036d89b4234781 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\CKAHComm.dll
MD5: b9bfbdac872a32b2d100dc0b77f8c0f8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ckahrule.dll
MD5: a6a06797897a87ce22c3aea915df39ba C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\CKAHUM.dll
MD5: 63ca3208528ffed0995dd3d9aa4fef09 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\content_filtering_meta.dll
MD5: 90f494f351457f7ab59c351e84ef1e1f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\crpthlpr.ppl
MD5: 1dcca8ebd279afc7360b94e1543dcd29 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\CryptoStaticProvider.dll
MD5: 63a9b3e681559ad709b084888c677d21 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\deterministic_anti_phishing.dll
MD5: 478cf0a231e9cd9b4b46f0174b328a65 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\diffs.dll
MD5: 39b354058995b9f90b6276ec9080b207 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\dmap.ppl
MD5: 96b187c26b53887ef7b969fb98241a79 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\dtreg.ppl
MD5: a74e407dabd12cf91ae99120a2f5d38c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\DumpWriter.dll
MD5: 710f6463097ca1bbb08eeee5e58b2eff C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\eka_meta.dll
MD5: 6b90c3b746951ec2480225b53708ef50 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ekasyswatch.dll
MD5: 6d7a0d5388f0bcef35a6ffb2edb1d69d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\excludemanager.dll
MD5: ad172df0b787737f7676df2acc2a614e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\EXTLprtc.ppl
MD5: d96e1fd6b0b90587030641ebd6a2690c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FileCategorizer.dll
MD5: e89f7caf78a69c1b906dbf968650f7e5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\filesystem_services.dll
MD5: c9891229f15235370a2d2807a39bed58 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\finance_url_categorizer.dll
MD5: bd12a38cd2a3acff39e5326ede4d6a18 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\format_recognizer.dll
MD5: 91265e4e9eb6e6995d083f5cd59dd4a2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\fsdrvplg.ppl
MD5: d00e84779a324f9eccb395a30c179613 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\fssync.dll
MD5: 3c5b6295e58d1a706fe20db525a07bc4 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FTPprtc.dll
MD5: 08269669fe40cc2fa7eb2d77639d17e5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\hashmd5.ppl
MD5: 97d6ba0e1112f87062426f4f3f73dfec C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\heuristic_anti_phishing.dll
MD5: 7c745a18fc8a17b75901165c9432e438 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\hips.ppl
MD5: 98fa7e71e708d6871487570416a3c53b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\httpanlz.ppl
MD5: 1d2ca83a42d6720e7c75268357d746e5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\httpscan.ppl
MD5: 9821b8a749ee4f47f63fa8ba128a5ef3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ichecker.dll
MD5: f9f39e32ef76dc47de4a1589e83334ac C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ICQprtc.dll
MD5: e951fbaa8e915ca8a9db8fb1dcbc9833 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icudt40.dll
MD5: a4114d161d23ecaaf4de06a39899cd9e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icuin40.dll
MD5: 8f6d6912a24fda85add25aeb7b3a2bd5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icuio40.dll
MD5: 41bed19237e4a879494d3961d18a2547 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icuuc40.dll
MD5: 2c17f6856a0cbe0b7f8caa5bc8881556 c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
MD5: 4be78ddf7e7cf2f627fed3ed5ac2e84e c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
MD5: 797bc225a8c69c77acb8c2839f88b562 c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
MD5: 12ab2d9320193c68697ba6ae15a62f9b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imageformats\qgif4.dll
MD5: 256c2735bd9ab8626acca325d7afbdb9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imageformats\qico4.dll
MD5: 0c0d89856a1710d5bc5d2c6e1a84ec5e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imageformats\qjpeg4.dll
MD5: cd3b4724868f1c6bbab55b92d6d97e46 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imapprtc.ppl
MD5: bf66eae38955f96e5dd1eae8a3890e57 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imc.ppl
MD5: 4419c4ccbfcb27e26cf776c66e632e0c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\inflate.ppl
MD5: fb3c7c3edeff065d431630110f36ef19 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\instrumental_meta.dll
MD5: 9107f80daf16be8aa75b86530ce38f8e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\integrity_control.dll
MD5: 7c2581b8b970609967c459bdb6438e47 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IRCPrtc.dll
MD5: 64608d105d5c6e1894a1c58a821f0f49 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\JbrPrtc.dll
MD5: 5257f781661bc93e31d6697aef1301b8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\key_value_storage.dll
MD5: 4a83c0ad4304cecbef1aa1ca605aeb4e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klifpp.dll
MD5: 6d43dd8216357158f064aacde3e3605a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klifpp_meta.dll
MD5: 6bb88b18c921b10e8e67ac519b20c6b3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klscav.dll
MD5: d62f58f2226262fccc93771db2134ec4 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
MD5: c246f3a45bb7f89800e628ca7aba0eab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_client.dll
MD5: 53c7264acc97a316fb62265a28f18a63 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_facade.dll
MD5: 0de82cd2694808d89aebbf2af250301c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_meta.dll
MD5: b289f1b6e040476694e0de5a4fdd8e0d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_statistics.dll
MD5: a439bcaf18d09debf4b7c648e34ffbd8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksnhelper.dll
MD5: a9ffabf72a6d36c838c7a4f053e0ee92 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\lha.ppl
MD5: 327f962d4c257a9a3a36bc749d59a6b1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\libcurl.dll
MD5: 6feb064bc2029c64576f21cc04f96cd6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\LIBEAY32.dll
MD5: 99670d384f97a7f2fb5bf8af29c201fa C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\lic.ppl
MD5: fa6e031f14e789134de0dcfef8940a9f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\localization_manager.dll
MD5: e92d2f477a469e23917d1bcadf125264 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mailmsg.ppl
MD5: adf69da68ce38244a710b92d34cd212e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mc.ppl
MD5: 9afe21ac15d46df9147ab7a839166475 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mdb.ppl
MD5: 4c77c4a1ad6ba891c554e8b9589a56e4 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mdmap.ppl
MD5: f2172aaae0d8ba3a5be37ddee24f1348 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\memmodsc.ppl
MD5: 688d3e38aa1ab53b8aaa072afa2adf15 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\memmon.dll
MD5: 3ba510c3612849c52bf1835d14102847 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\memscan.ppl
MD5: a4b322d95ddf22c17f4722755458f9a6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\minizip.ppl
MD5: 4ec01449e612f3a2632ded2d6a716fac C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\MMPprtc.dll
MD5: 9465090cb07ab7fc901eca0ac8871013 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\MSNprtc.dll
MD5: 3e0985edfd29d15d396334b4cd777d2e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\msoe.ppl
MD5: 1256856bf0a5569589d28ef018c7b3d9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ndetect.ppl
MD5: b4b9e56542f5b78779da54a02f845618 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\netwatch.ppl
MD5: aaaf96b09f1eaec774dfe91d60db868a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\network_services.dll
MD5: e53103ec79f4d0c503f459f6be59d2ec C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\nfio.ppl
MD5: f0558ef77bb94754dd31f9d7eb76382f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\nntpprtc.ppl
MD5: 8a4119364fe1b179ecc5a2d594f94238 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\oas.ppl
MD5: 038bec4a3bbb031a5c83812ca8f2bac2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ods.ppl
MD5: 874765cc2ef704cf04edad33790ca9fd C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\office_antivirus.dll
MD5: 1c02ec34c5b28c71efd0f4e6b282036d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\office_antivirus_facade.dll
MD5: f9d66e2bc3d64144e7b84016d76f7a56 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\online_banking_facade.dll
MD5: 25a5b1605af4188cf36d92103702708c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\packed_io.dll
MD5: 7e3b3f7ff7a8bade638648cbd42fe70d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\params.ppl
MD5: fe0e7137c8ab02bb3fdc899980a20905 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\parental_control_gui.dll
MD5: f1287602d47302a8781235d8c338dc7d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\persistent_queue.dll
MD5: 267999c7476b6563a98996dd5681cb4b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\platform_metainfo.dll
MD5: 9fbd4e134d6cb3f7cd37c034bcde0328 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\plugins_facade.dll
MD5: 26dbf795795b36dc555d0293ec8396a1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\plugins_meta.dll
MD5: 3f6a732325bf91178ca8243e1718afba C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\pop3prtc.ppl
MD5: 9481826102a27dce3ca968aec0e223ab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll
MD5: 317f465f797a4fe7434eea2dd8f389e1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ProcessMonitor.dll
MD5: 3afce727dce26a1e91b9573f74034e14 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\procmon.ppl
MD5: 02fa2a9567c36a068043cb380a75539d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\propmap.ppl
MD5: 5b9f703a6e07c5b79a38523dd768b938 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\proxydet.ppl
MD5: d80125fda60e4eee59c1b8342aea16a6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll
MD5: fa03a5951aecfafa1451c5d7cca41ea0 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prseqio.ppl
MD5: 5bf5f6a848337a26721c2f66033ea75c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prupdate.ppl
MD5: f167dda37f7bcf0d4de33f877bfc470d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prutil.ppl
MD5: 7a54db3a116629b64832d22b640ff39c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\pxstub.ppl
MD5: aa39fa3316aab40e7326f0fc61219176 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\qb.ppl
MD5: c3c6bce55e6f533778db6dbe50c36069 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtCore4.dll
MD5: 9b03e319c59fe1d00009ee870697f06a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtDeclarative4.dll
MD5: 2eb0b4586da4a0bafa7d7b2ccd74ed92 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtGui4.dll
MD5: c3ad6007589c7270d5e4eee4645e2ac5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtNetwork4.dll
MD5: 10e005139728d1024a4d749029f13d89 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtScript4.dll
MD5: 85bb00594af1ef057bd227bda2fb4011 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtSql4.dll
MD5: 2163555d2df66cc1929b940b934a96ea C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\rar.ppl
MD5: 9a5cd8b271db0ebaf6951e2a9d756e8e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\regmap.ppl
MD5: 72f0fa86c9c56494ff68e3955fb365b5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll
MD5: 42dcc37fb6156338a143483ef7a1d8dd C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\report.ppl
MD5: 0f117c63b346d9a2589c6140ccb56cda C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\reportdb.ppl
MD5: 9d087c7ee09d8becdfaeaae2703f28b2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\safe_banking.dll
MD5: 640a1a16cad458ddfd65247b7f8f1246 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\sc.ppl
MD5: e971d49d88ef3eda43192bd695473490 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\schedule.ppl
MD5: 26714dc5d5eb5dbb2a830795fad002bf C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\scrchpg.dll
MD5: 54aafce5034c2ff1ec70eb19339bdd69 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\secure_input_manager.dll
MD5: 62c745bdb170569d4641e542882f88ec C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\service.dll
MD5: eb48a4aabba61081bf798f3a3770c8ad C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\sfdb.ppl
MD5: bdbf37c81aeaeedba3bea2698a7edb8d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll
MD5: dd1af94b33748541be2d6ef0c443524e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\smtpprtc.ppl
MD5: d4446dcf1425802657f5ad2226663d3a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\SSLEAY32.dll
MD5: b6172e9f1bbe5ef6e40557875874117f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\stat.ppl
MD5: 1c22fab4c8ee828773c3038dae18e733 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\storage.dll
MD5: f7624a94957201d7c2a35491aba6c92f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\swpragueplugin.dll
MD5: 390f945076556bd19ffe4921a257547e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\thpimpl.ppl
MD5: 5d93dfbdfd210b4eaf1c700593c4a62c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\threats_disinfection.dll
MD5: 58d5d1fa37b9550bdbd45daeb27f49c3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ThreatsManager.dll
MD5: 498c0794104c99da24eeb5682a377aa5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\timer.ppl
MD5: 95798f8386d204a8283e8c41df02b973 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\tm.ppl
MD5: 723584e6f0a55729d93a2dd183445da2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\traffic_processing_product_facade.dll
MD5: abc9d43f0f7a9cd0a514dbfeb3e69d9c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\trafmon2.ppl
MD5: 0d15c1dc21ac825f159ee8ed1710749c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\transport_provider.dll
MD5: db93c78533a80b6bcdcfe8cb07eb5ea5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ucp_agent.dll
MD5: 9ba024c33b37b22d7a009530df8a02ab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ucp_meta.dll
MD5: e2a1a91629cf89469c22a5ef3814af62 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\uniarc.ppl
MD5: b9e75399b99c40673588b7cc28493cb9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\unlzx.ppl
MD5: afbe8869913e1a475ec0341328b4d3f2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\unstored.ppl
MD5: 232a82980e837c8b5fcbe1ee88b63ab9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Updater.dll
MD5: a0b416ee90a9c0f187019cfba99b48fc C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\updater_meta.dll
MD5: fa17d1107b4fcb6132c1450d9ccea8e6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\url_processing.dll
MD5: fc3eaf18fb50b523001baf4b897b4673 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ushata.dll
MD5: 9621e25805fe42d9e78ae6fe547312d8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\vercheck.ppl
MD5: 399ec7f2c6e9a3eaa3735ee50f578e9a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\virtual_keyboard_facade.dll
MD5: 8ebedcb6fffd1d9d3693579c115f6615 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\volenum.ppl
MD5: 15fd2a7e6cda986c0a631e4779a33c87 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\vulnerability_status_provider.dll
MD5: a5df11794648845235c6cb2d7e96b5b2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\wdiskio.ppl
MD5: 38a7ce63fdd4f694d5317a8b8e4bad38 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\web_content_categorizer.dll
MD5: 01c1b863479543f966655689d9b4752a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\webnetstat.ppl
MD5: 1c174c4666f1d84f3ae71e4fa8c2a369 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\winreg.ppl
MD5: 66850145f146fbbf675ad342fd0e5206 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\wmihlpr.ppl
MD5: 06eaa056c508fd867689b8b1fb24f7de C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Yhoprtc.dll
MD5: 0fa909fa83979ceeace4b83f771afe42 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 123271bd5237ab991dc5c21fdf8835eb C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
MD5: 533aecd1b5356870ae2d905b4d3b42b7 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
MD5: 0e34b7bb1fcf22bcc1e394d16f9e992b C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
MD5: 30efebdc960a482e3e188b9960b286e2 C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL
MD5: 30db64d316f502558db2380f7343c9fd C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MD5: d8c2b95bc2353e1f18850d6b8f5dba13 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
MD5: 207204af80505af51271fe164b56f662 C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL
MD5: c92d20a6e35e232004d83dc10a78878a C:\Program Files\Microsoft Office\Office12\USP10.dll
MD5: 0d01287d85b3715fa8270e8ec919b7f7 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
MD5: 5f63626ac57fbb1e7dd4a73c723a5f83 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
MD5: 37c8ec2860df210ed93a94bf6525cbc7 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
MD5: 6e0f29bd0e792618ff285ab094f4dcef C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
MD5: 1d18c4172c53f3411f80b3a58f1d740b C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU.DLL
MD5: c551e83adb312f0353961267f02d7047 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MD5: 8657c4cff27f0ada25a2c33f3bbf2955 C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
MD5: 04a6facebfb8b02cedff39bd4d5e0714 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MD5: 2dc6257a367a6182e40f748d0396aaf9 C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
MD5: 256c847cd03160c9088fb440db929448 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
MD5: 1e3aa02f2c91a2b25efb4e355160cdca C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
MD5: a73731a0b0a165907799e9afb461f856 C:\Program Files\Real\RealPlayer\Update\realsched.exe
MD5: e6019253451dbb67740f7027ad9e1cb5 C:\Program Files\Real\RealUpgrade\realupgrade.exe
MD5: 913311f5f69932adc29b0ff3015494cd C:\Program Files\Sandboxie\SbieDll.dll
MD5: 224049c51e2c2d07b02b1bed262976a1 C:\Program Files\Sandboxie\SbieDrv.sys
MD5: 3129023cef1a2225665d44f9545daed4 C:\Program Files\Sandboxie\SbieSvc.exe
MD5: 5fa9a7808f1ceca8e46dbf2ff81769d2 c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: 3467821fd04a66c9786df0c8c0219a73 C:\Program Files\Skype\Updater\Updater.exe
MD5: df287939309c65e68abe9cb98f80693b C:\Program Files\USB Disk Security\BCGCBPRO1500u80.dll
MD5: 5e2bd09facb151796b9f0a7d4151dc3c C:\Program Files\USB Disk Security\BCGPStyle2010Blue150.dll
MD5: 3f98b594e5404311d464769733df5125 C:\Program Files\USB Disk Security\USBGuard.exe
MD5: 994ad0d8550b8b26990a6e3aa0791502 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
MD5: b2764e34dd2d5dab113c2af3f7315fa9 C:\Program Files\WinRAR\rarext.dll
MD5: 9e74acd50ae9ce20603824a1223ca4f9 c:\program files\yahoo!\companion\installs\cpn1\yt.dll
MD5: 18883601394c553aa6a60d0b7392c5df C:\Program Files\Yahoo!\Shared\npYState.dll
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: d556cb79967e92b5cc69686d16c1d846 C:\WINDOWS\gdrv.sys
MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f7a01e608edeb9ba5aea26d1040da7b7 C:\WINDOWS\RTHDCPL.EXE
MD5: 66640a55aeff3819c94e0a8d40d7e0ad C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
MD5: 446321d798e28daac1383637fbb524e0 C:\WINDOWS\system32\adsnt.dll
MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll
MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
MD5: b1762156256b0238c21baa4c06cef727 C:\WINDOWS\system32\devmgr.dll
MD5: 7dac4089bca671c305bb61242cde29f8 C:\WINDOWS\system32\DfrgRes.dll
MD5: ccc5b7e12d6002d308e8d11ff9d1fc57 C:\WINDOWS\system32\dfrgsnap.dll
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 8efea4a7cccce7d3fde4d90f324218a9 C:\WINDOWS\System32\dmdskmgr.dll
MD5: 057f636c4e4f11fab91371c2c83f678b C:\WINDOWS\system32\DMDskRes.dll
MD5: 75a782fff9821426382453253999853b C:\WINDOWS\system32\dmocx.dll
MD5: 3b548248a510ec24c8e46ea7d013e225 C:\WINDOWS\System32\dmutil.dll
MD5: 389496118b3b03c2328024af320132ac c:\windows\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: 464edb6486805f255190e6ea34d9f973 C:\WINDOWS\system32\DRIVERS\idmtdi.sys
MD5: 0c78f66259b312da2a2b565659fd5ebf C:\WINDOWS\system32\DRIVERS\kl1.sys
MD5: b8fd2e8d24ebc01d7ceb888ca1f0ca58 C:\WINDOWS\system32\DRIVERS\klif.sys
MD5: 09bcb45e7af12b82bb5b68bb599a6022 C:\WINDOWS\system32\DRIVERS\klim5.sys
MD5: 862a0c212cff3f2b0e8fb11c80037c0d C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
MD5: 2c88a8fef90f6133842e267b40693d6f C:\WINDOWS\system32\DRIVERS\klmouflt.sys
MD5: 378fd5c977d56d08af4316f815b35fd6 C:\WINDOWS\system32\DRIVERS\kltdi.sys
MD5: 1c488d4b7808d20c382a0d54f72df01c C:\WINDOWS\system32\DRIVERS\kneps.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: 9cda796e6bec89eff45ef430651ea74b C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
MD5: 79b4fe884c18dd82d5449f6b6026d092 C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
MD5: a7564cc4e170f1e5b84bae6bb8c5f16e C:\WINDOWS\system32\drivers\RtkHDAud.sys
MD5: 71e276f6d189413266ea22171806597b C:\WINDOWS\System32\Drivers\sptd.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 98a1e6bc9f766b0b0a5bf00af847ef20 C:\WINDOWS\system32\DRIVERS\tap0901.sys
MD5: f48ab90a886200bcda169ad7f06037d6 C:\WINDOWS\system32\els.dll
MD5: ffb3115aa757abefba7fba90bad5dd0a C:\WINDOWS\system32\en-us\tQuery.dll.mui
MD5: f5b754cdea20bbb3a31e16a776ede6d6 C:\WINDOWS\system32\ESENT.dll
MD5: 4dc59b4223e833652135b2454f7ecad2 C:\WINDOWS\system32\filemgmt.dll
MD5: 2223775fdcb2ef7d4ec159af3c764941 C:\WINDOWS\system32\ieframe.dll
MD5: dca5bc4913c1de2668625d7680df6f18 C:\WINDOWS\system32\iertutil.dll
MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll
MD5: 1e6c47b63cd2f812de0f4a9f610fabb4 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll
MD5: 72d5d679eff2b21d27a5437ac45f2732 C:\WINDOWS\system32\klogon.dll
MD5: 8eb3f7b700ab00a2f51b171178965a1c C:\WINDOWS\system32\localsec.dll
MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: 76d5a3d2a50402a0b9b6ed13c4371e79 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.dll
MD5: 682b5487811c86c8d7a5c86c34295599 C:\WINDOWS\system32\mmc.exe
MD5: 98c084215ea2b7a131266de871ec9b60 C:\WINDOWS\system32\mmcbase.DLL
MD5: b1749e895f132af150da76eb6acc4c7b C:\WINDOWS\System32\mmcndmgr.dll
MD5: d2cb96f7d1b96ebf6b153f05921b82e1 C:\WINDOWS\system32\msfeeds.dll
MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\msftedit.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: c52ce534397e1d3a442fb4c88a3cbe42 C:\WINDOWS\system32\msonpmon.dll
MD5: 4774d83be60b7f47c612e25d6fe0f010 C:\WINDOWS\system32\MSSHooks.dll
MD5: 6e914eedd145c5acce56f4d5f3d606fc C:\WINDOWS\system32\mssph.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\WINDOWS\system32\MSVCP100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\WINDOWS\system32\MSVCR100.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll
MD5: bbdfdbead1b7a1cfd44bfffd177fb627 C:\WINDOWS\system32\mucltui.dll
MD5: a1226c81b5dc433cc6a6ca28d84ac303 C:\WINDOWS\system32\mycomput.dll
MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\netapi32.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll
MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe
MD5: adc539f67d3198679f480974ee203678 C:\WINDOWS\system32\npDeployJava1.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 11e9ef7dc6ed377db1a98f4d0fcbe983 C:\WINDOWS\system32\NTMSAPI.dll
MD5: 1df175698ca61d738e8a0e872328086d C:\WINDOWS\system32\ntmsmgr.dll
MD5: d6b5a2966a6ce9ed29c58b56a51839f0 C:\WINDOWS\system32\nvapi.dll
MD5: c39b824a30118e308d575d6507467d10 C:\WINDOWS\system32\NvCpl.dll
MD5: 3b556a0dd75ee786f8e1963e9770f760 C:\WINDOWS\system32\NvMCTray.dll
MD5: 30cb85790a3c70ae45c88e28ba6397c2 C:\WINDOWS\system32\nvsvc32.exe
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: d59a7119054d70fc745a1bf9c06dcc65 C:\WINDOWS\system32\oeph.dll
MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
MD5: eff03460e542eea6b0abdec6bf19c897 C:\WINDOWS\system32\OLEAUT32.dll
MD5: f1dac7969c1337af790bd1d981aa780c C:\WINDOWS\system32\qmgrprxy.dll
MD5: b8ae25c09b8c26ff72820430294e4ef6 C:\WINDOWS\system32\RASSAPI.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll
MD5: 87889a983c015080fa813d7e32910d1e C:\WINDOWS\system32\searchfilterhost.exe
MD5: c4894b3b448b647bedc9e916d181bdbe C:\WINDOWS\system32\searchprotocolhost.exe
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll
MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: b6a31666905b58ac4819b3f55979ff71 C:\WINDOWS\system32\smlogcfg.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: 79ed352549eb6d5b1a454916c37d2e85 C:\WINDOWS\system32\UNCPH.dll
MD5: 5c4adb808b54126c1ed2fba0eae06c63 C:\WINDOWS\system32\upnpui.dll
MD5: 674540915241f737300b604ee811a139 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: 7943a80f1a6fd37969aacd411b511f91 C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll
MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
MD5: 5c4aac5a91422c95522ecc6c26fb93c8 C:\WINDOWS\system32\WININET.dll
MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 69ae2b2e6968c316536e5b10b9702e63 C:\WINDOWS\system32\winsrv.dll
MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 3a6d465f379e5c815f4ad565391e654c C:\WINDOWS\system32\wshext.dll
MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\WINDOWS\system32\wuauclt.exe
MD5: c31dd4cec06d2908ae5f212a0b13805b C:\WINDOWS\system32\wuaucpl.cpl
MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll
MD5: c88c65df1ed4dfd34cfbd11cdfe519a3 C:\WINDOWS\system32\wucltui.dll
MD5: 5caf91e865fe0c85048a233e594544d2 c:\windows\system32\WUDFPlatform.dll
MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll
MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\XmlLite.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL
MD5: 28a09777d2d952122567a8a82f1a2c7b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80ENU.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll
MD5: 43896bb5bd2500709033d57dd37ae7b6 e:\program files\idm\quickfind\plugins\iehelp.dll


No file uploaded.

Scan finished - communication took 5 sec
Total traffic - 0.03 MB sent, 0.87 KB recvd
Scanned 797 files and modules - 66 seconds

==============================================================================

  • 0

#21
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
Whoa that was quicker than I thought




QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Mon Jun 03 23:27:07 2013
Machine ID: F8686FBE



No infection found.
-------------------



Processes
---------
essvr.exe 1468 C:\Program Files\Gigabyte\EasySaver\essvr.exe
Google Chrome 3504 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 4060 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 984 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 2288 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 1616 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 1756 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 3348 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 3852 C:\Program Files\Google\Chrome\Application\chrome.exe
Google Chrome 3988 C:\Program Files\Google\Chrome\Application\chrome.exe
GrooveMonitor Utility 3244 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
IEMonitor Application 688 C:\Program Files\Internet Download Manager\IEMonitor.exe
Internet Download Manager (IDM) 3424 C:\Program Files\Internet Download Manager\IDMan.exe
Kaspersky Anti-Virus 1388 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
Kaspersky Anti-Virus 3296 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
LightScribe 1660 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Microsoft® Windows® Operating System 2056 C:\WINDOWS\system32\mmc.exe
Microsoft® Windows® Operating System 1212 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 3548 C:\WINDOWS\system32\searchfilterhost.exe
Microsoft® Windows® Operating System 3204 C:\WINDOWS\system32\searchprotocolhost.exe
Microsoft® Windows® Operating System 880 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 444 C:\WINDOWS\system32\wuauclt.exe
NVIDIA Driver Helper Service, Version 3 1716 C:\WINDOWS\system32\nvsvc32.exe
NVIDIA Update Components 1856 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
RealPlayer (32-bit) 3252 C:\Program Files\Real\RealPlayer\Update\realsched.exe
Realtek HD Audio Sound Effect Manager 3312 C:\WINDOWS\RTHDCPL.EXE
Sandboxie 1968 C:\Program Files\Sandboxie\SbieSvc.exe
Skype Click to Call 484 C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
USB Disk Security 3160 C:\Program Files\USB Disk Security\USBGuard.exe
(verified) Microsoft® Windows® Operating System 1232 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 3600 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 1416 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 1504 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 3336 C:\WINDOWS\system32\rundll32.exe
(verified) Microsoft® Windows® Operating System 2124 C:\WINDOWS\system32\searchindexer.exe
(verified) Microsoft® Windows® Operating System 1492 C:\WINDOWS\system32\Services.exe
(verified) Microsoft® Windows® Operating System 888 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 2944 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1356 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 220 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 524 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 296 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1684 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1772 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2024 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2060 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1448 C:\WINDOWS\system32\winlogon.exe


Network activity
----------------
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.39
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 92.123.211.139
Process chrome.exe (3504) connected on port 80 (HTTP) --> 54.240.172.104
Process chrome.exe (3504) connected on port 80 (HTTP) --> 31.186.225.24
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.45
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.25
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.121
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.157
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.95
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 77.67.28.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 88.221.31.167
Process chrome.exe (3504) connected on port 80 (HTTP) --> 213.158.175.58
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.95
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.50
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.51
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.43
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 77.67.28.43
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 31.13.80.17
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.39
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.58
Process chrome.exe (3504) connected on port 80 (HTTP) --> 95.101.159.196
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 69.171.248.16
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.39
Process chrome.exe (3504) connected on port 443 (HTTP over SSL) --> 173.194.35.32
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.57
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.38
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.70.121
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.42
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.39
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.56
Process chrome.exe (3504) connected on port 80 (HTTP) --> 213.158.175.112
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.47
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.57
Process chrome.exe (3504) connected on port 80 (HTTP) --> 213.158.175.16
Process chrome.exe (3504) connected on port 80 (HTTP) --> 173.194.35.43

Process avp.exe (1388) listens on ports: 1110
Process svchost.exe (1772) listens on ports: 135 (RPC)


Autoruns and critical files
---------------------------
Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Facebook Update C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
GrooveMonitor Utility C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe
Kaspersky Anti-Virus C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
Kaspersky Anti-Virus C:\WINDOWS\system32\klogon.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\upnpui.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
NVIDIA Media Center Library C:\WINDOWS\system32\NvMCTray.dll
NVIDIA Windows Display driver, Version C:\WINDOWS\system32\NvCpl.dll
nwiz.exe C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
RealPlayer (32-bit) C:\Program Files\Real\RealPlayer\Update\realsched.exe
Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE
RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe
USB Disk Security C:\Program Files\USB Disk Security\USBGuard.exe
Windows® Search C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Bitdefender QuickScan C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
Facebook Video Calling Plugin C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
Google Update C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Internet Download Manager Module c:\program files\internet download manager\idmiecc.dll
Internet Download Manager Plugin C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.14_0\IDMGCExt.dll
Java Deployment Toolkit 7.0.210.11 C:\WINDOWS\system32\npDeployJava1.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\plugin\npUrlAdvisor.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0\plugin\online_banking_npapi.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\plugin\npVKPlugin.dll
Kaspersky Anti-Virus C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0\plugin\npABPlugin.dll
Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
MSIExecWatcher.exe C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\MSIExecWatcher.exe
QUICKfind e:\program files\idm\quickfind\plugins\iehelp.dll
RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
RealNetworks™ Chrome Background Exte C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
RealPlayer Download and Record Plugin c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
RealPlayer Download Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
RealPlayer™ G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
RealPlayer™ HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
Skype Click to Call C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\npSkypeChromePlugin.dll
Skype Click to Call c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Yahoo Application State Plugin C:\Program Files\Yahoo!\Shared\npYState.dll
Yahoo! Toolbar c:\program files\yahoo!\companion\installs\cpn1\yt.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Scan
----
MD5: 92baa7debedc6ebe803bc14bc5180ab3 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\arkmon.kdl.92baa7debedc6ebe803bc14bc5180ab3
MD5: 4177f7840572920573fa800b3519c744 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\avengine.dll.4177f7840572920573fa800b3519c744
MD5: 5d36dc0bd740bc9d5c5aea9e6b8e67fe C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\bsshlp2.kdl.5d36dc0bd740bc9d5c5aea9e6b8e67fe
MD5: 5e27e54f3b4175e0e6dfee726b87a311 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\kavbase.kdl.5e27e54f3b4175e0e6dfee726b87a311
MD5: 7b53984bb934e599a4e3668b2f678d48 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\kavsys.kdl.7b53984bb934e599a4e3668b2f678d48
MD5: a918b448be75f1e6825549ddb6692d7a C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\kjim.kdl.a918b448be75f1e6825549ddb6692d7a
MD5: 2ce40beffd5b79c62535ba2f9ce7942e C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\klavasyswatch.dll.2ce40beffd5b79c62535ba2f9ce7942e
MD5: 6cb560907292a84cd0a6ba0e9e8b632c C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\klavemu.kdl.6cb560907292a84cd0a6ba0e9e8b632c
MD5: fed411a74cc5c5dac6ac7d81339fc781 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\mark.kdl.fed411a74cc5c5dac6ac7d81339fc781
MD5: 41dc267440bc79cb8c2216bd28f1f254 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\pbs.kdl.41dc267440bc79cb8c2216bd28f1f254
MD5: be99d2031eb3aa6699eecce74df88b01 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\pdm.kdl.be99d2031eb3aa6699eecce74df88b01
MD5: fb1fec251baaa2ab4237fb3cff510751 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\qscan.kdl.fb1fec251baaa2ab4237fb3cff510751
MD5: 80a1fcd7c0dfdce2c316d7830ffafe93 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\uds.dll.80a1fcd7c0dfdce2c316d7830ffafe93
MD5: 317df7c0eff0939e6289f5c72f65ba51 C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\Cache\vlns.kdl.317df7c0eff0939e6289f5c72f65ba51
MD5: 6df1b9a5143ce44b2d19ca255f94692d C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP13\Bases\sys_critical_obj.dll
MD5: 78693efb803c77f731726e7fa65a6517 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll
MD5: eada87878d898aa6fd9dd67201cb6da0 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpcommon150browserrecordplugin.dll
MD5: c61e4513204bcc4b330e7ad50c4c82c0 c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
MD5: 555e65306a5d3a5978be74e1dd62cdd9 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
MD5: e32771b0ae3f18ceffc12d682025238a C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: 0c1b2e3a897397738d9f81cd3d152af0 C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
MD5: 2a3fb4c98f139038e23330d2439db8a4 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
MD5: 0b31b0f8fa99cfd009c8fbea9e20c9de C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
MD5: 3844598f18aa24f6405a9d8dc1aa3e65 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\plugin\npUrlAdvisor.dll
MD5: ab581254bd4bfdd2334ef828f55f691a C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0\plugin\online_banking_npapi.dll
MD5: fa79316a3c05a849a2a3ab92871caf28 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\plugin\npVKPlugin.dll
MD5: 25e267dceaee1985f2f1e86243d5aa7a C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.14_0\IDMGCExt.dll
MD5: fccc3b6980d5f0387ce9718fe82f7b67 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\MSIExecWatcher.exe
MD5: e748ee5cc148102ec918bee1a13c7f80 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\npSkypeChromePlugin.dll
MD5: 853e987a635c0008f53e3cc13290af6b C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
MD5: 3a9c232439009165c1189b9bde9daaf6 C:\Documents and Settings\Allaho akbar\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0\plugin\npABPlugin.dll
MD5: b1bb8edc9d83d8096ee873f04cee600c C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
MD5: f9616d202b0124d373d2d82a4aa66b1d c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: 75b9d3fe25d597301fb7334147db2498 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: c4ebbbd7165be535f0bfd06b80601d91 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
MD5: c1a3af85dbfc67988fb71ce5e8f3b570 C:\Program Files\Common Files\LightScribe\LSLog.dll
MD5: f3918787f9d5f5ff2da57cdefb858ec5 C:\Program Files\Common Files\LightScribe\LSSProxy.dll
MD5: 6e5dac168d1ff9843e84a59d51d31107 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
MD5: bb0667b0171b632b97ea759515476f07 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
MD5: 42fc6190353e63b415870b8da84cf1aa C:\Program Files\FreeArc\bin\ArcShellExt\ArcShellExt.dll
MD5: 2c31dcaa88d269e13a935910dbb4cc61 C:\Program Files\Gigabyte\EasySaver\essvr.exe
MD5: db8edc434deb6ed687108817e6b3c7f3 C:\Program Files\Gigabyte\EasySaver\YCC.DLL
MD5: 9a741077112de8f9a12806ee228c2307 C:\Program Files\Google\Chrome\Application\27.0.1453.94\chrome.dll
MD5: 4763adc41ba4e0ff8740251705ca3f7f C:\Program Files\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MD5: 59b55c1a2e4b2f8b65d3175a1782af5a C:\Program Files\Google\Chrome\Application\27.0.1453.94\icudt.dll
MD5: 9820ccff5cd068ac9c0fffb9f688f4f8 C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
MD5: 7985b2f574f116f73d3b5772e3dc3301 C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
MD5: d68678e3a6fed6c81b5a2f5ce64a8e8f C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
MD5: 51c392ec9da1119ec86d562ff3e7344f C:\Program Files\Google\Chrome\Application\chrome.exe
MD5: 3d928b3fe97c403a33f803b3d1a260c9 C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
MD5: 506708142bc63daba64f2d3ad1dcd5bf C:\Program Files\Google\Update\GoogleUpdate.exe
MD5: 3b264541b6ae34afd6554872a769a0f3 C:\Program Files\Internet Download Manager\IDMan.exe
MD5: 90359dc6eaf19eb4cba0c4ad3d087560 c:\program files\internet download manager\idmiecc.dll
MD5: f3d66d5aff658162d93edbcda2da35dc C:\Program Files\Internet Download Manager\idmmkb.dll
MD5: 109e86dfb7ded3234f0ffeec710843f7 C:\Program Files\Internet Download Manager\IDMNetMon.DLL
MD5: 36503cd4506f7a2033a3330c2a2bcc4e C:\Program Files\Internet Download Manager\IDMShellExt.dll
MD5: faa729bc3b4ec2900d14e1f0f4d30ed0 C:\Program Files\Internet Download Manager\IEMonitor.exe
MD5: 83fe7fe9b5517e778facf064cec60715 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ac_facade.dll
MD5: f1a0027050ac41c6802faf28888957ba C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ac_meta.dll
MD5: 919a4739c4b8ceda369405530a889d0a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\acassembler.dll
MD5: 957a2927ec4c8b02cb7706ba6cdb6cd3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ahids.ppl
MD5: 0acdc5b7073072e52dc4b4190bb0c925 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\am_facade.dll
MD5: 07f196a739dc3348a9c383fa482a8479 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\am_meta.dll
MD5: 16cb6eb0cafe1c54c1be0c28b999595e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\anti_phishing_http_filter.dll
MD5: 2d5cb83e8418de45a0b4e41299c87304 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\antispam.ppl
MD5: 6b4a35d9e6d1e54754fb7748d080bc13 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\aphishex.ppl
MD5: e900ae4dcadbe638f49bb325790d0b26 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\app_core_legacy.dll
MD5: a5c4621630c53bceb98e733905e29e30 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\app_core_meta.dll
MD5: d075349164dce1cd47099daa85a62c03 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\appcat.ppl
MD5: 5a3fe1edb84c92dda14ea19cb66962ab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\arj.ppl
MD5: 6fddd18a650764a59302a018765e5521 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
MD5: e4ef421e71be48db62d510504404d71b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpgui.ppl
MD5: 88434b11d5dcd027ffa80183ecd9cf00 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpinit.dll
MD5: f213534aff8c78a87e2c5abcbde30e76 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpmain.dll
MD5: 56f79b31a74f7e121dd2e51e3df34102 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avpservice.dll
MD5: a5b9b29600d3486bae6e31cfad9a403d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avs.ppl
MD5: da2bd3528312e758442e19a89c520545 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avzkrnl.dll
MD5: 7f26b09ab4ab6a006e04ae3ecfc41e7a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\basegui.ppl
MD5: f28cc871387bb313be5c4ba9f7f8b166 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\bl.ppl
MD5: 057ffe925cd91ee79871ecaf66121142 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\buffer.ppl
MD5: 3ccc41c80269b0a94561d729c958ec9e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cab.ppl
MD5: d940842ba6027bd8fe97917e1ee5c837 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cbi.dll
MD5: da51ffd17e14bd52c226d91c138c867e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_anti_malware.dll
MD5: cf8a9e8a7f12c8707cba7e4e12d78d3f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_anti_malware_facade.dll
MD5: 582b55700c685eb85f087dfc746eb09c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_anti_malware_http_filter.dll
MD5: f4ce45681a9697ac9f464e65f15914d1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_facade.dll
MD5: 454f384b7a0ebb338103fce2bf9d5e3e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_http_transformer.dll
MD5: 215e67ebc26e977267d62bbad5029f46 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_prague_adapter.ppl
MD5: 5fce0236e964e5304b4da507c67ab60a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\cf_response_provider.dll
MD5: 6653c88dc87bc5bbad036d89b4234781 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\CKAHComm.dll
MD5: b9bfbdac872a32b2d100dc0b77f8c0f8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ckahrule.dll
MD5: a6a06797897a87ce22c3aea915df39ba C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\CKAHUM.dll
MD5: 63ca3208528ffed0995dd3d9aa4fef09 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\content_filtering_meta.dll
MD5: 90f494f351457f7ab59c351e84ef1e1f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\crpthlpr.ppl
MD5: 1dcca8ebd279afc7360b94e1543dcd29 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\CryptoStaticProvider.dll
MD5: 63a9b3e681559ad709b084888c677d21 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\deterministic_anti_phishing.dll
MD5: 478cf0a231e9cd9b4b46f0174b328a65 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\diffs.dll
MD5: 39b354058995b9f90b6276ec9080b207 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\dmap.ppl
MD5: 96b187c26b53887ef7b969fb98241a79 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\dtreg.ppl
MD5: a74e407dabd12cf91ae99120a2f5d38c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\DumpWriter.dll
MD5: 710f6463097ca1bbb08eeee5e58b2eff C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\eka_meta.dll
MD5: 6b90c3b746951ec2480225b53708ef50 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ekasyswatch.dll
MD5: 6d7a0d5388f0bcef35a6ffb2edb1d69d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\excludemanager.dll
MD5: ad172df0b787737f7676df2acc2a614e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\EXTLprtc.ppl
MD5: d96e1fd6b0b90587030641ebd6a2690c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FileCategorizer.dll
MD5: e89f7caf78a69c1b906dbf968650f7e5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\filesystem_services.dll
MD5: c9891229f15235370a2d2807a39bed58 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\finance_url_categorizer.dll
MD5: bd12a38cd2a3acff39e5326ede4d6a18 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\format_recognizer.dll
MD5: 91265e4e9eb6e6995d083f5cd59dd4a2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\fsdrvplg.ppl
MD5: d00e84779a324f9eccb395a30c179613 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\fssync.dll
MD5: 3c5b6295e58d1a706fe20db525a07bc4 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FTPprtc.dll
MD5: 08269669fe40cc2fa7eb2d77639d17e5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\hashmd5.ppl
MD5: 97d6ba0e1112f87062426f4f3f73dfec C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\heuristic_anti_phishing.dll
MD5: 7c745a18fc8a17b75901165c9432e438 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\hips.ppl
MD5: 98fa7e71e708d6871487570416a3c53b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\httpanlz.ppl
MD5: 1d2ca83a42d6720e7c75268357d746e5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\httpscan.ppl
MD5: 9821b8a749ee4f47f63fa8ba128a5ef3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ichecker.dll
MD5: f9f39e32ef76dc47de4a1589e83334ac C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ICQprtc.dll
MD5: e951fbaa8e915ca8a9db8fb1dcbc9833 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icudt40.dll
MD5: a4114d161d23ecaaf4de06a39899cd9e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icuin40.dll
MD5: 8f6d6912a24fda85add25aeb7b3a2bd5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icuio40.dll
MD5: 41bed19237e4a879494d3961d18a2547 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\icuuc40.dll
MD5: 2c17f6856a0cbe0b7f8caa5bc8881556 c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
MD5: 4be78ddf7e7cf2f627fed3ed5ac2e84e c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
MD5: 797bc225a8c69c77acb8c2839f88b562 c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
MD5: 12ab2d9320193c68697ba6ae15a62f9b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imageformats\qgif4.dll
MD5: 256c2735bd9ab8626acca325d7afbdb9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imageformats\qico4.dll
MD5: 0c0d89856a1710d5bc5d2c6e1a84ec5e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imageformats\qjpeg4.dll
MD5: cd3b4724868f1c6bbab55b92d6d97e46 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imapprtc.ppl
MD5: bf66eae38955f96e5dd1eae8a3890e57 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\imc.ppl
MD5: 4419c4ccbfcb27e26cf776c66e632e0c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\inflate.ppl
MD5: fb3c7c3edeff065d431630110f36ef19 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\instrumental_meta.dll
MD5: 9107f80daf16be8aa75b86530ce38f8e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\integrity_control.dll
MD5: 7c2581b8b970609967c459bdb6438e47 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IRCPrtc.dll
MD5: 64608d105d5c6e1894a1c58a821f0f49 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\JbrPrtc.dll
MD5: 5257f781661bc93e31d6697aef1301b8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\key_value_storage.dll
MD5: 4a83c0ad4304cecbef1aa1ca605aeb4e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klifpp.dll
MD5: 6d43dd8216357158f064aacde3e3605a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klifpp_meta.dll
MD5: 6bb88b18c921b10e8e67ac519b20c6b3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klscav.dll
MD5: d62f58f2226262fccc93771db2134ec4 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
MD5: c246f3a45bb7f89800e628ca7aba0eab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_client.dll
MD5: 53c7264acc97a316fb62265a28f18a63 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_facade.dll
MD5: 0de82cd2694808d89aebbf2af250301c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_meta.dll
MD5: b289f1b6e040476694e0de5a4fdd8e0d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksn_statistics.dll
MD5: a439bcaf18d09debf4b7c648e34ffbd8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ksnhelper.dll
MD5: a9ffabf72a6d36c838c7a4f053e0ee92 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\lha.ppl
MD5: 327f962d4c257a9a3a36bc749d59a6b1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\libcurl.dll
MD5: 6feb064bc2029c64576f21cc04f96cd6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\LIBEAY32.dll
MD5: 99670d384f97a7f2fb5bf8af29c201fa C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\lic.ppl
MD5: fa6e031f14e789134de0dcfef8940a9f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\localization_manager.dll
MD5: e92d2f477a469e23917d1bcadf125264 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mailmsg.ppl
MD5: adf69da68ce38244a710b92d34cd212e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mc.ppl
MD5: 9afe21ac15d46df9147ab7a839166475 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mdb.ppl
MD5: 4c77c4a1ad6ba891c554e8b9589a56e4 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\mdmap.ppl
MD5: f2172aaae0d8ba3a5be37ddee24f1348 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\memmodsc.ppl
MD5: 688d3e38aa1ab53b8aaa072afa2adf15 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\memmon.dll
MD5: 3ba510c3612849c52bf1835d14102847 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\memscan.ppl
MD5: a4b322d95ddf22c17f4722755458f9a6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\minizip.ppl
MD5: 4ec01449e612f3a2632ded2d6a716fac C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\MMPprtc.dll
MD5: 9465090cb07ab7fc901eca0ac8871013 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\MSNprtc.dll
MD5: 3e0985edfd29d15d396334b4cd777d2e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\msoe.ppl
MD5: 1256856bf0a5569589d28ef018c7b3d9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ndetect.ppl
MD5: b4b9e56542f5b78779da54a02f845618 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\netwatch.ppl
MD5: aaaf96b09f1eaec774dfe91d60db868a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\network_services.dll
MD5: e53103ec79f4d0c503f459f6be59d2ec C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\nfio.ppl
MD5: f0558ef77bb94754dd31f9d7eb76382f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\nntpprtc.ppl
MD5: 8a4119364fe1b179ecc5a2d594f94238 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\oas.ppl
MD5: 038bec4a3bbb031a5c83812ca8f2bac2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ods.ppl
MD5: 874765cc2ef704cf04edad33790ca9fd C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\office_antivirus.dll
MD5: 1c02ec34c5b28c71efd0f4e6b282036d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\office_antivirus_facade.dll
MD5: f9d66e2bc3d64144e7b84016d76f7a56 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\online_banking_facade.dll
MD5: 25a5b1605af4188cf36d92103702708c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\packed_io.dll
MD5: 7e3b3f7ff7a8bade638648cbd42fe70d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\params.ppl
MD5: fe0e7137c8ab02bb3fdc899980a20905 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\parental_control_gui.dll
MD5: f1287602d47302a8781235d8c338dc7d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\persistent_queue.dll
MD5: 267999c7476b6563a98996dd5681cb4b C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\platform_metainfo.dll
MD5: 9fbd4e134d6cb3f7cd37c034bcde0328 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\plugins_facade.dll
MD5: 26dbf795795b36dc555d0293ec8396a1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\plugins_meta.dll
MD5: 3f6a732325bf91178ca8243e1718afba C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\pop3prtc.ppl
MD5: 9481826102a27dce3ca968aec0e223ab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prloader.dll
MD5: 317f465f797a4fe7434eea2dd8f389e1 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ProcessMonitor.dll
MD5: 3afce727dce26a1e91b9573f74034e14 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\procmon.ppl
MD5: 02fa2a9567c36a068043cb380a75539d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\propmap.ppl
MD5: 5b9f703a6e07c5b79a38523dd768b938 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\proxydet.ppl
MD5: d80125fda60e4eee59c1b8342aea16a6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prremote.dll
MD5: fa03a5951aecfafa1451c5d7cca41ea0 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prseqio.ppl
MD5: 5bf5f6a848337a26721c2f66033ea75c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prupdate.ppl
MD5: f167dda37f7bcf0d4de33f877bfc470d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\prutil.ppl
MD5: 7a54db3a116629b64832d22b640ff39c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\pxstub.ppl
MD5: aa39fa3316aab40e7326f0fc61219176 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\qb.ppl
MD5: c3c6bce55e6f533778db6dbe50c36069 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtCore4.dll
MD5: 9b03e319c59fe1d00009ee870697f06a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtDeclarative4.dll
MD5: 2eb0b4586da4a0bafa7d7b2ccd74ed92 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtGui4.dll
MD5: c3ad6007589c7270d5e4eee4645e2ac5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtNetwork4.dll
MD5: 10e005139728d1024a4d749029f13d89 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtScript4.dll
MD5: 85bb00594af1ef057bd227bda2fb4011 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\QtSql4.dll
MD5: 2163555d2df66cc1929b940b934a96ea C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\rar.ppl
MD5: 9a5cd8b271db0ebaf6951e2a9d756e8e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\regmap.ppl
MD5: 72f0fa86c9c56494ff68e3955fb365b5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\remote_eka_prague_loader.dll
MD5: 42dcc37fb6156338a143483ef7a1d8dd C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\report.ppl
MD5: 0f117c63b346d9a2589c6140ccb56cda C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\reportdb.ppl
MD5: 9d087c7ee09d8becdfaeaae2703f28b2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\safe_banking.dll
MD5: 640a1a16cad458ddfd65247b7f8f1246 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\sc.ppl
MD5: e971d49d88ef3eda43192bd695473490 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\schedule.ppl
MD5: 26714dc5d5eb5dbb2a830795fad002bf C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\scrchpg.dll
MD5: 54aafce5034c2ff1ec70eb19339bdd69 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\secure_input_manager.dll
MD5: 62c745bdb170569d4641e542882f88ec C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\service.dll
MD5: eb48a4aabba61081bf798f3a3770c8ad C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\sfdb.ppl
MD5: bdbf37c81aeaeedba3bea2698a7edb8d C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll
MD5: dd1af94b33748541be2d6ef0c443524e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\smtpprtc.ppl
MD5: d4446dcf1425802657f5ad2226663d3a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\SSLEAY32.dll
MD5: b6172e9f1bbe5ef6e40557875874117f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\stat.ppl
MD5: 1c22fab4c8ee828773c3038dae18e733 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\storage.dll
MD5: f7624a94957201d7c2a35491aba6c92f C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\swpragueplugin.dll
MD5: 390f945076556bd19ffe4921a257547e C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\thpimpl.ppl
MD5: 5d93dfbdfd210b4eaf1c700593c4a62c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\threats_disinfection.dll
MD5: 58d5d1fa37b9550bdbd45daeb27f49c3 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ThreatsManager.dll
MD5: 498c0794104c99da24eeb5682a377aa5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\timer.ppl
MD5: 95798f8386d204a8283e8c41df02b973 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\tm.ppl
MD5: 723584e6f0a55729d93a2dd183445da2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\traffic_processing_product_facade.dll
MD5: abc9d43f0f7a9cd0a514dbfeb3e69d9c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\trafmon2.ppl
MD5: 0d15c1dc21ac825f159ee8ed1710749c C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\transport_provider.dll
MD5: db93c78533a80b6bcdcfe8cb07eb5ea5 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ucp_agent.dll
MD5: 9ba024c33b37b22d7a009530df8a02ab C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ucp_meta.dll
MD5: e2a1a91629cf89469c22a5ef3814af62 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\uniarc.ppl
MD5: b9e75399b99c40673588b7cc28493cb9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\unlzx.ppl
MD5: afbe8869913e1a475ec0341328b4d3f2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\unstored.ppl
MD5: 232a82980e837c8b5fcbe1ee88b63ab9 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Updater.dll
MD5: a0b416ee90a9c0f187019cfba99b48fc C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\updater_meta.dll
MD5: fa17d1107b4fcb6132c1450d9ccea8e6 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\url_processing.dll
MD5: fc3eaf18fb50b523001baf4b897b4673 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ushata.dll
MD5: 9621e25805fe42d9e78ae6fe547312d8 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\vercheck.ppl
MD5: 399ec7f2c6e9a3eaa3735ee50f578e9a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\virtual_keyboard_facade.dll
MD5: 8ebedcb6fffd1d9d3693579c115f6615 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\volenum.ppl
MD5: 15fd2a7e6cda986c0a631e4779a33c87 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\vulnerability_status_provider.dll
MD5: a5df11794648845235c6cb2d7e96b5b2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\wdiskio.ppl
MD5: 38a7ce63fdd4f694d5317a8b8e4bad38 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\web_content_categorizer.dll
MD5: 01c1b863479543f966655689d9b4752a C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\webnetstat.ppl
MD5: 1c174c4666f1d84f3ae71e4fa8c2a369 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\winreg.ppl
MD5: 66850145f146fbbf675ad342fd0e5206 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\wmihlpr.ppl
MD5: 06eaa056c508fd867689b8b1fb24f7de C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\Yhoprtc.dll
MD5: 0fa909fa83979ceeace4b83f771afe42 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 123271bd5237ab991dc5c21fdf8835eb C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
MD5: 533aecd1b5356870ae2d905b4d3b42b7 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
MD5: 0e34b7bb1fcf22bcc1e394d16f9e992b C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
MD5: 30efebdc960a482e3e188b9960b286e2 C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL
MD5: 30db64d316f502558db2380f7343c9fd C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MD5: d8c2b95bc2353e1f18850d6b8f5dba13 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
MD5: 207204af80505af51271fe164b56f662 C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL
MD5: c92d20a6e35e232004d83dc10a78878a C:\Program Files\Microsoft Office\Office12\USP10.dll
MD5: 0d01287d85b3715fa8270e8ec919b7f7 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
MD5: 5f63626ac57fbb1e7dd4a73c723a5f83 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
MD5: 37c8ec2860df210ed93a94bf6525cbc7 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
MD5: 6e0f29bd0e792618ff285ab094f4dcef C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
MD5: 1d18c4172c53f3411f80b3a58f1d740b C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU.DLL
MD5: c551e83adb312f0353961267f02d7047 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MD5: 8657c4cff27f0ada25a2c33f3bbf2955 C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
MD5: 04a6facebfb8b02cedff39bd4d5e0714 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MD5: 2dc6257a367a6182e40f748d0396aaf9 C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
MD5: 256c847cd03160c9088fb440db929448 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
MD5: 1e3aa02f2c91a2b25efb4e355160cdca C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
MD5: a73731a0b0a165907799e9afb461f856 C:\Program Files\Real\RealPlayer\Update\realsched.exe
MD5: e6019253451dbb67740f7027ad9e1cb5 C:\Program Files\Real\RealUpgrade\realupgrade.exe
MD5: 913311f5f69932adc29b0ff3015494cd C:\Program Files\Sandboxie\SbieDll.dll
MD5: 224049c51e2c2d07b02b1bed262976a1 C:\Program Files\Sandboxie\SbieDrv.sys
MD5: 3129023cef1a2225665d44f9545daed4 C:\Program Files\Sandboxie\SbieSvc.exe
MD5: 5fa9a7808f1ceca8e46dbf2ff81769d2 c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: 3467821fd04a66c9786df0c8c0219a73 C:\Program Files\Skype\Updater\Updater.exe
MD5: df287939309c65e68abe9cb98f80693b C:\Program Files\USB Disk Security\BCGCBPRO1500u80.dll
MD5: 5e2bd09facb151796b9f0a7d4151dc3c C:\Program Files\USB Disk Security\BCGPStyle2010Blue150.dll
MD5: 3f98b594e5404311d464769733df5125 C:\Program Files\USB Disk Security\USBGuard.exe
MD5: 994ad0d8550b8b26990a6e3aa0791502 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
MD5: b2764e34dd2d5dab113c2af3f7315fa9 C:\Program Files\WinRAR\rarext.dll
MD5: 9e74acd50ae9ce20603824a1223ca4f9 c:\program files\yahoo!\companion\installs\cpn1\yt.dll
MD5: 18883601394c553aa6a60d0b7392c5df C:\Program Files\Yahoo!\Shared\npYState.dll
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: d556cb79967e92b5cc69686d16c1d846 C:\WINDOWS\gdrv.sys
MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f7a01e608edeb9ba5aea26d1040da7b7 C:\WINDOWS\RTHDCPL.EXE
MD5: 66640a55aeff3819c94e0a8d40d7e0ad C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
MD5: 446321d798e28daac1383637fbb524e0 C:\WINDOWS\system32\adsnt.dll
MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll
MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
MD5: b1762156256b0238c21baa4c06cef727 C:\WINDOWS\system32\devmgr.dll
MD5: 7dac4089bca671c305bb61242cde29f8 C:\WINDOWS\system32\DfrgRes.dll
MD5: ccc5b7e12d6002d308e8d11ff9d1fc57 C:\WINDOWS\system32\dfrgsnap.dll
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 8efea4a7cccce7d3fde4d90f324218a9 C:\WINDOWS\System32\dmdskmgr.dll
MD5: 057f636c4e4f11fab91371c2c83f678b C:\WINDOWS\system32\DMDskRes.dll
MD5: 75a782fff9821426382453253999853b C:\WINDOWS\system32\dmocx.dll
MD5: 3b548248a510ec24c8e46ea7d013e225 C:\WINDOWS\System32\dmutil.dll
MD5: 389496118b3b03c2328024af320132ac c:\windows\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: 464edb6486805f255190e6ea34d9f973 C:\WINDOWS\system32\DRIVERS\idmtdi.sys
MD5: 0c78f66259b312da2a2b565659fd5ebf C:\WINDOWS\system32\DRIVERS\kl1.sys
MD5: b8fd2e8d24ebc01d7ceb888ca1f0ca58 C:\WINDOWS\system32\DRIVERS\klif.sys
MD5: 09bcb45e7af12b82bb5b68bb599a6022 C:\WINDOWS\system32\DRIVERS\klim5.sys
MD5: 862a0c212cff3f2b0e8fb11c80037c0d C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
MD5: 2c88a8fef90f6133842e267b40693d6f C:\WINDOWS\system32\DRIVERS\klmouflt.sys
MD5: 378fd5c977d56d08af4316f815b35fd6 C:\WINDOWS\system32\DRIVERS\kltdi.sys
MD5: 1c488d4b7808d20c382a0d54f72df01c C:\WINDOWS\system32\DRIVERS\kneps.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: 9cda796e6bec89eff45ef430651ea74b C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
MD5: 79b4fe884c18dd82d5449f6b6026d092 C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
MD5: a7564cc4e170f1e5b84bae6bb8c5f16e C:\WINDOWS\system32\drivers\RtkHDAud.sys
MD5: 71e276f6d189413266ea22171806597b C:\WINDOWS\System32\Drivers\sptd.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 98a1e6bc9f766b0b0a5bf00af847ef20 C:\WINDOWS\system32\DRIVERS\tap0901.sys
MD5: f48ab90a886200bcda169ad7f06037d6 C:\WINDOWS\system32\els.dll
MD5: ffb3115aa757abefba7fba90bad5dd0a C:\WINDOWS\system32\en-us\tQuery.dll.mui
MD5: f5b754cdea20bbb3a31e16a776ede6d6 C:\WINDOWS\system32\ESENT.dll
MD5: 4dc59b4223e833652135b2454f7ecad2 C:\WINDOWS\system32\filemgmt.dll
MD5: 2223775fdcb2ef7d4ec159af3c764941 C:\WINDOWS\system32\ieframe.dll
MD5: dca5bc4913c1de2668625d7680df6f18 C:\WINDOWS\system32\iertutil.dll
MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll
MD5: 1e6c47b63cd2f812de0f4a9f610fabb4 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 6fe42512ab1b89f32a7407f261b1d2d0 C:\WINDOWS\system32\kernel32.dll
MD5: 72d5d679eff2b21d27a5437ac45f2732 C:\WINDOWS\system32\klogon.dll
MD5: 8eb3f7b700ab00a2f51b171178965a1c C:\WINDOWS\system32\localsec.dll
MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: 76d5a3d2a50402a0b9b6ed13c4371e79 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: f6f2bfc17069eb335acceef7595f9302 C:\WINDOWS\system32\MFC42u.dll
MD5: 682b5487811c86c8d7a5c86c34295599 C:\WINDOWS\system32\mmc.exe
MD5: 98c084215ea2b7a131266de871ec9b60 C:\WINDOWS\system32\mmcbase.DLL
MD5: b1749e895f132af150da76eb6acc4c7b C:\WINDOWS\System32\mmcndmgr.dll
MD5: d2cb96f7d1b96ebf6b153f05921b82e1 C:\WINDOWS\system32\msfeeds.dll
MD5: 855f6333e3a4dfc6f3c8b0520c261fcd C:\WINDOWS\system32\msftedit.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: c52ce534397e1d3a442fb4c88a3cbe42 C:\WINDOWS\system32\msonpmon.dll
MD5: 4774d83be60b7f47c612e25d6fe0f010 C:\WINDOWS\system32\MSSHooks.dll
MD5: 6e914eedd145c5acce56f4d5f3d606fc C:\WINDOWS\system32\mssph.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\WINDOWS\system32\MSVCP100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\WINDOWS\system32\MSVCR100.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll
MD5: bbdfdbead1b7a1cfd44bfffd177fb627 C:\WINDOWS\system32\mucltui.dll
MD5: a1226c81b5dc433cc6a6ca28d84ac303 C:\WINDOWS\system32\mycomput.dll
MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\netapi32.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\system32\NETSHELL.dll
MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe
MD5: adc539f67d3198679f480974ee203678 C:\WINDOWS\system32\npDeployJava1.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 11e9ef7dc6ed377db1a98f4d0fcbe983 C:\WINDOWS\system32\NTMSAPI.dll
MD5: 1df175698ca61d738e8a0e872328086d C:\WINDOWS\system32\ntmsmgr.dll
MD5: d6b5a2966a6ce9ed29c58b56a51839f0 C:\WINDOWS\system32\nvapi.dll
MD5: c39b824a30118e308d575d6507467d10 C:\WINDOWS\system32\NvCpl.dll
MD5: 3b556a0dd75ee786f8e1963e9770f760 C:\WINDOWS\system32\NvMCTray.dll
MD5: 30cb85790a3c70ae45c88e28ba6397c2 C:\WINDOWS\system32\nvsvc32.exe
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: d59a7119054d70fc745a1bf9c06dcc65 C:\WINDOWS\system32\oeph.dll
MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\OLEACC.dll
MD5: eff03460e542eea6b0abdec6bf19c897 C:\WINDOWS\system32\OLEAUT32.dll
MD5: f1dac7969c1337af790bd1d981aa780c C:\WINDOWS\system32\qmgrprxy.dll
MD5: b8ae25c09b8c26ff72820430294e4ef6 C:\WINDOWS\system32\RASSAPI.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll
MD5: 87889a983c015080fa813d7e32910d1e C:\WINDOWS\system32\searchfilterhost.exe
MD5: c4894b3b448b647bedc9e916d181bdbe C:\WINDOWS\system32\searchprotocolhost.exe
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll
MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: b6a31666905b58ac4819b3f55979ff71 C:\WINDOWS\system32\smlogcfg.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: 79ed352549eb6d5b1a454916c37d2e85 C:\WINDOWS\system32\UNCPH.dll
MD5: 5c4adb808b54126c1ed2fba0eae06c63 C:\WINDOWS\system32\upnpui.dll
MD5: 674540915241f737300b604ee811a139 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: 7943a80f1a6fd37969aacd411b511f91 C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll
MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
MD5: 5c4aac5a91422c95522ecc6c26fb93c8 C:\WINDOWS\system32\WININET.dll
MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 69ae2b2e6968c316536e5b10b9702e63 C:\WINDOWS\system32\winsrv.dll
MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 3a6d465f379e5c815f4ad565391e654c C:\WINDOWS\system32\wshext.dll
MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\WINDOWS\system32\wuauclt.exe
MD5: c31dd4cec06d2908ae5f212a0b13805b C:\WINDOWS\system32\wuaucpl.cpl
MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll
MD5: c88c65df1ed4dfd34cfbd11cdfe519a3 C:\WINDOWS\system32\wucltui.dll
MD5: 5caf91e865fe0c85048a233e594544d2 c:\windows\system32\WUDFPlatform.dll
MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll
MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\XmlLite.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL
MD5: 28a09777d2d952122567a8a82f1a2c7b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80ENU.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll
MD5: 43896bb5bd2500709033d57dd37ae7b6 e:\program files\idm\quickfind\plugins\iehelp.dll


No file uploaded.

Scan finished - communication took 5 sec
Total traffic - 0.03 MB sent, 0.87 KB recvd
Scanned 797 files and modules - 66 seconds

==============================================================================

  • 0

#22
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your logs now appear clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programs we have used plus itself. Allow it to reboot when it asks.


Now that you are clean, to help protect your computer in the future I recommend that you keep the following free programs:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean



Keep Java Updated

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)




Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

Uninstall all previous versions.
Download the latest version from: http://www.adobe.com.../readstep2.html

The McAfee Scan is offered with the update, make sure to uncheck it. You do not need this product.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.



Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link



It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit


To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe

Now after completing these steps please start a topic in the Windows XP forum to deal with the question mark and the install that you are having trouble installing. Please provide them a link to this topic in your first post.


Regards,

CompCav
  • 0

#23
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
I have download many versions of combofix over the years and in my C disk there are many folders named combofix with numbers e.g. combofix_5, combofix 7 combofix 10, what to do about those?
  • 0

#24
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
If the uninstall does not take them out then just delete them manually.
  • 0

#25
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
Thank you for your help , CompCav you are a friend in need. :D


I had a few notes to share with you

  • My problems started when I found out internet download manager cannot download the newly posted videos on youtube and a friend suggested Keepvid.com which prompted me for a Java install which I download from the official site but I think that site is fishy now.
  • I uninstalled the yellow question mark thinking it would start afresh when I reboot and maybe things would work better on the next time but that did not happen and now it is totally gone.
  • When OTL rebooted my pc on the last time , it took the icons about a minute to show up.

Edited by blink10, 03 June 2013 - 05:16 PM.

  • 0

Advertisements


#26
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
The icon delay is caused by deleting of temp items and the longer initial reboot to full operation is normal.
  • 0

#27
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
thanks CompCav Posted Image , you rock , I will take your advise on the 24 hours testing period
  • 0

#28
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Good, thanks for the note.
  • 0

#29
blink10

blink10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 225 posts
On rebooting today, it took a minute a and a half for the icons to show up on desktop again.
I could not open any site on chrome.
Had to use Rkill to see what is going and this is the log




Rkill 2.4.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 06/04/2013 01:58:31 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t



Program finished at: 06/04/2013 01:58:53 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)



This one is back

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]






Hosts file is acting weird again.

: : 1 l o c a l h o s t




I removed the latter entry from hosts and reinstalled SAS to use its internet settings repairs to be able to get online again
  • 0

#30
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    BASESERVICES
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RpcSs /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RPCSS /s
    %SYSTEMDRIVE%\*.exe
    C:\windows\*. /RP /s
    dir C:\ /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt
  • Post the log

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP