Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer hacked

Started by janji , Feb 09 2015 05:42 AM

  • Please log in to reply

#166
janji
Posted 07 March 2015 - 03:27 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Hi Ron, here are the scan results:

C:\Users\All Users\Spybot - Search & Destroy\Recovery\Pricepeep14.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Pricepeep17.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Pricepeep20.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Pricepeep9.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO14.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO32.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO44.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO56.zip    Win32/Bagle.gen.zip worm    
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip    Win32/Bagle.gen.zip worm    
C:\ProgramData\Spybot - Search & Destroy\Recovery\Pricepeep14.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Pricepeep17.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Pricepeep20.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Pricepeep9.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO14.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO32.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO44.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO56.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip    Win32/Bagle.gen.zip worm    cleaned by deleting - quarantined
C:\Users\User\Downloads\nero7PremiumReloaded.exe    Win32/Toolbar.AskSBar potentially unwanted application    deleted - quarantined


  • 0

Advertisements

#167
janji
Posted 07 March 2015 - 03:39 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Bitdefefender Quick Scan:


QuickScan 32-bitv0.9.9.140
--------------------------
Überprüfungsdatum:  Sat Mar 07 22:35:37 2015
Computer ID: 3C45F045



Keine Infizierungen gefunden.
-----------------------------



Prozesse
--------
(unsigniert) Screen Highlighter                       3960    C:\Program Files\Screen Highlighter\shl.exe
(unsigniert) Stay On Top                              2236    C:\Program Files\Stay On Top\StayOnTop.exe

(verifiziert) Akamai NetSession Client                 2864    C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(verifiziert) Akamai NetSession Client                 3536    C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(verifiziert) Amazon Music Helper.exe                  2200    C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe
(verifiziert) avast! Antivirus                         2140    C:\Program Files\AVAST Software\Avast\AvastUI.exe
(verifiziert) DivX Update                              2228    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(verifiziert) Dropbox                                  2376    C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(verifiziert) Firefox                                  2592    C:\Program Files\Mozilla Firefox\firefox.exe
(verifiziert) Firefox                                  5176    C:\Program Files\Mozilla Firefox\plugin-container.exe
(verifiziert) iTunes                                   2328    C:\Program Files\iTunes\iTunesHelper.exe
(verifiziert) Kies                                     4040    C:\Program Files\Samsung\Kies\Kies.exe
(verifiziert) Kies TrayAgent                           2272    C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(verifiziert) Microsoft® Windows® Operating System     1780    C:\Windows\explorer.exe
(verifiziert) Microsoft® Windows® Operating System     3492    C:\Windows\System32\dllhost.exe
(verifiziert) Microsoft® Windows® Operating System     1760    C:\Windows\System32\dwm.exe
(verifiziert) Microsoft® Windows® Operating System     3560    C:\Windows\System32\wbem\unsecapp.exe
(verifiziert) RoboForm                                 2680    C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(verifiziert) Secunia PSI Tray                         2244    C:\Program Files\Secunia\PSI\psi_tray.exe
(verifiziert) Skype                                    3836    C:\Program Files\Skype\Phone\Skype.exe
(verifiziert) Spotify                                  3128    C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(verifiziert) Synaptics Pointing Device Driver         1600    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(verifiziert) Windows® Search                          3184    C:\Windows\System32\SearchProtocolHost.exe


Netzwerkaktivität
-----------------
Vorgang Amazon Music Helper.exe (2200) verbunden mit Anschluss 443 (HTTP over SSL) --> 72.21.215.34
Vorgang Dropbox.exe (2376) verbunden mit Anschluss 443 (HTTP over SSL) --> 108.160.162.99
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 178.63.3.181
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 188.125.93.156
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 31.13.70.1
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 178.63.3.181
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 23.50.107.27
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 173.194.116.100
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 173.194.116.100
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.101
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 173.194.116.101
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 2.22.61.10
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 2.22.61.10
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.117
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 216.58.211.45
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 74.125.136.95
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.117
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.113
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.112.190
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.111
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.120
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 173.194.116.108
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 185.45.5.32
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 23.50.107.27
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 23.50.107.27
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 104.28.29.94
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 104.28.29.94
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 104.28.29.94
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 104.28.29.94
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 74.125.136.154
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 2.17.223.139
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 74.125.136.157
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 74.125.136.157
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 2.22.242.44
Vorgang firefox.exe (2592) verbunden mit Anschluss 443 (HTTP over SSL) --> 2.17.210.110
Vorgang firefox.exe (2592) verbunden mit Anschluss 80 (HTTP) --> 2.16.62.223
Vorgang netsession_win.exe (3536) verbunden mit Anschluss 443 (HTTP over SSL) --> 213.248.117.223
Vorgang Skype.exe (3836) verbunden mit Anschluss 40021 --> 157.55.130.151
Vorgang Skype.exe (3836) verbunden mit Anschluss 12350 --> 157.56.116.202
Vorgang Skype.exe (3836) verbunden mit Anschluss 443 (HTTP over SSL) --> 157.56.126.195

Vorgang Dropbox.exe (2376) kontrolliert die Anschlüsse: 843, 17500
Vorgang netsession_win.exe (3536) kontrolliert die Anschlüsse: 49201
Vorgang Skype.exe (3836) kontrolliert die Anschlüsse: 80 (HTTP), 443 (HTTP over SSL), 32617


Autoruns und kritische Dateien
------------------------------
(verifiziert) Akamai NetSession Client                 C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(verifiziert) Amazon Music Helper.exe                  C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe
(verifiziert) avast! Antivirus                         C:\Program Files\AVAST Software\Avast\AvastUI.exe
(verifiziert) CCleaner                                 C:\Program Files\CCleaner\CCleaner.exe
(verifiziert) DivX Media Server Launcher               c:\program files\DivX\divx media server\divxmediaserver.exe
(verifiziert) DivX Update                              C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(unsigniert) FRXPRO                                   c:\program files\yourware solutions\freeram xp pro\freeram xp pro.exe
(verifiziert) Internet Explorer                        c:\Windows\System32\webcheck.dll
(verifiziert) iTunes                                   C:\Program Files\iTunes\iTunesHelper.exe
(verifiziert) KeyScrambler                             C:\Program Files\KeyScrambler\keyscrambler.exe
(verifiziert) Kies                                     C:\Program Files\Samsung\Kies\Kies.exe
(verifiziert) Kies TrayAgent                           C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(verifiziert) Microsoft Office 2010                    c:\program files\microsoft office\Office14\BCSSync.exe
(verifiziert) Microsoft Office 2010                    C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
(verifiziert) Nero AG NeroCheck                        C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
(unsigniert) QuickTime                                C:\Program Files\QuickTime Alternative\QTTask.exe
(verifiziert) RoboForm                                 C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(unsigniert) Screen Highlighter                       C:\Program Files\Screen Highlighter\shl.exe
(verifiziert) Secunia PSI Tray                         C:\Program Files\Secunia\PSI\psi_tray.exe
(verifiziert) Skype                                    C:\Program Files\Skype\Phone\Skype.exe
(verifiziert) Spotify                                  C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(verifiziert) Spotify                                  C:\Users\User\AppData\Roaming\Spotify\spotify.exe
(unsigniert) SuperAntiSpyware                         c:\program files\superantispyware\SASSEH.DLL
(verifiziert) Synaptics Pointing Device Driver         C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(verifiziert) Apple Push                               c:\program files\common files\Apple\apple application support\apsdaemon.exe
(verifiziert) Microsoft® Windows® Operating System     c:\Windows\System32\userinit.exe


Browser Plugins
---------------
(verifiziert) Adobe Acrobat                            C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
(verifiziert) Adobe Acrobat                            C:\Program Files\Internet Explorer\Plugins\nppdf32.dll
(verifiziert) Bitdefender QuickScan                    C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verifiziert) DivX Plus Web Player                     C:\Program Files\DivX\DivX Web Player\npdivx32.dll
(verifiziert) DivX VOD Helper Plug-in                  C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
(unsigniert) ffmpeg.exe                               C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\ffmpeg.exe
(unsigniert) gmpopenh264.dll                          C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\gmp-gmpopenh264\1.1\gmpopenh264.dll
(unsigniert) gmpopenh264.dll                          C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\gmp-gmpopenh264\1.3\gmpopenh264.dll
(unsigniert) Google Earth Plugin                      C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
(verifiziert) Google Update                            C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
(unsigniert) Happy Cloud Plugin                       C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
(unsigniert) i-drop control                           C:\Windows\Downloaded Program Files\IDrop.ocx
(unsigniert) i-drop control                           C:\Windows\Downloaded Program Files\IDropENU.dll
(verifiziert) IE Webrep plugin                         c:\program files\avast software\Avast\aswwebrepie.dll
(verifiziert) Internet Explorer                        C:\Windows\System32\ieframe.dll
(verifiziert) Java Deployment Toolkit 8.0.310.13       C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
(verifiziert) Java™ Platform SE 8 U31               c:\program files\Java\jre1.8.0_31\bin\jp2ssv.dll
(verifiziert) Java™ Platform SE 8 U31               C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
(verifiziert) Java™ Platform SE 8 U31               c:\program files\Java\jre1.8.0_31\bin\ssv.dll
(verifiziert) Lightshot                                C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\Lightshot.dll
(verifiziert) Lightshot                                C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\net.dll
(verifiziert) Lightshot                                C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\uploader.dll
(verifiziert) Microsoft Office 2010                    C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
(verifiziert) Microsoft Office 2010                    C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL
(verifiziert) Microsoft Office 2010                    c:\program files\microsoft office\Office14\URLREDIR.DLL
(verifiziert) npitunes.dll                             C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
(verifiziert) NPSWF32_16_0_0_305.dll                   C:\Windows\System32\Macromed\Flash\NPSWF32_16_0_0_305.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
(unsigniert) QuickTime Plug-in 7.7.6                  C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
(unsigniert) RealNetworks™ Chrome Background Exte  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
(verifiziert) RoboForm                                 C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
(verifiziert) RoboForm Plugin for Google Chrome/Opera  C:\Program Files\Siber Systems\AI RoboForm\Chrome\plugin\np-rf-plugin.dll
(unsigniert) Shockwave for Director                   C:\Windows\System32\Adobe\Director\np32dsw_1215155.dll
(verifiziert) Silverlight Plug-In                      c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
(verifiziert) Unity Player                             C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
(unsigniert) RealPlayer™ HTML5VideoShim Plug-In (  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

(verifiziert) Microsoft Office 2010                    C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
(verifiziert) Microsoft® Windows Live Login Helper     c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
(verifiziert) Microsoft® Windows® Operating System     C:\Windows\System32\mswsock.dll
(verifiziert) Microsoft® Windows® Operating System     C:\Windows\System32\NapiNSP.dll
(verifiziert) Microsoft® Windows® Operating System     C:\Windows\System32\nlaapi.dll
(verifiziert) Microsoft® Windows® Operating System     C:\Windows\System32\pnrpnsp.dll
(verifiziert) Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll
(verifiziert) Microsoft® Windows® Operating System     C:\Windows\System32\wshbth.dll
(verifiziert) Yahoo Application State Plugin           C:\Program Files\Yahoo!\Shared\npYState.dll


fehlende Dateien
----------------
Datei nicht gefunden: C:\Windows\system32\StickMen.scr
  --> HKCU\"SCRNSAVE.EXE"


Überprüfen
----------
MD5: 9df0c4f0cef60158614edd1b3ab441ee  C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
MD5: 9ea93673394601db13cf5519cf7f5de7  C:\Program Files\AVAST Software\Avast\1033\Base.dll
MD5: 38c2dffaf625f42ead1b79f6b3c80ea8  C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
MD5: 39d931c0ce95706e3951f0a097039301  C:\Program Files\AVAST Software\Avast\aavm4h.dll
MD5: 2d44ebd52ec34e25dda0eee07032c418  C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MD5: 38fc1d28b0e1ea74f98bb3f743db101a  C:\Program Files\AVAST Software\Avast\ashbase.dll
MD5: 0aa25a2f866fe94747b3ede7fe9faa77  C:\Program Files\AVAST Software\Avast\ashShell.dll
MD5: e4b7e7985cb75de4e48e96d35a0dbf97  C:\Program Files\AVAST Software\Avast\ashTask.dll
MD5: 95884e0e8eae21f7df7a8916a7e058cf  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MD5: 12b437cad5fc07b3b33ce1c1355bbcc6  C:\Program Files\AVAST Software\Avast\aswAra.dll
MD5: 3211e20da6c5ebe28cf7e4c3a55278e4  C:\Program Files\AVAST Software\Avast\aswAux.dll
MD5: 1ba6666ed0c7b576088a36e911199033  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MD5: b57fd7dd0faf85f737dc3d483a9d63bb  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MD5: 3ced666bc61431dcd928e03ed4abcaea  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MD5: 8d113c7490621ff50f9ba46c7d8c423e  C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
MD5: 7ebd87a09658779205891d08f37ab234  C:\Program Files\AVAST Software\Avast\aswData.dll
MD5: 77f8c2f976899f7656c5e34d145b13f2  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MD5: 847854c4c4332dc00665380dabc06c41  C:\Program Files\AVAST Software\Avast\aswjsscan.dll
MD5: 44574eafcdda003a22e4df3ea73840af  C:\Program Files\AVAST Software\Avast\aswLog.dll
MD5: 29fe98d9412388243e41869143d1805b  C:\Program Files\AVAST Software\Avast\aswProperty.dll
MD5: 1c9279122415243f236d337a09bf5360  C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
MD5: 6c636f85ae27b1b2c789599bb1136f9d  C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
MD5: c30beb2365677974efa19b791e1aad85  C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MD5: b60ff0cc532b9d3e28610f614cdedb64  C:\Program Files\AVAST Software\Avast\aswUtil.dll
MD5: 18774b66edf003f338a0802ff2b122e0  c:\program files\avast software\Avast\aswwebrepie.dll
MD5: 7486ba75019d8c3a13eba7867faabe7d  C:\Program Files\AVAST Software\Avast\avastIP.dll
MD5: 73f5c13b431915bae35254b4e95dfb71  C:\Program Files\AVAST Software\Avast\AvastSvc.exe
MD5: 26b558b2d31c7425b455b00e562ead93  C:\Program Files\AVAST Software\Avast\AvastUI.exe
MD5: 59fd0296e32362cd7a3e66a028b56b9a  C:\Program Files\AVAST Software\Avast\CommonRes.dll
MD5: 5c5e3afd499e5146fef1da5ef8a23205  C:\Program Files\AVAST Software\Avast\dbghelp.dll
MD5: 193be1a0e9488b90a5043dfdeb028a85  C:\Program Files\AVAST Software\Avast\defs\15030701\aswCmnBS.dll
MD5: 5b2ac165ae6bfee032017c96e505581a  C:\Program Files\AVAST Software\Avast\defs\15030701\aswCmnIS.dll
MD5: 5dff30dfd74f3b1ed9b530476766c640  C:\Program Files\AVAST Software\Avast\defs\15030701\aswCmnOS.dll
MD5: 3c8a310605dbbb3f17081e7f41f67f7c  C:\Program Files\AVAST Software\Avast\defs\15030701\uiext.dll
MD5: a9ff57ec69f8c593aa3712b3c8f02002  C:\Program Files\AVAST Software\Avast\HTMLayout.dll
MD5: 5be1cd443e2d6495e22cbb40d532e1f0  C:\Program Files\AVAST Software\Avast\icudt.dll
MD5: 0e3dbab333b4dab6e423b21df63ee963  C:\Program Files\AVAST Software\Avast\libcef.dll
MD5: 62cc8c657affea3d06fe2ca98883b5d8  C:\Program Files\AVAST Software\Avast\libeay32.dll
MD5: e1ddc372856277744bd6ea9dbbb60198  C:\Program Files\AVAST Software\Avast\snxhk.dll
MD5: 10505f2b5a89b60971192505824a5ef3  C:\Program Files\AVAST Software\Avast\ssleay32.dll
MD5: 870893f2365ca9d91d2ac7c0bd391868  C:\Program Files\CCleaner\CCleaner.exe
MD5: fc5b75ca6a1da31edd4f8d53f5540b98  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: f6fd367c9eaaedf90cd7a7952ae0b336  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: a7dddde163f16ab49df3de9eec715495  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 6953e980adca0be816c7ff463695499a  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: ff9831030678c7b6d70bac00f68f8976  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: a3609397ef273b03295dbb10274be12c  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 18301b40411b2108076ab685b4e4b6dc  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 78865abc5f5d13190f8b35bd9044714a  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: c28fd3b37b6f18751c99e6022a2a9782  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: a56ccbbfccedce2fd9c69fed24e035e3  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: a5299d04ed225d64cf07a568a3e1bf8c  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: ab781c0e4c09e08f464081d17c0f6184  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: d29457125756a4a6d1996bbc2f2322aa  C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MD5: 8112d0dacae746290fc87b3a980fa719  C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
MD5: d36107465e716cf2335a25c54b6d11c2  C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
MD5: 2f7b3763ffb3bc3d0480408f5dae06a0  C:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll
MD5: bbcca29684e7c80b7ae4f5680edf6fa8  c:\program files\DivX\divx media server\divxmediaserver.exe
MD5: 79039398587f475ada606d1a3b740a63  C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
MD5: 16afb34618e1286ff856dc600ac49c79  C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MD5: 86f62f50808d7f4785a98832d1ed3ad6  C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MD5: 2f9659f4da0042875fc33af930925dae  C:\Program Files\DivX\DivX Web Player\npdivx32.dll
MD5: 5b92cb0a3eee50f6b9ae036b4f9b0f0c  C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
MD5: 98137411b9c632095f919e2ce70b288a  C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
MD5: 51508f0c2476177e50c31b0bbfbf1bdb  C:\Program Files\Google\Update\GoogleUpdate.exe
MD5: 77ed10c64f9de2bf3f4f0b92541422f6  C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
MD5: 7a97848fe7c47f9390427ebddd92f9f1  C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
MD5: 5cb01fd5aa4885bc4811433b54393af2  C:\Program Files\Hotspot Shield\bin\hsswd.exe
MD5: 8cf7579967b8f3e55e583b1287dc6caf  C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 0806948270d853b709ccbbf38af167e4  C:\Program Files\Internet Explorer\Plugins\nppdf32.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
MD5: afae500700277eacfbebcbc7db15cd49  C:\Program Files\Internet Explorer\sqmapi.dll
MD5: bc0ea61246f8d940fbc5f652d337d6bd  C:\Program Files\iPod\bin\iPodService.exe
MD5: 7b845bfe314509d08ab5865cb141e332  C:\Program Files\iTunes\iTunesHelper.dll
MD5: 4affdcaadcb1dbbffaf06c7f82e7f6fc  C:\Program Files\iTunes\iTunesHelper.exe
MD5: 9dee004269dadee715bd572410aa6076  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
MD5: a7146c0c90d7ba0f251ac073e655d4d2  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
MD5: c1680c34de8a405c8829ab93236576fd  C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: b66b4d28d7d0c6322ff235c782cd6b76  C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
MD5: da41fc2ea6e979d147258ab053e2d136  c:\program files\Java\jre1.8.0_31\bin\jp2ssv.dll
MD5: 225d76851efc6144b4bad941b3e8989d  C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
MD5: 7c15112aeb2a24a7b21fa7a534c083c5  c:\program files\Java\jre1.8.0_31\bin\ssv.dll
MD5: 77c980c97a17d31b21cccd3f2ed823cb  C:\Program Files\KeyScrambler\keyscrambler.exe
MD5: dc774f17267f7fb08c8896e9d0350106  C:\Program Files\KeyScrambler\KeyScramblerIE.dll
MD5: 48091a2374a69f473273c44951195452  C:\Program Files\LSI SoftModem\agrsmsvc.exe
MD5: fe89671d870acac23afc9becd4a0137d  C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll
MD5: 187f4c75a89e3f412322c94526320074  c:\program files\microsoft office\Office14\BCSSync.exe
MD5: feb6f2493eb75f0bfcf23d7ad618c3ae  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
MD5: 30f88258703d26127258f4b23b150d41  C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
MD5: e04a1418b6caa33ef61f7b4ae826fc94  c:\program files\microsoft office\Office14\URLREDIR.DLL
MD5: 893bf7d2261c56c24f813405d9d018e0  c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
MD5: 11458cff03c51c38b7a118e69b526242  C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
MD5: f51d682701b303ed6cc5474ce5fa5aaa  C:\Program Files\Mozilla Firefox\firefox.exe
MD5: 6ef01d8e9e8870e3d37b253ecf378cc3  C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: 02a3ea8fd7e07ccdd97072b4c927dc87  C:\Program Files\Mozilla Firefox\icudt52.dll
MD5: 34ff4d90fdb5dce8215e546db40f9aaa  C:\Program Files\Mozilla Firefox\icuin52.dll
MD5: 5ff363144d9dd3e5988cee18bca8a717  C:\Program Files\Mozilla Firefox\icuuc52.dll
MD5: 6415bb0fc601d693472d901814f62a8d  C:\Program Files\Mozilla Firefox\mozalloc.dll
MD5: 5a90f838596b9feefbcf6badd637712d  C:\Program Files\Mozilla Firefox\mozglue.dll
MD5: fd5cabbe52272bd76007b68186ebaf00  C:\Program Files\Mozilla Firefox\msvcp120.dll
MD5: 034ccadc1c073e4216e9466b720f9849  C:\Program Files\Mozilla Firefox\msvcr120.dll
MD5: 59ce38aa9ae8f9c875e4e1568c193b45  C:\Program Files\Mozilla Firefox\nss3.dll
MD5: d242523f52dc5865b11b73c776a34c7a  C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: 2b3e5068e21c229118843187f01b30ba  C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: 7799d7a7f1e8da3ae35c9fa828c32995  C:\Program Files\Mozilla Firefox\plugin-container.exe
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: d937a4645eff8cb4f123e3c899c052b2  C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: fe1da93256f577a803934ccf193c9dbc  C:\Program Files\Mozilla Firefox\sandboxbroker.dll
MD5: 106822c3ee693defd56824cb010cc830  C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: 0f81ee227b9d0fca27eda80dc4a2b06e  C:\Program Files\Mozilla Firefox\xul.dll
MD5: 81e8af6407ec3f41908fe37f054353ea  C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
MD5: fe64c4a6f965b07dac81b163b3665e35  C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll
MD5: ecfebf7b6958d610f7cfab8dbf9e028f  C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
MD5: 967efa208cc26914f105b520e09edd20  C:\Program Files\Notepad++\NppShell_06.dll
MD5: 271b0d188430670509cb9943d5229205  C:\Program Files\QuickTime Alternative\QTTask.exe
MD5: a6ce73469591554279da63be715dbc93  C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
MD5: cdcfa5fcfbc13f745969bb0aaee7bb99  C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
MD5: a5cd01e755b3d2f9f660cebf99153a74  C:\Program Files\Samsung\Kies\AMG.Lasso.dll
MD5: f6d88f53efe8fb6ec6da6ac6951d67db  C:\Program Files\Samsung\Kies\Common\Interop.DevFileServiceLib.dll
MD5: 9f6136df2c9ebd443e477aa855e9a24f  C:\Program Files\Samsung\Kies\Common\Interop.MP3FileInfoCOMLib.dll
MD5: 0917f9d6b1c9c1d46134571c58476e6c  C:\Program Files\Samsung\Kies\Common\Interop.OGGFileInfoCOMLib.dll
MD5: d9131c876110780d860b68522271bbd5  C:\Program Files\Samsung\Kies\Common\Interop.P3MPINTERFACECTRLLib.dll
MD5: 910064ee22c8e515c14aef83ff37c02c  C:\Program Files\Samsung\Kies\Common\Interop.PRPLAYERCORELib.dll
MD5: 3e8fda791a00206c4c198ec4a51ac482  C:\Program Files\Samsung\Kies\Common\Kies.Common.AllShare.dll
MD5: f38bcc7c304e9f3e090c6258a24bdf1d  C:\Program Files\Samsung\Kies\Common\Kies.Common.CRMManager.dll
MD5: d8de33eeaa926aa7774b9bff677345cd  C:\Program Files\Samsung\Kies\Common\Kies.Common.DBManager.dll
MD5: 4fdaee44d8793b6cb35395eb67a5e5d7  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceService.dll
MD5: b6930d3b4f30e0f56ba5658990d1108b  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.DeviceDataService.dll
MD5: df244950deb03231fc6187dccf678a24  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.DeviceManagement.dll
MD5: 944c7eb0630259a245fba5f39a7802f2  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FileService.dll
MD5: 366e5a5104e9fbc7cf31b56ed72d29ec  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.dll
MD5: 985d69eff59385b7461aaf8344005d12  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
MD5: ed909f50870a6898fefb6f80f70c2f30  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.dll
MD5: 2e14db49b7dc3dff744e31e25036979f  C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
MD5: d94cbe29b61ee0606af16397676fcb56  C:\Program Files\Samsung\Kies\Common\Kies.Common.MainUI.dll
MD5: c8062dcd52260c75acd7db27721aa644  C:\Program Files\Samsung\Kies\Common\Kies.Common.MediaDB.dll
MD5: ca9e8b047dd9eeacf87eaba5354055b4  C:\Program Files\Samsung\Kies\Common\Kies.Common.Multimedia.dll
MD5: 7df4f4f396337a7d1d2595998effe919  C:\Program Files\Samsung\Kies\Common\Kies.Common.StoreManager.dll
MD5: 8cbb3860288730839d26181467896950  C:\Program Files\Samsung\Kies\Common\Kies.Common.Util.dll
MD5: 9481918e8a43376731104fbddf5a997b  C:\Program Files\Samsung\Kies\Common\Kies.Interface.dll
MD5: b27a2cb514c1a18a7485b2fd2b7bd2ad  C:\Program Files\Samsung\Kies\Common\Kies.UI.dll
MD5: ff52dbbcfbc1cab87859419083aa88ae  C:\Program Files\Samsung\Kies\DummyStorePlugin.dll
MD5: 34d2c92c8db9330d9480a740d0a31be9  C:\Program Files\Samsung\Kies\External\CabLib.dll
MD5: d8b0a2fb3b3af706eb60163ddc0fc732  C:\Program Files\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MD5: 456f5a7ba34a815fde87acf20a7322f0  C:\Program Files\Samsung\Kies\External\GongSolutions.Wpf.DragDrop.dll
MD5: e9067797a1034bf10e8b725e1a276b7d  C:\Program Files\Samsung\Kies\External\MACSSDK.dll
MD5: 066eeb52a3fe535bd89d4d76aa68777b  C:\Program Files\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
MD5: 21d7ed93ada291123f22712957f530c2  C:\Program Files\Samsung\Kies\External\MediaModules\Bass.Net.dll
MD5: 56e013e924822c9d02329b15b03ede73  C:\Program Files\Samsung\Kies\External\Microsoft.WindowsAPICodePack.dll
MD5: 6d8deb7be7360761fd43ec9ddcaa0811  C:\Program Files\Samsung\Kies\External\Microsoft.WindowsAPICodePack.Shell.dll
MD5: 9df11111abd2c517fb631415976d5ca4  C:\Program Files\Samsung\Kies\Interop.DeviceSearchLib.dll
MD5: 659474582c6e060dbd8ffff97dc892c5  C:\Program Files\Samsung\Kies\Kies.exe
MD5: fdb2fb392b20797af3f4ed9d7699938e  C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MD5: ec8f242b967894eb2d21e7e8257ce135  C:\Program Files\Samsung\Kies\Locale\Kies.Locale.dll
MD5: 1abd3f012e390fd5b80d597842d26a74  C:\Program Files\Samsung\Kies\MVVM\Kies.MVVM.dll
MD5: 6c4172c115cb028c1580a4f8c9f58b33  C:\Program Files\Samsung\Kies\Plugins\BATPlugin\BATPlugin.dll
MD5: caf0c01e0bb58ff8be13cd65b7d72485  C:\Program Files\Samsung\Kies\Plugins\ContentsManagerLib\Kies.Plugin.ContentsManagerLib.dll
MD5: 6be4bb54f728e8b487fb0fac4e4e6753  C:\Program Files\Samsung\Kies\Plugins\DeviceCommonLib\DeviceCommonLib.dll
MD5: acb2c04a1b04dc230d1d1a1f8c5444ba  C:\Program Files\Samsung\Kies\Plugins\DeviceHost\DeviceHost.dll
MD5: 257f73a32335cc3f116968a5ee247dce  C:\Program Files\Samsung\Kies\Plugins\DeviceMusic\DeviceMusic.dll
MD5: c8615d8873bb05c851b6c6b744da8a08  C:\Program Files\Samsung\Kies\Plugins\DeviceMusic\DeviceStoryAlbum.dll
MD5: dfde79c9d4ca3ddd7b0bcfea11627685  C:\Program Files\Samsung\Kies\Plugins\DevicePhoto\DevicePhoto.dll
MD5: fdc9b2eb1c3188856154947aa433301b  C:\Program Files\Samsung\Kies\Plugins\DevicePodcast\DevicePodcast.dll
MD5: a27a931bf1a6020327566dfc29e4fbaa  C:\Program Files\Samsung\Kies\Plugins\DeviceVideo\DeviceVideo.dll
MD5: 8e11b10a334f16e52e64a4057c295f1f  C:\Program Files\Samsung\Kies\Plugins\EBookManager\StoryAlbumManager.dll
MD5: 27d20825311a74c7537e90e313bb5dd7  C:\Program Files\Samsung\Kies\Plugins\MusicManager\MusicManager.dll
MD5: 4565e08f6fb44d465bdb0a11d30a4e49  C:\Program Files\Samsung\Kies\Plugins\Phonebook\Phonebook.dll
MD5: 2bffdc67ae18f7d9f2133793f78089f0  C:\Program Files\Samsung\Kies\Plugins\PhotoManager\PhotoManager.dll
MD5: 4375daf8499df3a6c57e186974755c51  C:\Program Files\Samsung\Kies\Plugins\Podcaster\Podcaster.dll
MD5: 96a1e01a6d46b978945842b46aff1df3  C:\Program Files\Samsung\Kies\Plugins\VideoManager\VideoManager.dll
MD5: 5eee5470d53fdd42a3315064a7be6789  C:\Program Files\Samsung\Kies\Theme\Kies.Theme.dll
MD5: ddda1d6e80c2ba567780389efe34dbb8  C:\Program Files\Screen Highlighter\shl.exe
MD5: d2c618bc5394d6d91d148556f22016a5  C:\Program Files\Secunia\PSI\psi_tray.exe
MD5: da6c0e0b15cd0b135fd385aeabae3a4c  C:\Program Files\Secunia\PSI\psia.exe
MD5: 71761edc432a0e39cf621105884e738e  C:\Program Files\Secunia\PSI\sua.exe
MD5: aa8bd0ddfa29ddbe7cfa7f66f8e0e43c  C:\Program Files\Siber Systems\AI RoboForm\Chrome\plugin\np-rf-plugin.dll
MD5: ffa89733474d0f6d1f891dddcd305065  C:\Program Files\Siber Systems\AI RoboForm\Firefox\rf-firefox.dll
MD5: e542c35d8a13db195d0c87ccc59a8895  C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
MD5: 656e8d7016caca15d831bcc5d1c16fb3  C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
MD5: 7d6e1809c844b1d2aa02b6dcf1950084  C:\Program Files\Skype\Phone\Skype.exe
MD5: dde51467cb93f6415cc7df4988fdfaa0  C:\Program Files\Skype\Updater\Updater.dll
MD5: a9c057a9463c25490cf99ea8df8a4b35  C:\Program Files\Skype\Updater\Updater.exe
MD5: c2708eab99b2ec0ecead5686e082fcc7  C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe
MD5: 7a93a53cfafad3e384316e1c8797ea59  C:\Program Files\Stay On Top\StayOnTop.exe
MD5: 72d6d8e2d4f82c6e829125c7ec2a88f9  C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
MD5: 76c460cf51f482783932425f27de6524  C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
MD5: 77b9fc20084b48408ad3e87570eb4a85  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
MD5: 2975c66459c426c20bc22d639df6b611  c:\program files\superantispyware\SASSEH.DLL
MD5: 94444693ea13a72f6820dff844a1122e  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: 667f078955a93fe382f74d5f109dfe31  c:\program files\yourware solutions\freeram xp pro\freeram xp pro.exe
MD5: 4c07b5286d129dfd25c24b4a31b9b888  C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
MD5: 555e65306a5d3a5978be74e1dd62cdd9  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
MD5: e32771b0ae3f18ceffc12d682025238a  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: d6e2ed7f1f7be7ccb8676491bf950b57  C:\Users\User\AppData\Local\Akamai\netsession_win.exe
MD5: 674c18bdc0eabe1c9fd363459759ca5b  C:\Users\User\AppData\Local\Amazon Music\Amazon Music Helper.exe
MD5: 057631047016a448b842b96e872b132b  C:\Users\User\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphd7k3g.dll
MD5: 65c1d9f74004e775f9a8598476abe5ee  C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
MD5: b5e6433a4cbc10c019bd24452e79d054  C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
MD5: a659adbc53a82f558cb5059454554675  C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
MD5: 5f8a80a099b06e8e702fc66ae202530e  C:\Users\User\AppData\Roaming\Dropbox\bin\icudt52.dll
MD5: a26965e279b027c4c14d5d1d897b0d14  C:\Users\User\AppData\Roaming\Dropbox\bin\icuin52.dll
MD5: 04e82c36f8f4a3308572365816568d39  C:\Users\User\AppData\Roaming\Dropbox\bin\icuuc52.dll
MD5: 4fe8556761795a11bc0790d1c02ecce7  C:\Users\User\AppData\Roaming\Dropbox\bin\libEGL.dll
MD5: 853151d26cd83d92a7b9f90e37d01cb7  C:\Users\User\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MD5: 4fe0ffcecbb4e4907a8afce14b5889a1  C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
MD5: 474c542c4d35524ad9b4be7d170ecdb9  C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MD5: b5718c3938162bfaff76a4abf197de55  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5core.dll
MD5: 39d86228a022b00d5a58515811f775c5  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5Gui.dll
MD5: 3fd828099812dd03c308b5c8e3ff4072  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5Network.dll
MD5: fd449bfc8c8a1b6b1b92b0186275b46d  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll
MD5: e362c7f8e20698cd717288c1cce8cc50  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll
MD5: 21f6b421890bcf60c631729b5d6f8f39  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5QML.dll
MD5: 4e271cb8b416699802692a6dff916137  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5Quick.dll
MD5: 6b3929458b5a96d1d5b6f825292fb175  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5Sql.dll
MD5: 9544a6e65817ce47c1fa5a3130093e14  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5Webkit.dll
MD5: 35ab62c39e8cc3f5274a521fc8304a3a  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5WebkitWidgets.dll
MD5: 9fee3ef254557ea2d4e667ccf79bd822  C:\Users\User\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll
MD5: 3fdb681b63aca59c761554794f583a95  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\Lightshot.dll
MD5: 803968326a93f803a1d26978978171e4  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\net.dll
MD5: b8a97894904007f0b3253957b7769ac3  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\uploader.dll
MD5: 4e7d4a67e774addd7fd68b20692a0af5  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: b21d7acf07e5e6ffdc66fa2af23f8f84  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\ffmpeg.exe
MD5: 7cc4965741508bb6ac40e366f5190cf0  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\gmp-gmpopenh264\1.1\gmpopenh264.dll
MD5: fa0e6fec79fa41c6744e1e03a1401154  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rcdgk3lo.default\gmp-gmpopenh264\1.3\gmpopenh264.dll
MD5: 08dfa176e4fc0e63acd8ec854449d2b0  C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MD5: 0431b48cf752d88c33c4ba39ba64ccb2  C:\Users\User\AppData\Roaming\Spotify\spotify.exe
MD5: f78161ff5a78a1e3d32a571497ef5e1d  C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6815ff93472d008087880a6462931188\ASF_cSharpAPI.ni.dll
MD5: 7b376dae1cc6a1d88a4cdaad93200ef2  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\2b021b44a12d8f5e96419e8a4753b75c\Kies.Common.AllShare.ni.dll
MD5: 16cc9758cd3738fa3c031a205a1a2275  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\36b4a07e7d75060d17fa1434112ce540\Kies.Common.Util.ni.dll
MD5: 3886287b2c62242e5506f5ac8d106719  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common23b84511#\94ae9c227c6e849104021151e7852b3a\Kies.Common.Multimedia.ni.dll
MD5: 77c3575c2c601d61bb3a7cb7cfba831d  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\086a6d7a1b67ee702557defcde5f85b5\Kies.Common.DeviceServiceLib.Interface.ni.dll
MD5: 5773434755829fc3c5a2fed913c515ee  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\7ae553ac4ee0e4fb83922ea9354885a1\Kies.Interface.ni.dll
MD5: 8d39c8ae7573b1366af04c10a7d5c10e  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\22095b113f6ed520e5fa3ce3985ca8d0\Kies.Locale.ni.dll
MD5: 6447d1e23c03f4cd9f198f4a126a75bb  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\f1de49400c4567d381ba7e17b1b9c52a\Kies.MVVM.ni.dll
MD5: a92754dcfd15da02e94f639e634127c9  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\b863b058df2bc3ba024231c9ff597138\Kies.Theme.ni.dll
MD5: c7127c5457143c8fff1c149b48a0bacb  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\b07928f0c453603bea895b4ce2ee168d\Kies.UI.ni.dll
MD5: 3f9bb467ef82d313eb2c51486576d34a  C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\6350f16ac061927b7cbb8f7028df6bc7\Kies.ni.exe
MD5: c1f1e53851faa7e029cfa07daf9a5e81  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MD5: 98af3a8430a1d01a14f2f8c48c03013b  C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MD5: f27763800ce191cb5eff9ae204b2338c  C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MD5: d89f78736feafeeedf12de2895fb2779  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MD5: 68580aef5f1529e493f5de41622d0c92  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MD5: c0d08920a417180750a2ac2a49411356  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\11650ce4aad4575fc146aa66a575bcb7\System.Runtime.Remoting.ni.dll
MD5: d3f2f4e40e7552b978516895f0ee4400  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll
MD5: 6118105f2d09953430437f9bf05bd704  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MD5: d9747507d0885342b3d94c3fa4a784ed  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MD5: 311c2664fa7b215b31345469d7b143c6  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MD5: 22edf349abfb29e711e51db0295a25de  C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MD5: 939c55888688a44d0f2c0fc8591a71ae  C:\Windows\Downloaded Program Files\IDrop.ocx
MD5: 5918152f72762cd74e6bbb7495a7a14e  C:\Windows\Downloaded Program Files\IDropENU.dll
MD5: f13ec8a783e0cb0d6dc26a3ca848b7b8  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
MD5: 3e9213a2a050bf429e91898c90f8b4e3  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
MD5: 9d768c43fef254dd50b1dbf8ad5c4c0b  C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
MD5: 8e2242bb3cb7a632a8cf22bde2a41ae1  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: 5e3c0e5ffda48c5da35bbfb8efff8066  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: e87213f37a13e2b54391e40934f071d0  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
MD5: 71ecc01f9928873a5deb5b475c0f2429  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MD5: 21318671bcad3acf16638f98d4d00973  C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
MD5: ae839020fee052598f096942c8002c73  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MD5: 76c2a3b47fe220e027697cdef63a72c9  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MD5: b57053cd59114d36952461ee638d3784  C:\Windows\System32\acppage.dll
MD5: 521b748a7f9923302ca18b7e6aa2eeae  C:\Windows\System32\activeds.dll
MD5: 9e2acefa9a03fa35133459b0f8613b40  C:\Windows\System32\Adobe\Director\np32dsw_1215155.dll
MD5: 3e709f7bfa217cd3b6fc338780465e20  C:\Windows\System32\adsldp.dll
MD5: 459c0fff8ff5eb4e8df7e2efdcb28de1  C:\Windows\System32\apf003.sys
MD5: 6a13b4f3b3f575f1e24b877b9359aaba  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 89b6fa43b68a373b304dfb8f6776b255  C:\Windows\System32\appidsvc.dll
MD5: 363150da82c3360aaacda223dc5b9dad  C:\Windows\System32\atidxx32.dll
MD5: 23db9895ddd1ec9fff469f7bb339973d  C:\Windows\System32\atiesrxx.exe
MD5: 0c078dc16592e6c5f577805a028be5b4  C:\Windows\System32\atiu9pag.dll
MD5: c8cdd0b4015ffdca6a009aa908ba8d7f  C:\Windows\System32\atiumdag.dll
MD5: 6e0b0d692949390a106724643d45c340  C:\Windows\System32\atiumdva.dll
MD5: 9560908bb2e73e79ed0f99cbc23e0f1a  C:\Windows\System32\atiuxpag.dll
MD5: aa7325057a1e1cc401798c0b1238e182  C:\Windows\System32\AudioSes.dll
MD5: f4157b3cecf19b1c266c83aff051c97a  C:\Windows\System32\audiosrv.dll
MD5: 43cd23b65cbf04d6f8aca984b0ef93fe  C:\Windows\System32\authui.dll
MD5: 7a6986dd659b96398a11af5173892715  C:\Windows\System32\cabinet.dll
MD5: 8205e55dfb11809e5f2aad1c48840535  C:\Windows\System32\credssp.dll
MD5: 454bf1e3b844306e764adc0ea7b6e64c  C:\Windows\System32\crypt32.dll
MD5: 6b07ee9c7668d2c704563da838026828  C:\Windows\System32\cryptsp.dll
MD5: 623e143f2df17c0106a9988f5d7dc878  C:\Windows\System32\cryptsvc.dll
MD5: 6bb12a7ca8779d96334b258548b071f5  C:\Windows\System32\cryptui.dll
MD5: 14800bd31701a5047ac3145bb1e698ae  C:\Windows\System32\d2d1.dll
MD5: 79896a78039c9a63c56197843cfbad0b  C:\Windows\System32\d3d10warp.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6  C:\Windows\System32\d3d9.dll
MD5: d0b388da1d111a34366e04eb4a5dd156  C:\Windows\System32\drivers\afd.sys
MD5: 04b2587c961c084634054d60d3eb385b  C:\Windows\System32\drivers\amdsata.sys
MD5: c078b06811670b90a52ae51ac3808e1e  C:\Windows\System32\drivers\amdxata.sys
MD5: e499e422412ef37576092a52648db2b4  C:\Windows\System32\drivers\appid.sys
MD5: 3bfbb5dae801cb893b8b46345fed6437  C:\Windows\System32\drivers\aswHwid.sys
MD5: c3014c735f450fe822c97ffbb0627113  C:\Windows\System32\drivers\ASWMONFLT.sys
MD5: a4614218584e41c31c7d1cbff0432ed5  C:\Windows\System32\drivers\aswRdr2.sys
MD5: b7750af7edfd95674eb7ca92bcdd3358  C:\Windows\System32\drivers\aswRvrt.sys
MD5: 893d49b6342808e5a27491fd8f6df0ed  C:\Windows\System32\drivers\aswsnx.sys
MD5: 1aeb8cdb797666af709a291b47ae81e0  C:\Windows\System32\drivers\aswsp.sys
MD5: 83378ae48209388d0f9bd16a44d19eec  C:\Windows\System32\drivers\aswStm.sys
MD5: 90bee0170d70d6744cef2355eeaf8086  C:\Windows\System32\drivers\aswVmm.sys
MD5: cff86095f504e229790d8dd43f589b57  C:\Windows\System32\drivers\athr.sys
MD5: e868cc139495dce9fceaf0e63ff93f9c  C:\Windows\System32\drivers\AtihdW73.sys
MD5: 40c21f46b398efdf1971d93284b0f65b  C:\Windows\System32\drivers\atikmdag.sys
MD5: 32b287c8def8d21d34652ba0b666ff95  C:\Windows\System32\drivers\atikmpag.sys
MD5: 8f2da3028d5fcbd1a060a3de64cd6506  C:\Windows\System32\drivers\bowser.sys
MD5: 77361d72a04f18809d0efb6cceb74d4b  C:\Windows\System32\drivers\bridge.sys
MD5: c81e9413a25a439f436b1d4b6a0cf9e9  C:\Windows\System32\drivers\BTHUSB.SYS
MD5: 248dfa5762dde38dfddbbd44149e9d7a  C:\Windows\System32\drivers\BVRPMPR5.SYS
MD5: be167ed0fdb9c1fa1133953c18d5a6c9  C:\Windows\System32\drivers\cdrom.sys
MD5: 85449eebe8f8ebd6481efbf0f352b4eb  C:\Windows\System32\drivers\cng.sys
MD5: cbe8c58a8579cfe5fccf809e6f114e89  C:\Windows\System32\drivers\COMPOSITEBUS.sys
MD5: 3c2177a897b4ca2788c6fb0c3fd81d4b  C:\Windows\System32\drivers\csc.sys
MD5: f024449c97ec1e464aaffda18593db88  C:\Windows\System32\drivers\dfsc.sys
MD5: caefd09b6a6249c53a67d55a9a9fcabf  C:\Windows\System32\drivers\Dot4Prt.sys
MD5: cf491ff38d62143203c065260567e2f7  C:\Windows\System32\drivers\Dot4usb.sys
MD5: 3583a5a8cc2e682bffbd4630d0fec08b  C:\Windows\System32\drivers\dxgkrnl.sys
MD5: 7dae5ebcc80e45d3253f4923dc424d05  C:\Windows\System32\drivers\fs_rec.sys
MD5: 185ada973b5020655cee342059a86cbb  C:\Windows\System32\drivers\GEARAspiWDM.sys
MD5: 9036377b8a6c15dc2eec53e489d159b5  C:\Windows\System32\drivers\hdaudbus.sys
MD5: a5ef29d5315111c80a5c1abad14c8972  C:\Windows\System32\drivers\HdAudio.sys
MD5: 21e25622478be3b4becdf1213ba5cdc8  C:\Windows\System32\drivers\hssdrv6.sys
MD5: 871917b07a141bff43d76d8844d48106  C:\Windows\System32\drivers\http.sys
MD5: 5cd5f9a5444e6cdcb0ac89bd62d8b76e  C:\Windows\System32\drivers\iaStorV.sys
MD5: 4bd7134618c1d2a27466a099062547bf  C:\Windows\System32\drivers\IPMIDrv.sys
MD5: d9ca77a69473a93e40b7551a7de425a9  C:\Windows\System32\drivers\keyscrambler.sys
MD5: 4120da10aa42a9996f4575db9e3e6e6e  C:\Windows\System32\drivers\ksecdd.sys
MD5: 1e1845606c5a4579f7f3d95796cc1ed1  C:\Windows\System32\drivers\ksecpkg.sys
MD5: 3c7b3072c3c5cc23f5fd46f8dfda7480  C:\Windows\System32\drivers\massfilter_hs.sys
MD5: 8e2e9ccd873abf180f48bcaeeebe347d  C:\Windows\System32\drivers\MBAMSWISSARMY.sys
MD5: d8c0b2eb928d57c928522eff500c4ba8  C:\Windows\System32\drivers\mcvidrv.sys
MD5: 2d699fb6e89ce0d8da14ecc03b3edfe0  C:\Windows\System32\drivers\mpio.sys
MD5: 03f899f521d2aaed1c55008f734df252  C:\Windows\System32\drivers\mrxdav.sys
MD5: 5d16c921e3671636c0eba3bbaac5fd25  C:\Windows\System32\drivers\mrxsmb.sys
MD5: b81f204d146000be76651a50670a5e9e  C:\Windows\System32\drivers\mrxsmb20.sys
MD5: 55055f8ad8be27a64c831322a780a228  C:\Windows\System32\drivers\msdsm.sys
MD5: eb34ce31fabd4dc4343fd2ad16d2caf9  C:\Windows\System32\drivers\msiscsi.sys
MD5: d8a65dafb3eb41cbb622745676fcd072  C:\Windows\System32\drivers\ndisuio.sys
MD5: 38fbe267e7e6983311179230facb1017  C:\Windows\System32\drivers\ndiswan.sys
MD5: a4bdc541e69674fbff1a8ff00be913f2  C:\Windows\System32\drivers\ndproxy.sys
MD5: 280122ddcf04b378edd1ad54d71c1e54  C:\Windows\System32\drivers\netbt.sys
MD5: c8dff8d07755a66c7a4a738930f0feac  C:\Windows\System32\drivers\ntfs.sys
MD5: 4380e59a170d88c4f1022eff6719a8a4  C:\Windows\System32\drivers\nvstor.sys
MD5: 3f34a1b4c5f6475f320c275e63afce9b  C:\Windows\System32\drivers\partmgr.sys
MD5: 344d1fa0438a967f1a2baa42c86d6e19  C:\Windows\System32\drivers\PEAuth.sys
MD5: 68b57d7c11277ea89f78255480376b4d  C:\Windows\System32\drivers\psi_mf_x86.sys
MD5: d528bc58a489409ba40334ebf96a311b  C:\Windows\System32\drivers\rdbss.sys
MD5: b973fcfc50dc1434e1970a146f7e3885  C:\Windows\System32\drivers\rdpdr.sys
MD5: cd9214a6ae17d188d17c3cf8cb9cc693  C:\Windows\System32\drivers\rdpwd.sys
MD5: 518395321dc96fe2c9f0e96ac743b656  C:\Windows\System32\drivers\rdyboost.sys
MD5: 5283b9a27ff230f2ff70d92451ff409a  C:\Windows\System32\drivers\Rt86win7.sys
MD5: 09334bd37365eab5b687320dcc5ad7c7  C:\Windows\System32\drivers\RTKVHDA.sys
MD5: a43334b2e6561290b30bf95c6e7799c9  C:\Windows\System32\drivers\RtsUStor.sys
MD5: 05d860da1040f111503ac416ccef2bca  C:\Windows\System32\drivers\sbp2port.sys
MD5: 6d4ccaedc018f1cf52866bbbaa235982  C:\Windows\System32\drivers\sffp_sd.sys
MD5: bf302072dc8374cf4e118fd88aa817a2  C:\Windows\System32\drivers\SMARTDEFRAGDRIVER.sys
MD5: 03f0545bd8d4c77fa0ae1ceedfcc71ab  C:\Windows\System32\drivers\srv2.sys
MD5: be6bd660caa6f291ae06a718a4fa8abc  C:\Windows\System32\drivers\srvnet.sys
MD5: b575c523f537f24d66d31f8877e6bcab  C:\Windows\System32\drivers\ssudbus.sys
MD5: 24f5f92263e3b461a1105fe370d53d1c  C:\Windows\System32\drivers\ssudmdm.sys
MD5: 75a8ee6f0917ad9355367dbf25db8415  C:\Windows\System32\drivers\SWDUMon.sys
MD5: 5e5cab2be8f078dcd0d3bfe6ae87aa2e  C:\Windows\System32\drivers\taphss6.sys
MD5: 5579dd18546999f5d0ec39d018726c6b  C:\Windows\System32\drivers\tcpip.sys
MD5: 3eebd3bd93da46a26e89893c7ab2ff3b  C:\Windows\System32\drivers\tcpipreg.sys
MD5: 7fe680a3dfa421c4a8e4879ae4c5aab0  C:\Windows\System32\drivers\tdx.sys
MD5: a31246180e61140ad7ff9dd7edf1f6a1  C:\Windows\System32\drivers\tmcomm.sys
MD5: fd44fa80da03ea144153a76debbb61b4  C:\Windows\System32\drivers\TRUESIGHT.sys
MD5: 6c5139e4283249518f7743d7043775b3  C:\Windows\System32\drivers\tssecsrv.sys
MD5: c6a5fbd4977305e1fa23e02c042db463  C:\Windows\System32\drivers\TsUsbFlt.sys
MD5: d295bed4b898f0fd999fcfa9b32b071b  C:\Windows\System32\drivers\umbus.sys
MD5: 0803fba9fe829d61ae26ec0bcc910c46  C:\Windows\System32\drivers\usbccgp.sys
MD5: 2352ab5f9f8f097bf9d41d5a4718a041  C:\Windows\System32\drivers\usbcir.sys
MD5: d40855f89b69305140bbd7e9a3ba2da6  C:\Windows\System32\drivers\usbehci.sys
MD5: edf2df71c4f1e13a6ac75f5224de655a  C:\Windows\System32\drivers\usbhub.sys
MD5: 9828c8d14cc2676421778f0de638cf97  C:\Windows\System32\drivers\usbohci.sys
MD5: f991ab9cc6b908db552166768176896a  C:\Windows\System32\drivers\USBSTOR.SYS
MD5: 800aabfd625eeff899f7e5496bde37ab  C:\Windows\System32\drivers\usbuhci.sys
MD5: de014425522610bedca3821bb8c0f1d5  C:\Windows\System32\drivers\usbvideo.sys
MD5: 5461686cca2fda57b024547733ab42e3  C:\Windows\System32\drivers\vhdmp.sys
MD5: c2f2911156fdc7817c52829c86da494e  C:\Windows\System32\drivers\vmbus.sys
MD5: d4d77455211e204f370d08f4963063ce  C:\Windows\System32\drivers\VMBusHID.sys
MD5: 4c63e00f2f4b5f86ab48a58cd990f212  C:\Windows\System32\drivers\volmgr.sys
MD5: f497f67932c6fa693d7de2780631cfe7  C:\Windows\System32\drivers\volsnap.sys
MD5: 3c3c78515f5ab448b022bdf5b8ffdd2e  C:\Windows\System32\drivers\wanarp.sys
MD5: a67e5f9a400f3bd1be3d80613b45f708  C:\Windows\System32\drivers\winusb.sys
MD5: 06e6f32c8d0a3f66d956f57b43a2e070  C:\Windows\System32\drivers\WUDFPf.sys
MD5: 1c0e369575f387460e2a5f28269b2cc4  C:\Windows\System32\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e  C:\Windows\System32\dxgi.dll
MD5: 1060d60cca69a8136a87dbe3c8f4a467  C:\Windows\System32\EhStorAPI.dll
MD5: 1e8d06aae74fed674c1156b3fea911c2  C:\Windows\System32\Faultrep.dll
MD5: e12c4928b32ace04610259647f072635  C:\Windows\System32\FntCache.dll
MD5: c5f137e1031773c70155eec7ae67c8af  C:\Windows\System32\framedynos.dll
MD5: dbf9369d554a229db0d554bb95a4b0aa  C:\Windows\System32\gdi32.dll
MD5: 77ebf3e9386daa51551af429052d88d0  C:\Windows\System32\giveio.sys
MD5: fe7875dc6ed353c42d9771458351e893  C:\Windows\System32\IEEtwCollector.exe
MD5: b59e370277edb6643083b62297175628  C:\Windows\System32\ieframe.dll
MD5: 01777ab557997e98691e322225314e57  C:\Windows\System32\iertutil.dll
MD5: e7b9d5ff20ffdd4aae2ef1d1b8c27a37  C:\Windows\System32\imagehlp.dll
MD5: f728e7e9937117e0f32f39840eb6d737  C:\Windows\System32\jscript9.dll
MD5: f74ffa7654702f81884bdb41eb80dac2  C:\Windows\System32\kernel32.dll
MD5: fd25b74dc1a18c56bf1a879bf086555a  C:\Windows\System32\KernelBase.dll
MD5: c140f86932b5b61f54a4d836e2d34ab2  C:\Windows\System32\ksproxy.ax
MD5: 630a31f277349109299e590856a4b004  C:\Windows\System32\Kswdmcap.ax
MD5: dd17e1573651293d4ed31053795b3471  C:\Windows\System32\lsass.exe
MD5: 887c79a2d1c790bc2dcfda31df9bad65  C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: c62322c77d1aab77b1cf1130fcc3673a  C:\Windows\System32\Macromed\Flash\NPSWF32_16_0_0_305.dll
MD5: 8bc9db92c4b2f3be89185beab2afc1f6  C:\Windows\System32\mapi32.dll
MD5: dc6612a9ee015a36ba2a27bc9cc12537  C:\Windows\System32\mfc42.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d  C:\Windows\System32\mscoree.dll
MD5: 7069aab8536f29ed7323140973a2894b  C:\Windows\System32\msdmo.dll
MD5: 220505b0b3e96c857dd01729af0cd369  C:\Windows\System32\mshtml.dll
MD5: cb55b9aab060c803be4ad229aa0fec28  C:\Windows\System32\msi.dll
MD5: 298fde634538b62ceeec266d8773b21a  C:\Windows\System32\msls31.dll
MD5: 987323f0247d023ad1ae52195540ece0  C:\Windows\System32\mssvp.dll
MD5: b580a6b9932669de703001aee66d5bb1  C:\Windows\System32\msv1_0.dll
MD5: 0dca5f8af83975061d9d8340dc471b5c  C:\Windows\System32\msvcr110_clr0400.dll
MD5: c335ec1182ac10b188705554e0bc1186  C:\Windows\System32\msvfw32.dll
MD5: 537184e7306e06bb22c5b93d2afa4df8  C:\Windows\System32\msxml3.dll
MD5: e227b810296aa27e6c69307a7b6456e5  C:\Windows\System32\msxml6.dll
MD5: 8fe6ab488ecdc60930ce973a7051b0d4  C:\Windows\System32\ncrypt.dll
MD5: 3d57ffbad3ed16b63de3879bab0fb56f  C:\Windows\System32\networkexplorer.dll
MD5: f115c5cd29e512f18bd7138a094b77e5  C:\Windows\System32\nlasvc.dll
MD5: 7d34af98a706230cc2dedfe0cabf87ab  C:\Windows\System32\odbc32.dll
MD5: eda54d2e17c0271d2cda946abe344110  C:\Windows\System32\oleaut32.dll
MD5: 703ffd301ab900b047337c5d40fd6f96  C:\Windows\System32\olepro32.dll
MD5: 3a55d53687f16d9ef5bf307bbfefcd9c  C:\Windows\System32\pcasvc.dll
MD5: fd9692a3d31e021207d3c2a9dddc2be3  C:\Windows\System32\profsvc.dll
MD5: c9059ef0c94c55c0da9cacee160a5f66  C:\Windows\System32\rpcrt4.dll
MD5: 8cfaefcd7f1e004950fcae870a501b3e  C:\Windows\System32\schannel.dll
MD5: e1ac89f6c5252057e6062843e36a6701  C:\Windows\System32\SearchProtocolHost.exe
MD5: c94ce65ae7701e9fdba889045543e27c  C:\Windows\System32\secur32.dll
MD5: 386bf6fd9fc562b1a5558c49e1c3a6fb  C:\Windows\System32\shell32.dll
MD5: dc8d2952fb6ffbaec67bd1b93a34df11  C:\Windows\System32\speedfan.sys
MD5: caa3039ffa0cdf8c2a9845c1609cde00  C:\Windows\System32\sspicli.dll
MD5: d23e615e0969aecc1134e372b0b295d1  C:\Windows\System32\synceng.dll
MD5: 03ff6130f4385221abfc392b67815ec4  C:\Windows\System32\SynCOM.dll
MD5: 20a20a911cd79a6f6839167149a05668  C:\Windows\System32\syncui.dll
MD5: 7e5166b8098a378b9dd91b35ce75aadc  C:\Windows\System32\SynTPAPI.dll
MD5: fcfd4f50419b4bc72e80066da10d2e54  C:\Windows\System32\termsrv.dll
MD5: 465dbf63a5049e4db4bc5c12ffe781cb  C:\Windows\System32\tquery.dll
MD5: c9708c9f3dba3dbfb1d2fee1e9dabad0  C:\Windows\System32\twext.dll
MD5: f34f6dc38a21fcdbb50cdd1ee97b1ea3  C:\Windows\System32\urlmon.dll
MD5: a5f833506bf6a1b5d693e1499dee2444  C:\Windows\System32\usp10.dll
MD5: 5a74597cc9007a25458f5f388a539b9d  C:\Windows\System32\wbem\fastprox.dll
MD5: 9f0f3152a3741f747258307411509db1  C:\Windows\System32\wbem\unsecapp.exe
MD5: d639b766aebc5ccda75447d4bcfb952e  C:\Windows\System32\wbem\wbemprox.dll
MD5: 18f421d42906bdffb4aa430834d368be  C:\Windows\System32\wbem\wbemsvc.dll
MD5: 320b13f43726eb73b2d7ae8869afaace  C:\Windows\System32\wbem\WMIsvc.dll
MD5: 3e2ea277d6f5a437ae2d042ec76ab267  C:\Windows\System32\wbem\wmiutils.dll
MD5: 704314fd398c81d5f342caa5df7b7f21  C:\Windows\System32\wbemcomn.dll
MD5: 164ea9cdba6b4cdd7731a23e7fd933fa  C:\Windows\System32\wbemcomn2.dll
MD5: 03b3541ae6986602cf9cb5b3ad169c33  c:\Windows\System32\webcheck.dll
MD5: 4f8ccd3e7d9f17a7c60fa0ae2466cacf  C:\Windows\System32\wer.dll
MD5: e1456e7396022ebe4e5434188d1ac8b0  C:\Windows\System32\WindowsCodecs.dll
MD5: 5e4e0e43e0a5bf9f089696dfa7a3d677  C:\Windows\System32\wininet.dll
MD5: 9419abf3163b6f0e3ad3dd2b381c879f  C:\Windows\System32\WinSCard.dll
MD5: fd67683fba9b2c4bb551780bd8846f64  C:\Windows\System32\winsta.dll
MD5: e365c7b3ebb96451d3c9df6b6b6900c2  C:\Windows\System32\wintrust.dll
MD5: 43c9cf6825cea58f1815b7c3dbbb385c  C:\Windows\System32\Wpc.dll
MD5: 81f08948a0f1475894c99d4d19a158a8  C:\Windows\System32\wshqos.dll
MD5: 895ad0d039faae12d4c25e028051344c  C:\Windows\System32\WsmSvc.dll
MD5: d9b0134913e5ef007af82a418c503322  C:\Windows\System32\wuaueng.dll
MD5: fe47b7bc8ea320c2d9b5e5bf6e303765  C:\Windows\System32\WUDFSvc.dll
MD5: 7cc38741b8f68f1e0d5d79da6123666a  C:\Windows\System32\wwansvc.dll
MD5: b8de851298e99a005bfd34aa906b3fe8  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
MD5: 3e29914113ec4b968ba5eb1f6d194a0a  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
MD5: 4ba25d2cbe1587a841dcfb8c8c4a6ea6  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MD5: 1f5afd468eb5e09e9ed75a087529eab5  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
MD5: 28a09777d2d952122567a8a82f1a2c7b  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MD5: ca6ade4f7761bb15b3325356dc3b82bb  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MD5: ee19c85ca685a275be346ec41f1870f9  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll


Keine Dateien hochgeladen

Scan beendet - Kommunikation hat 0 Sek. gedauert
übertragene Daten - 0.02 MB gesendet, 1.54 KB empfangen
1038 Dateien und Module geprüft - 127 seconds

==============================================================================


  • 0

#168
janji
Posted 07 March 2015 - 03:48 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Just now when I came to the forum to post the ESET scan results a page appeared which said  that 'This forum requires a forum password', with a password textfield, is that normal? I just went to my profile and back to the thread to post though, no problem.


  • 0

#169
RKinner
Posted 07 March 2015 - 05:18 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Not sure what happened with the forum.  Could be the connection was a bit slow to respond to the stored password.

 

The scans look OK.  Don't see anything running that shouldn't be.

 

Most of what ESET found had been removed by Spybot.  The bottom line was an ask toolbar that apparently Real player foists on you if you don't uncheck it.

 

Don't think you really need FreeRAM XP Pro.

 

See if this one works:

 

Please [url=http://www.silentrunners.org/Silent%20Runners.vbs]RIGHT-CLICK HERE[/url] and Save As (in IE it's "Save Target As", in FF it's "Save Link As") to download Silent Runners.


  • Save it to the desktop.
  • Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
  • You will receive a prompt:
    • Do you want to skip supplementary searches?
      click NO
  • If you receive an error just click OK and double-click it to run it again - sometimes it won't run as it's supposed to the first time but will in subsequent runs.
  • You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
  • Once you receive the prompt All Done!, open the text file on the desktop, copy that entire log, and paste it here.
*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.


  • 0

#170
janji
Posted 08 March 2015 - 03:49 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Hi Ron,

 

I had to download Silent Runners from here http://www.downloadc...-silent_runners  because the Silent Runners site only downloaded a txt.file.
The scan has been going now for over eight hours, when I check Task Manager I can see that the program is still running, is that normal?


Edited by janji, 08 March 2015 - 03:50 PM.

  • 0

#171
RKinner
Posted 08 March 2015 - 04:14 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

 In the future if my link doesn't work do not look for another one.  Just tell me.  Very dangerous to just download something of the same name.

 

I downloaded the file and looked at it and it appears to be the real silent runner so I do not know why it is taking so long.  Probably got itself into a loop and will never end so I would cancel it out.

 

We can try autoruns:

 

Get autoruns from
 
Download Save and Run the program by right clicking and Run As Admin.   File, Save, to your desktop, autoruns.arn, OK.  This file is normally a bit over the forum size limit so will need to be zipped.  If you do not have win-zip or 7-zip then get 7-zip from 
Download, Save and Run the appropriate msi file for your PC.  You want this one:
32-bit x86 7-Zip for 32-bit Windows
 
(Not the Beta version the next one)
 
Once you have installed you can then right click on autoruns.arn then click on 7-zip, Add to autoruns.zip.  It should put the autoruns.zip file in the same directory.  Attach it.

  • 0

#172
janji
Posted 08 March 2015 - 04:41 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Ok, will do next time.

Here is the zip file:Attached File  autoruns.zip   241.39KB   238 downloads


  • 0

#173
RKinner
Posted 08 March 2015 - 05:08 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I can't read it - probably because I have a 64 bit system and you have 32.  Try it again but this time when you save it, change it from .arn to .txt using the dropdown menu to the right of the file name.


  • 0

#174
janji
Posted 08 March 2015 - 05:14 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Autoruns text:

Attached File  autoruns.zip   13.33KB   251 downloads


  • 0

#175
RKinner
Posted 08 March 2015 - 09:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Nothing evil or unexpected showing up.  Run Autoruns again and uncheck anything that is highlighted in yellow.  These are items where the files are missing so it won't hurt anything to uncheck them and it may speed up your computer a tad.

 

Let's try this one:

 

http://www.sophos.co...base/17125.aspx

 

Instructions are on the page.  The log is at:

 

%TEMP%\sarscan.log

 

or C:\Users\User\AppData\Local\Temp\sarscan.log

 

Please attach it.

 

How is the PC running?  


  • 0

Advertisements

#176
janji
Posted 09 March 2015 - 12:52 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Hi Ron,

 

should I do the clean up checked items thing or just post the log?


  • 0

#177
RKinner
Posted 09 March 2015 - 01:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Just post the log for now.


  • 0

#178
janji
Posted 09 March 2015 - 01:04 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

Ok, am doing the scan at the moment, can't select running processes tho for some reason.


  • 0

#179
janji
Posted 09 March 2015 - 04:07 PM

janji

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 210 posts

I've made the scan but couldn't find the file, so this time I saved the download to the desktop. Then repeated scan. No scan results so I checked the help menu and they said that results will be displayed after cleanup operation and the computer is rebooted. They found one hidden file, Unknown hidden file, Location: C:Windows\ temp\TMP 00000014067514577B8699BA.


Edited by janji, 09 March 2015 - 04:07 PM.

  • 0

#180
RKinner
Posted 09 March 2015 - 05:00 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Did the program remove the file it found?


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP