Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

chrome crashed, can't run or install anti-malware or anti-virus

chrome crashed cant run malwarebytes unable to install antivirus frst cant install anti-malware

  • Please log in to reply

#121
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

OK.  Try it again with the filter off.  Once the game fails to load, Stop it from capturing any more events then scroll down near the bottom where it creates the 10 threads and then highlight from there to the bottom and try to save the selection.  Let's see if anything else happens between creating the threads and closing them.


  • 0

Advertisements


#122
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

Also I found this thread which might be interesting: Have you seen it?

 

http://steamcommunit...25849268321300/


  • 0

#123
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

10 threads aren't lining next to each other. I've highlighted where Game.EXE does 'process start' and selected until to the end.

There are many Game.EXE before that however I didn't save it. I've the PROC MON open, if you need any other portion of log, I can send that too.

 

Please find attached.

Attached Files


  • 0

#124
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I've not seen that stuff from steam yet. Let me give it a shot.


  • 0

#125
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

I see the Chinese is still there.  I'm wondering if we had a bad install of the game.  Let's get the free Revo uninstaller:

 

http://www.revounins...e_download.html

 

You will have to use the 30 day free trial since you have a 64 bit system

 

Download Save and right click and Run As Admin to install it.  It will open once it installs.  Click on the game icon then on Uninstall up at the top.  It will make a backup, then run the game's own uninstaller then offer a choice of three options.  Select Advanced then Scan 

 

. You will get to a screen that shows what is leftover.  Select All then Delete then Yes.  Select All   then Delete, Yes.

Close Revo.

 

 
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application.
 
 
Reboot.
 

 

Reinstall the game  (right click on the setup file and Run As Administrator)

 

If the game doesn't run then 

 

 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application. (Second time you run vew it will overwrite the first log so copy it to a reply or rename it first.)

  • 0

#126
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Hi... I didn't try that clean up procedure that is why you are still seeing those chinese characters. I wanted to try the Steam link and then do it. 

I just tried out the steam site recommendations for NVIDIA settings but it didn't help.

I'm going to now try the cleanup option and then do the steps listed above?

 

Thanks.


  • 0

#127
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

Sounds good.


  • 0

#128
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I did WMI Cleanup using Option a and b in that link. Verify Repository said it is consistent.

Next I'm going to the follow the latest instructions listed above from you.

I'll keep you posted.

 

Thank you.


  • 0

#129
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

It didn't work unfortunately after reinstall.

Please find the VEW logs below...

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/12/2015 10:41:51 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/12/2015 4:10:34 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/12/2015 10:42:57 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 07/12/2015 4:15:20 AM
Type: Error Category: 0
Event: 0 Source: SamsungAllShareV2.0
Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.    at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()    at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()    at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()    at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()    at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()    at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()    at AllShareDMS.AllShareDMS.DoStart()    at AllShareDMS.AllShareDMS.OnStart(String[] args)    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Log: 'Application' Date/Time: 07/12/2015 4:13:25 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 07/12/2015 4:10:31 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   2 user registry handles leaked from \Registry\User\S-1-5-21-1873260180-584723267-4080468776-1000:
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1873260180-584723267-4080468776-1000\Control Panel\International
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-1873260180-584723267-4080468776-1000\Control Panel\International\Geo
 
 

  • 0

#130
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

Nothing in the logs that helps.  Are you still seeing the Chinese in Process Explorer?


  • 0

Advertisements


#131
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

You won't believe this.

After running VEW and sharing you the results, again started to look at process monitor and saw those chinese characters.

Then I had this thought. What if the malware infected/corrupted the Game Setup files itself. 

I uninstalled the Game with Revo.

Deleted game setup.

Extracted the ISO (from the same machine). Thank god it isn't corrupted.

Uninstalled VC++ kit.

Reinstalled game and VC++ kit.

Rebooted the machine.

It started working.

 

I can't believe the malware infected those files as well.

 

Is there anything else that I should be worried about?

Please advise.

 

Thank you again.


  • 0

#132
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

Great.   I thought you were reinstalling from a DVD.  Next time I will have to remember to ask.

 

 

 

I would try some of the online scans like ESET or BitDefender just to be sure that nothing evil came from the game.

 

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner.  Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).  
 
# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.
 
 
Let's also try the bitdefender quickscan.
 
 
When it finishes there is a View Report option at the bottom.  Click on it and copy and paste the report (even if it says nothing found).
 
Unless one of them finds something I suppose it would be wise to rerun delkey as before since it appears we are done.

  • 0

#133
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Hi, thanks. 

Please find below all 3 scans in order (ESET, bitdefender, delkey)

ESET

---------

C:\Users\All Users\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Downloads\Core-Temp-installer.exe Win32/Somoto.Q potentially unwanted application deleted - quarantined
C:\Downloads\vlcmediaplayer-setup.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.3.1_29963.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.3.1_29988.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
 
BIT DEFENDER
--------------------
 
QuickScan 64-bit v0.9.9.118
---------------------------
Scan date:  Sun Dec 13 11:31:22 2015
Machine ID: 84D1371E
 
 
 
No infection found.
-------------------
 
 
 
Processes
---------
(unsigned)   CLMSMoni Application                    1984    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(unsigned)  CLHNServiceForPowerDVD12 Module          2844    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(unsigned)  CyberLink CLMSServer                      624    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(unsigned)  CyberLink DMREngine                      2224    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(unsigned)  CyberLink PowerDVD 12                    2600    C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(unsigned)  The Amazing Spider-Man 2 ™            7680    C:\Program Files (x86)\The Amazing Spider-Man 2\Game.exe
(unsigned)  TWCU Application                         2232    C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
(unsigned)  vlc.exe                                 10092    C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(unsigned)  WebHelper                                3152    C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(unsigned)  WebHelper                                3616    C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
 
(verified)  Adobe Acrobat Update Service             1904    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(verified)  Adobe Reader and Acrobat Manager         3704    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(verified)  Avast Antivirus                          1568    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(verified)  Avast Antivirus                           320    C:\Program Files\AVAST Software\Avast\AvastUI.exe
(verified)  Bluetooth Software                       3788    C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(verified)  Bluetooth Software                       2200    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(verified)  Bluetooth Software                       1500    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(verified)  Google Chrome                            8552    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified)  Google Chrome                            8940    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified)  Google Chrome                            9700    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified)  Internet Explorer                       10844    C:\Program Files\Internet Explorer\iexplore.exe
(verified)  Microsoft® .NET Framework                6692    C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(verified)  Microsoft® .NET Framework                2784    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(verified)  Microsoft® Windows® Operating System      824    C:\Program Files\Windows Media Player\wmpnetwk.exe
(verified)  Microsoft® Windows® Operating System     1840    C:\Windows\explorer.exe
(verified)  Microsoft® Windows® Operating System     5784    C:\Windows\servicing\TrustedInstaller.exe
(verified)  Microsoft® Windows® Operating System     7040    C:\Windows\System32\conhost.exe
(verified)  Microsoft® Windows® Operating System      584    C:\Windows\System32\csrss.exe
(verified)  Microsoft® Windows® Operating System      496    C:\Windows\System32\csrss.exe
(verified)  Microsoft® Windows® Operating System     1820    C:\Windows\System32\dwm.exe
(verified)  Microsoft® Windows® Operating System     2888    C:\Windows\System32\GWX\GWX.exe
(verified)  Microsoft® Windows® Operating System      636    C:\Windows\System32\lsass.exe
(verified)  Microsoft® Windows® Operating System      648    C:\Windows\System32\lsm.exe
(verified)  Microsoft® Windows® Operating System     9864    C:\Windows\System32\notepad.exe
(verified)  Microsoft® Windows® Operating System      616    C:\Windows\System32\services.exe
(verified)  Microsoft® Windows® Operating System      348    C:\Windows\System32\smss.exe
(verified)  Microsoft® Windows® Operating System     1668    C:\Windows\System32\spoolsv.exe
(verified)  Microsoft® Windows® Operating System     1348    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     1760    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      256    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     2628    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     3544    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     3652    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     4400    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     5112    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     5684    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      364    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      500    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      504    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      796    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      928    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System      944    C:\Windows\System32\svchost.exe
(verified)  Microsoft® Windows® Operating System     1188    C:\Windows\System32\taskeng.exe
(verified)  Microsoft® Windows® Operating System     1156    C:\Windows\System32\taskhost.exe
(verified)  Microsoft® Windows® Operating System      968    C:\Windows\System32\taskhost.exe
(verified)  Microsoft® Windows® Operating System     5128    C:\Windows\System32\wbem\unsecapp.exe
(verified)  Microsoft® Windows® Operating System     4292    C:\Windows\System32\wbem\WmiPrvSE.exe
(verified)  Microsoft® Windows® Operating System      556    C:\Windows\System32\wininit.exe
(verified)  Microsoft® Windows® Operating System      684    C:\Windows\System32\winlogon.exe
(verified)  Microsoft® Windows® Operating System     3584    C:\Windows\SysWOW64\rundll32.exe
(verified)  NVIDIA Backend                           2168    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(verified)  NVIDIA Driver Helper Service, Version 3   876    C:\Windows\System32\nvvsvc.exe
(verified)  NVIDIA Driver Helper Service, Version 3  1416    C:\Windows\System32\nvvsvc.exe
(verified)  NVIDIA GeForce ExperienceService         2680    C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(verified)  NVIDIA Network Service                   3124    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(verified)  NVIDIA Settings                          2528    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(verified)  NVIDIA Streamer                          3320    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(verified)  NVIDIA Streamer                          2756    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(verified)  NVIDIA Streaming                         4436    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(verified)  NVIDIA User Experience Driver Component  1384    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(verified)  Ralink RalinkRegistryWriter              3408    C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe
(verified)  Ralink RalinkRegistryWriter              3440    C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe
(verified)  Realtek HD Audio Manager                 2060    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(verified)  Stereo Vision Control Panel API Server    900    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(verified)  Windows® Search                         11748    C:\Windows\System32\SearchFilterHost.exe
(verified)  Windows® Search                          4904    C:\Windows\System32\SearchIndexer.exe
(verified)  Windows® Search                         11652    C:\Windows\System32\SearchProtocolHost.exe
(verified)  µTorrent                                 2184    C:\Users\Rajinikanth\AppData\Roaming\uTorrent\uTorrent.exe
 
 
Network activity
----------------
Process AvastSvc.exe (1568) connected on port 80 (HTTP) --> 77.234.44.26
Process iexplore.exe (10844) connected on port 80 (HTTP) --> 13.107.5.80
Process iexplore.exe (10844) connected on port 80 (HTTP) --> 13.107.5.80
Process iexplore.exe (10844) connected on port 80 (HTTP) --> 216.58.218.194
Process iexplore.exe (10844) connected on port 80 (HTTP) --> 216.58.218.194
Process iexplore.exe (10844) connected on port 443 (HTTP over SSL) --> 216.58.218.194
 
Process svchost.exe (256) listens on ports: 49153 (RPC)
Process svchost.exe (500) listens on ports: 49155 (RPC)
Process wininit.exe (556) listens on ports: 49152 (RPC)
Process services.exe (616) listens on ports: 49212
Process CLMSServerPDVD12.exe (624) listens on ports: 2554, 60880
Process lsass.exe (636) listens on ports: 49154 (RPC)
Process wmpnetwk.exe (824) listens on ports: 554 (RTSP)
Process svchost.exe (944) listens on ports: 135 (RPC)
Process svchost.exe (1348) listens on ports: 3389 (Terminal Server)
Process AvastSvc.exe (1568) listens on ports: 12025, 12110, 12119, 12143, 12465, 12563, 12993, 12995, 27275
Process uTorrent.exe (2184) listens on ports: 14492
Process PowerDVD12DMREngine.exe (2224) listens on ports: 50003
Process PowerDVD12Agent.exe (2600) listens on ports: 51000
 
 
Autoruns and critical files
---------------------------
(unsigned)  CyberLink DMREngine                      C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(unsigned)  CyberLink PowerDVD 12                    C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(unsigned)  TWCU Application                         C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
 
(verified)  Adobe® Flash® Player Installer/Uninstal  C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_ActiveX.exe
(verified)  Avast Antivirus                          C:\Program Files\AVAST Software\Avast\AvastUI.exe
(verified)  Google Update                            C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(verified)  Microsoft® Windows® Operating System     C:\Windows\system32\rundll32.exe
(verified)  Microsoft® Windows® Operating System     c:\windows\system32\userinit.exe
(verified)  NVIDIA Backend                           C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(verified)  Realtek HD Audio Manager                 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 
 
Browser plugins
---------------
(verified)  Bitdefender QuickScan                    C:\Windows\Downloaded Program Files\qsax64.dll
(verified)  Google Toolbar for Internet Explorer     c:\program files (x86)\google\google toolbar\googletoolbar_64.dll
(verified)  IE Webrep plugin                         c:\program files\avast software\avast\aswwebrepie64.dll
(verified)  Internet Explorer                        C:\Windows\System32\ieframe.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\mswsock.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\NapiNSP.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\nlaapi.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\pnrpnsp.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\wshbth.dll
 
 
Scan
----
MD5: 50efe16317a7fc8305dd6be40acfbd47  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Boomerang\BoomerangLib.dll
MD5: 413d80f8aa94675b241c396b3f6c0d2b  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_font.pyd
MD5: 65efcc18b4818acfac788e899964d437  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_image.pyd
MD5: 33f847307e3d2fabcc43d2a479a5aad7  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_Interpolator.pyd
MD5: 589c382b527bbe533cb070e5f1b3cdf0  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_render3d.pyd
MD5: b6f24c0452a1c9566e4546ab3fda467d  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_wingdi.pyd
MD5: cbe7bf31520183e63eb8896446d0b420  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\pyloader.dll
MD5: 0bf7b271515e70e0ef17bab5ae5afbaa  C:\Program Files (x86)\CyberLink\PowerDVD12\Common\WPDDM.dll
MD5: 0443495fd34d6a3786b88efe815e180f  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
MD5: a773aa47341a1fd16c6a9ba3c11d7daa  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
MD5: 408c9123b6e7707498b6a40da56e52c9  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
MD5: fb6ba8d11360c9859c1aae3af6ba22eb  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetShow.dll
MD5: 18c207daa35522fbf36535113732edf2  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
MD5: ecb5c44f5d9ab0cf59693f40a13dc756  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLAccessController.dll
MD5: b8f03837773b046a0bfa427195b887be  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMediaServer.dll
MD5: 62abf91c1b7c3c3e5c8ce7a823fb103e  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSClient.dll
MD5: 92084070d73a37076a4e900eb60b1b85  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
MD5: b1da1308bfa73d9511189760ee2f9992  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
MD5: 9a3c8d7d80f4cb880eb0a69f5dadb6fe  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSTransManWrapper.dll
MD5: c249fc902b4c87b3aaed1069baa1fae1  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLRTSPSrv.dll
MD5: 896524c4b87247c504ce257f51ba9249  C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\PCMMediaServer.dll
MD5: c1c262fcd832de67b570ba225747b7dc  C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
MD5: 5b2aca89096ce6e64c9a12dde5f23963  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\baseserver\_pybaseserver.pyd
MD5: 37c995f0821ec5bcdb7e2edef7107fe7  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\bgserv\_bgserv.pyd
MD5: 2c81b6cceecfb9255e71ef5bd33f0b5d  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\bgserv\CLRCEngine3.dll
MD5: bed0d83be0d69f50c98b66c6e0e957db  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\core\_core.pyd
MD5: 8a428255cdcef15fb6464a92fdfcd985  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd
MD5: 5c5a2dba186c846ea18ae3c9a99f6d82  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\PyImage\_CLImage.pyd
MD5: 10032315e86a9aa5fe027c0e24e40275  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\PyImage\ijl20.dll
MD5: af8cdf436bd517ea6707a586f95cd247  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\systray\_systray.pyd
MD5: 2d46a32708076188e98d9b005eea9e18  C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\WPD\_WpdAPI.pyd
MD5: fb49836db219c54e707d6ecc6f2c476d  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MD5: 328100af2efd951eab657384ec361b6f  C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
MD5: 1980fe1f5a32067dad1d8776b63c2669  C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
MD5: 4dcfe28372aed02681e8fd1d26c0328f  C:\Program Files (x86)\The Amazing Spider-Man 2\Data\Gamelogic.dll
MD5: a53f2bd5f3c8353c9ed94f5cee95c305  C:\Program Files (x86)\The Amazing Spider-Man 2\Game.exe
MD5: cbb68a56568364745f83c0fb1efb4f41  C:\Program Files (x86)\The Amazing Spider-Man 2\steam_api.dll
MD5: daf473a146a3d77b4e26c1f809997329  C:\Program Files (x86)\TP-LINK\COMMON\CiscoEapFast.dll
MD5: 6fb208d354df8c274b72345f2baf2c94  C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
MD5: 0930b46c2cc78578c74994ab183a28c3  C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MD5: 25361348e7988d90217d87824cd2faaa  C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MD5: 4a564141f248bd3e1dcc071f96b83f7c  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
MD5: d5a71408332ae61b151a4c22b5748595  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
MD5: 2ad1bad36726087d560e7a2ac9409ecb  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
MD5: c6552e99666134db7f6037d9779d145e  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
MD5: 5a587c4af5364f52c4782fe42f15f970  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
MD5: 04be9904bccbbd195b1946bd90003e8e  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
MD5: 807887e49862f0e5ec1af94c0ca5a3af  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
MD5: 1d9d39ba8f2b34f9a4ad6ef777771d7a  C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
MD5: 2e57a33760d491ba28b6dc48f42b0d84  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
MD5: e0780ec730e0f439bb6088df6b39206b  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
MD5: 934c321fc6312bafa8ea617f9602eaec  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
MD5: e9e8d39d0dc33ccd6fb2ae36112214b6  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
MD5: 4fb6fbb9a765723df1680d40cdcc7c1c  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
MD5: 3916c9bc10844b0abb6609283075a893  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
MD5: 8b33476275aec0524fcc4850b0241084  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
MD5: 54d75ac039a787a6ff255fb8dda91b9a  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
MD5: 5ad1924bf42baf04bcb3c98133f2daf1  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
MD5: a95ddca1f97c185633ab6d886c20a11e  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
MD5: 5fcafd63a8985c54c70899334ec38231  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
MD5: 36f21bceb4bfab7a956bec865580f95d  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll
MD5: 948ef71beeb27532a29256eb3641e2a0  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
MD5: b86935deb3108dd8ac10b125691585de  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
MD5: 83a76f10d09faba02af66f4a7cb2587f  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
MD5: 7740b7148a0a383afcce3cadb77291e7  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
MD5: cd853e2a5354403126023456a94c6038  C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
MD5: fe9546713ebf0c70e94c883a27d2dcfa  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
MD5: 669acee25ac57a5e7a819eff3337e84f  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
MD5: 3cfd5511fb7c98d02e9502562ad44311  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
MD5: 47f865f13d11ee9fcfd6720c8367e3c9  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
MD5: 3404d0f11b1a47f904d96d7a937698cc  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
MD5: ea3b096bf9b1731a0c2aa7a25ec940b1  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
MD5: f55bb6ba7f8de84cde86512d38b2116d  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
MD5: e483b6b5e698d01361568f2a0cfbbf55  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
MD5: 13c316454c7d3dc1f374d77859483280  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
MD5: a9124f811fb08cf450d699f82b096151  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
MD5: 10b72f49ff8e0a27e82cb3c4864f69ca  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll
MD5: 1f3838bed3343f6f43f3ee5b68a091b0  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
MD5: 4175b1e95d4cf726ca458e94a7e4c59e  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll
MD5: 023b1d426d5f74f165fe617d9f1006db  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
MD5: e7cb4df3d8d7bdccf07a064fc6becbe9  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
MD5: cb4664e184e77d295520acbcd9c4cd68  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
MD5: 8515bf51a21721ef4fa6b2a59610d498  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
MD5: 3b934c8950f216fe25fe09ee653a4f0b  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
MD5: e7e37551bbaf1e6dd1b48f4768e10d19  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
MD5: 75b709db7f4985bc8cf5c2915ab68d45  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll
MD5: 7cab965665f573108376dc15fab621d9  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
MD5: b2347cffff8f724366d04dc849eb299a  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
MD5: e4560dabaf162fd14c346c1f22747548  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
MD5: 508042a8abd42de8b00f50facbaf6726  C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll
MD5: 79e03c139e643fa752711f63d6a002e6  C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
MD5: d1c075e56de7fae0c50eaa1aa30c1815  C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
MD5: ec5569f4d5d45e4d17094a457bc0d806  C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
MD5: bc6f02e411cd7094048abbfdd05b0104  C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll
MD5: 0f6ba06431b1bbba8f381e6dba0e5f33  C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
MD5: 6d856589d4613226c2a036db007a3671  C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
MD5: fb375c871ed1e21cc33ca59fbf2ea8d6  C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll
MD5: c8f2f1c298cedd72e4fd38832083c51e  C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll
MD5: 2dbbf69e24302f6843422b2d540d8f24  C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
MD5: 6d202835e9fdd977ae34c32a6da8da64  C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
MD5: a8b199578d5fcf54f326171b05c75fd7  C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
MD5: 159f81998a5f52344bac986cef22292b  C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
MD5: 404e70915f07d1d945cce0ebcfecba93  C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
MD5: b3befc4bec60b42c3aee12d4f29cc11d  C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
MD5: 8588e208cc3e7542cd8bdb28a480b566  C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
MD5: 208b6f9447c694ef65accdd33741ef8a  C:\Program Files (x86)\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
MD5: 80d072996b9050dc857c92371991e684  C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
MD5: f3fb9adc9bd375d27f7dbf7cbb91d98e  C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
MD5: 2ced81485bcb5e10070dd9d5b4be8b88  C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
MD5: 4cf164c6accb68cb29d1773c97384057  C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
MD5: d573f9dccfb8795565dabaa38ad699f2  C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
MD5: 5be42bdcf525f5c41a2cf1e3b4404b01  C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
MD5: 547ba253ff442d201a1b291d8caa4bfa  C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
MD5: 819ba7a4caa65b42a9eeeaa1fb71b0c7  C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
MD5: 8631671ab021526bf603567b505dbb5c  C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
MD5: 8b116e2648ccd9895bfbacf484453d30  C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
MD5: f697894d0ab88b4ca065374c3fbd0510  C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
MD5: 8bde18c59e6fbdee678373010c5e21d7  C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
MD5: a3be44041c7e92db6524e7b54791c62f  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
MD5: 6dde93736bc48e18cf139a861e49b047  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
MD5: 9092d6047b6b1947134ac81a5939c76b  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
MD5: 06b7793dfb5511d817e9489e315d521a  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
MD5: a066f1d7efa8a3b1079c80da06b4bd83  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
MD5: 4c6328031730f64e865cbef4806334a3  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
MD5: 2a3a7004a64ad7dcf79d491341914902  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
MD5: a3cbf8e815f9ce26d7b2f82ebacd2899  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
MD5: f2059041702da2a058a2727a8876635c  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
MD5: fe804fa93c1a9d0b3f436f38b7ac5cef  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
MD5: 9b3f615ff78811fc7582118751dc253c  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
MD5: 59e06071a280a14a117a08544e530127  C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
MD5: 0c968e011268429c1d218169233c06f7  C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
MD5: 82bd13bd4537b50ba0440cbbce41a474  C:\Program Files\AVAST Software\Avast\defs\15121000\algo.dll
MD5: 70bb651cb757df292cf95e10eceac886  C:\Program Files\AVAST Software\Avast\defs\15121300\algo.dll
MD5: 2bb58ff1e186498670c165dc114efb5e  C:\Program Files\AVAST Software\Avast\libcef.dll
MD5: b27bbf107f5345e1963a74406af9d317  C:\Program Files\AVAST Software\Avast\libeay32.dll
MD5: f4e4ff8a70700a5e59398aa6b68df602  C:\Program Files\AVAST Software\Avast\ssleay32.dll
MD5: f85b4147ebc888b29194afac202587c6  C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
MD5: 233b5852363bfb41d73d219fa8528af4  C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
MD5: 35b5eebf76c8aa07164c11b58ada506d  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dll
MD5: 1f2019248cb0838a34848d21410c6e1a  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\6ac899183f6faccc34a5af2af3c2d916\PresentationCore.ni.dll
MD5: 00da23e965d8e2e8b67bdbcc8c3882fc  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\9f21f0429aa61fcbf62f1f3953c64572\System.ServiceProcess.ni.dll
MD5: bdd83e29b58c1d32407a9032d9f7981b  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c7fb84e825f6604d7f4684ab96cbd148\System.ni.dll
MD5: f656f33167ebd1dff35d5ec7fa016bcb  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\6a936c37dd47373850f8eb4d7824eb37\WindowsBase.ni.dll
MD5: 1dd97424b0c22404753da4bac9da3e5a  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\79d73b390cca60b8a1c1d1228c771f2f\mscorlib.ni.dll
MD5: a51131102d01808581f114d990f6a9a0  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\4da98812f1e5a0fff34f2acd8fba7a19\SMDiagnostics.ni.dll
MD5: a5fccef78365fd830141a4025188b336  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\d32584d2a2c12de591fddb5b3558df98\SMSvcHost.ni.exe
MD5: dcccbf05799e98432642804c33dd155f  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\492cdc37030c59c117370e9bbd8a4e8e\System.Configuration.ni.dll
MD5: 5cf2700c2237bca22ea6776be55bfe24  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\c3390b9104ee11582516c6328c143931\System.Core.ni.dll
MD5: 785cc56bd3818d41ff08d5c1bc5754ea  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\aff38e5e40c1d888f5a266b7162ff4fa\System.IdentityModel.ni.dll
MD5: ca4d113f9b7c21a6b774ae5c6e3fc12d  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Dura#\511442b9fce2d89657fa04b7b1cfbb00\System.Runtime.DurableInstancing.ni.dll
MD5: a971e9a8cdc0b655384146756c3ed7f5  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\8b20d97b9e44fdc6fd85a857e0351098\System.Runtime.Serialization.ni.dll
MD5: ad2d5f392e23f846025e480fb5bbce22  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\b7cddca9dccf09e602b4843e0a48e190\System.ServiceModel.ni.dll
MD5: f6ea75780b4a285446c2629a2cab6d22  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\9080ab54e343a5f882cea9a7af181a2f\System.ServiceProcess.ni.dll
MD5: 5078fb589fd8243017e0efd19586a5ca  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\8faad167140ce7fa48230548fd1e59f5\System.Xaml.ni.dll
MD5: 4f12ac09b15cff414edbe3d9693079a9  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\cd3c7fbef46399e11a54f4a4786667f9\System.Xml.ni.dll
MD5: d1b7ea63c37ba5ceb7968e86f3da1fcb  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\09b0052217f94c23b48f98d34189ee3e\System.ni.dll
MD5: 52ef4fa1fff85a9dc1897e9106d4268d  C:\Windows\System32\nvspcap64.dll
MD5: f93ae5ea3d793f993667791e1f8f7cdb  C:\Windows\SysWOW64\nvspcap.dll
MD5: 4928ab3a304ddf05c354de3807a4a66b  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80.dll
MD5: 686b224b4987c22b153fbb545fee9657  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
 
 
No file uploaded.
 
Scan finished - communication took 4 sec
Total traffic - 0.11 MB sent, 1.72 KB recvd
Scanned 2555 files and modules - 69 seconds
 
==============================================================================
 
DELFIX
----------
 
# DelFix v1.011 - Logfile created 13/12/2015 at 11:38:00
# Updated 18/08/2015 by Xplode
# Username : Rajinikanth - SARVESH-DSK
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\Users\Rajinikanth\Downloads\Addition.txt
Deleted : C:\Users\Rajinikanth\Downloads\Fixlog.txt
Deleted : C:\Users\Rajinikanth\Downloads\FRST.txt
Deleted : C:\Users\Rajinikanth\Downloads\FRST64.exe
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #273 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 | 11/24/2015 06:20:27]
Deleted : RP #274 [Scheduled Checkpoint | 12/01/2015 06:30:16]
Deleted : RP #276 [Revo Uninstaller Pro's restore point - The Amazing Spider-Man 2 | 12/07/2015 04:06:18]
Deleted : RP #277 [Installed DirectX | 12/07/2015 04:29:09]
Deleted : RP #278 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 | 12/07/2015 04:33:51]
Deleted : RP #279 [Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 | 12/07/2015 04:35:31]
Deleted : RP #281 [Revo Uninstaller Pro's restore point - The Amazing Spider-Man 2 | 12/07/2015 06:17:40]
Deleted : RP #282 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 | 12/09/2015 02:40:29]
Deleted : RP #283 [Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 | 12/09/2015 02:40:55]
Deleted : RP #284 [Installed DirectX | 12/09/2015 02:47:42]
Deleted : RP #285 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 | 12/09/2015 02:49:29]
Deleted : RP #286 [Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 | 12/09/2015 02:51:18]
 
New restore point created !
 
########## - EOF - ##########
 
Please advise.

  • 0

#134
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,677 posts
  • MVP

ESET just found some adware.  Nothing to worry about.  I think you are good to go now.


  • 0

#135
rajinikanths

rajinikanths

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I missed to add ESET log from c:\program files folder. Please find below.

[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=init
# utc_time=2015-12-12 04:54:17
# local_time=2015-12-11 10:54:17 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27161
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=updated
# utc_time=2015-12-12 04:56:15
# local_time=2015-12-11 10:56:15 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=restart
# utc_time=2015-12-12 02:42:44
# local_time=2015-12-12 08:42:44 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 0 663736 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 201474814 0 0
# scanned=144427
# found=6
# cleaned=0
# scan_time=35187
sh=7669F3D56E0CD22381C7EACE00B9D3B1DD41BF07 ft=1 fh=fc296988becdd3eb vn="Win32/Somoto.Q potentially unwanted application" ac=I fn="C:\Downloads\Core-Temp-installer.exe"
sh=80B2DEA639F2BBCAFE9172EF495533F11ED4C954 ft=1 fh=b5608ddbcae2ab0d vn="Win32/DownloadAdmin.G potentially unwanted application" ac=I fn="C:\Downloads\vlcmediaplayer-setup.exe"
sh=174B4984C45177B554D25F8999F44DF5CA771E8C ft=1 fh=de76e9361c4ed4f9 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll"
sh=174B4984C45177B554D25F8999F44DF5CA771E8C ft=1 fh=de76e9361c4ed4f9 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll"
sh=412B187480B46BEB0081E77F8F36FAE65CC1F9B0 ft=1 fh=dad18aae9f7cee6b vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application" ac=I fn="C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.3.1_29963.exe"
sh=AC5976DDF6B0183F3A9D2CBED500470F412E6FC8 ft=1 fh=c8a91ea7eef7472f vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application" ac=I fn="C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.3.1_29988.exe"
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=init
# utc_time=2015-12-13 04:10:26
# local_time=2015-12-12 10:10:26 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27170
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=updated
# utc_time=2015-12-13 04:10:57
# local_time=2015-12-12 10:10:57 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=
# engine=27170
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-13 04:16:53
# local_time=2015-12-12 10:16:53 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 0 712585 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 34362 201523663 0 0
# scanned=29162
# found=2
# cleaned=0
# scan_time=355
sh=7669F3D56E0CD22381C7EACE00B9D3B1DD41BF07 ft=1 fh=fc296988becdd3eb vn="Win32/Somoto.Q potentially unwanted application" ac=I fn="C:\Downloads\Core-Temp-installer.exe"
sh=80B2DEA639F2BBCAFE9172EF495533F11ED4C954 ft=1 fh=b5608ddbcae2ab0d vn="Win32/DownloadAdmin.G potentially unwanted application" ac=I fn="C:\Downloads\vlcmediaplayer-setup.exe"
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=init
# utc_time=2015-12-13 04:17:21
# local_time=2015-12-12 10:17:21 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 27170
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=updated
# utc_time=2015-12-13 04:17:46
# local_time=2015-12-12 10:17:46 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=init
# utc_time=2015-12-13 05:31:53
# local_time=2015-12-12 11:31:53 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 27170
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=
# end=updated
# utc_time=2015-12-13 05:32:56
# local_time=2015-12-12 11:32:56 (-0600, Central Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=
# engine=27170
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-13 07:47:17
# local_time=2015-12-13 01:47:17 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 0 725209 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 46986 201536287 0 0
# scanned=236074
# found=6
# cleaned=5
# scan_time=8060
sh=174B4984C45177B554D25F8999F44DF5CA771E8C ft=1 fh=de76e9361c4ed4f9 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll"
sh=7669F3D56E0CD22381C7EACE00B9D3B1DD41BF07 ft=1 fh=fc296988becdd3eb vn="Win32/Somoto.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Downloads\Core-Temp-installer.exe"
sh=80B2DEA639F2BBCAFE9172EF495533F11ED4C954 ft=1 fh=b5608ddbcae2ab0d vn="Win32/DownloadAdmin.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Downloads\vlcmediaplayer-setup.exe"
sh=174B4984C45177B554D25F8999F44DF5CA771E8C ft=1 fh=de76e9361c4ed4f9 vn="a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined)" ac=C fn="C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll"
sh=412B187480B46BEB0081E77F8F36FAE65CC1F9B0 ft=1 fh=dad18aae9f7cee6b vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.3.1_29963.exe"
sh=AC5976DDF6B0183F3A9D2CBED500470F412E6FC8 ft=1 fh=c8a91ea7eef7472f vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.3.1_29988.exe"

  • 0






Similar Topics


Also tagged with one or more of these keywords: chrome crashed, cant run malwarebytes, unable to install antivirus, frst, cant install anti-malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP