Think this was the first ESET file you were talking about...
C:\Documents and Settings\Dell User\Local Settings\temp\ICReinstall\cnet2_ieSpellSetup264573_exe[1].exe a variant of Win32/InstallCore.D application
C:\Documents and Settings\Dell User\Local Settings\Temporary Internet Files\Content.IE5\QS777EFZ\cnet2_ieSpellSetup264573_exe[1].exe a variant of Win32/InstallCore.D application
( I didn't have "FIX" enabled on ESET as it seemed like the instructions just wanted the log. SHould I re-run with "fix"?
From
ESET log -- looks like it has both the last 2 logs... (The first was before I contacted you, which I mentioned in the "What I had done so far" list.
ESETSmartInstaller@High as downloader log:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=791fc5258d76b3458574aee6165fd311
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-26 02:46:02
# local_time=2012-01-25 09:46:02 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=317993
# found=12
# cleaned=12
# scan_time=7754
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\10\7c88068a-7f747bf6 Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\19\aa89693-32e841fe a variant of Java/Agent.BR trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\30\2c7c219e-3037f78f probably a variant of Java/Agent.BR trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\35\2b29fca3-356fe9bb a variant of Java/Agent.BR trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\44\38e63bec-31cfb073 Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\51\4c81ed73-729cec1b probably a variant of Java/Agent.BR trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Application Data\Sun\Java\Deployment\cache\6.0\56\5ad4b738-42d49cdd Java/Agent.BV trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_001002 HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Dell User\My Documents\Downloads\cnet_winutilitiesfree_install_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\Qoobox\Seagate Backup\All-newest 1-28-11\Dec2010DesktopAllexceptEigeneDateien\Every Stupid [bleep] Thing on The Desktop\media.player.codec.pack.v3.9.4.setup.exe Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
G:\Qoobox\Seagate Backup\CHAPMAN-03\C\Gemeinsame Dateien\Dokumente und Einstellungen\The Family\Desktop\Every Stupid [bleep] Thing on The Desktop\media.player.codec.pack.v3.9.4.setup.exe Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
G:\Qoobox\Seagate Backup\CHAPMAN-03\History\Level2\C with LOTS of MUSIC\Dokumente und Einstellungen\The Family\Desktop\media.player.codec.pack.v3.9.4.setup.exe Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=791fc5258d76b3458574aee6165fd311
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-31 07:38:10
# local_time=2012-01-31 02:38:10 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 359419 359419 0 0
# scanned=270469
# found=2
# cleaned=0
# scan_time=15427
C:\Documents and Settings\Dell User\Local Settings\temp\ICReinstall\cnet2_ieSpellSetup264573_exe[1].exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Dell User\Local Settings\Temporary Internet Files\Content.IE5\QS777EFZ\cnet2_ieSpellSetup264573_exe[1].exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
From Bit defender...QuickScan 32-bit v0.9.9.105
---------------------------
Scan date: Tue Jan 31 09:32:14 2012
Machine ID: BC6CA126
No infection found.
-------------------
Processes
---------
Acronis Scheduler 2 1528 C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
Acronis True Image 3140 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
Acronis True Image 3132 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
Ad-Aware Service Application 1312 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
Ad-Aware Tray Application 3460 C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
Billy The Goat 3552 C:\Program Files\Autorun Eater\billy.exe
Bonjour 1592 C:\Program Files\Bonjour\mDNSResponder.exe
Cyberlink PowerDVD 3272 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
DivX Update 3340 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
GrooveMonitor Utility 3280 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
Intel® Common User Interface 1668 C:\WINDOWS\system32\hkcmd.exe
Java Platform SE 6 U30 1772 C:\Program Files\Java\jre6\bin\jqs.exe
Microsoft Office OneNote 3704 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Microsoft® Windows® Operating System 3632 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
Microsoft® Windows® Operating System 1708 C:\WINDOWS\system32\wbem\unsecapp.exe
MobileDeviceService 1560 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Old McDonald 3320 C:\Program Files\Autorun Eater\oldmcdonald.exe
SMax4PNP Application 3064 C:\Program Files\Analog Devices\Core\smax4pnp.exe
SpeedFan 2512 C:\Program Files\SpeedFan\speedfan.exe
WD Drive Manager 1860 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
WD Drive Manager 2972 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WD File Management Engine 2008 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
WD Shadow Copy Service 388 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(verified) Acronis Scheduler Helper 3216 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(verified) Intel® Common User Interface 3068 C:\WINDOWS\system32\igfxpers.exe
(verified) Microsoft® Windows® Operating System 1336 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 1928 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 620 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 3416 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 700 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 444 C:\WINDOWS\system32\searchindexer.exe
(verified) Microsoft® Windows® Operating System 688 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 504 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1396 C:\WINDOWS\system32\spoolsv.exe
(verified) Microsoft® Windows® Operating System 1076 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1020 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 944 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 864 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1492 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1820 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1240 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1176 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1748 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 644 C:\WINDOWS\system32\winlogon.exe
(verified) Windows® Internet Explorer 2888 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 812 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 524 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 1796 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 2332 C:\Program Files\Internet Explorer\iexplore.exe
Network activity
----------------
Process iexplore.exe (812) connected on port 80 (HTTP) --> 69.171.224.11
Process iexplore.exe (812) connected on port 80 (HTTP) --> 72.14.204.138
Process iexplore.exe (812) connected on port 80 (HTTP) --> 72.247.242.56
Process iexplore.exe (812) connected on port 443 (HTTP over SSL) --> 72.14.204.95
Process iexplore.exe (812) connected on port 80 (HTTP) --> 72.247.242.49
Process iexplore.exe (812) connected on port 80 (HTTP) --> 66.235.142.57
Process iexplore.exe (812) connected on port 80 (HTTP) --> 91.199.104.31
Process AAWService.exe (1312) connected on port 80 (HTTP) --> 70.38.25.72
Process iexplore.exe (2332) connected on port 443 (HTTP over SSL) --> 72.14.204.100
Process iexplore.exe (2332) connected on port 443 (HTTP over SSL) --> 72.14.204.100
Process iexplore.exe (2332) connected on port 80 (HTTP) --> 72.14.204.101
Process iexplore.exe (2332) connected on port 443 (HTTP over SSL) --> 72.14.204.101
Process iexplore.exe (2332) connected on port 443 (HTTP over SSL) --> 72.14.204.120
Process iexplore.exe (2332) connected on port 80 (HTTP) --> 72.14.204.95
Process iexplore.exe (2332) connected on port 80 (HTTP) --> 209.85.143.120
Process iexplore.exe (2332) connected on port 80 (HTTP) --> 72.14.204.95
Process svchost.exe (864) listens on ports: 3389 (Terminal Server)
Process svchost.exe (944) listens on ports: 135 (RPC)
Autoruns and critical files
---------------------------
Acronis True Image C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
Acronis True Image C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
Ad-Aware Admin Application C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Cyberlink PowerDVD C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
DivX Update C:\Program Files\DivX\DivX Update\DivXUpdate.exe
GrooveMonitor Utility C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
Microsoft Office OneNote C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Microsoft® Windows® Operating System C:\Program Files\Windows Desktop Search\WindowsSearch.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
MobileMe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
Old McDonald C:\Program Files\Autorun Eater\oldmcdonald.exe
QuickTime C:\Program Files\QuickTime\qttask.exe
SMax4PNP Application C:\Program Files\Analog Devices\Core\smax4pnp.exe
WD Drive Manager C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
Windows® Search C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
(verified) Acronis Scheduler Helper C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(verified) Ahead Software Gmbh NeroCheck C:\WINDOWS\system32\NeroCheck.exe
(verified) Google Update C:\Documents and Settings\Dell User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxpers.exe
(verified) Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\shell32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
Browser plugins
---------------
AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
DellSystem C:\WINDOWS\Downloaded Program Files\DellSystem.dll
DivX VOD Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
DivX Web Player C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
Google Update C:\Documents and Settings\Dell User\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
Java Platform SE 6 U30 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\IEFRAME.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
(unsigned) QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
(verified) Messenger C:\Program Files\Messenger\msmsgs.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
Missing files
-------------
File not found: 0
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Wisdom-soft ScreenHunter 5.1 Free"
Scan
----
MD5: 43969937ae8c7a8f519997352390b83a C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\lgpl.dll
MD5: 41d2a53193fad738be01cfa7972e0e64 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\lib7zip.dll
MD5: 2eb3c11a938886b8993d99f4a7e222df C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MD5: 074c425a1675864cd9ac2d49ae93810f C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libEmail.dll
MD5: bdd09926ab148e27f46bf86d73d8dafe C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MD5: 6732584bdd9b2483081129ff96bda68f C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMsCab.dll
MD5: a2d08e62a0624b866d90ccc9e2fef684 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMsi.dll
MD5: 4156ef36caf27c44ac866c35c1e82516 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libNSIS.dll
MD5: 9722bca94e6a00f35448d199fb0a3882 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libOleA.dll
MD5: 1a20f6ccf6fcc73cbee1449d31440898 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libRar.dll
MD5: 5fee412320f4ac5ef791d6783140f919 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libRTF.dll
MD5: 5b4ed5e0555949b6249c885c27cd6da2 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libtd.dll
MD5: 6f05fef2be14d8f4c1726b8241e914b0 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libVvs.dll
MD5: 76f247f3895922024629ec1ff59009a8 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libZip.dll
MD5: ca6bbb4d4464ddc635016b5f38662690 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\remediation.dll
MD5: 8c092726ac779d469d39365d12d00c1b C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\vcore.dll
MD5: 193a3325fb26fa391d80da83fb0b40b8 C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MD5: 27626506e07795bb6357f7f2ef78a90b C:\Documents and Settings\Dell User\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
MD5: 7e7eb7aff595774e5e500b34058cc1a7 C:\Documents and Settings\Dell User\Local Settings\temp\sfamcc00001.dll
MD5: b0c5f70b896e18a5d9dae1a1fbd9526a C:\Documents and Settings\Dell User\Local Settings\temp\sfareca00001.dll
MD5: cbe20a66a9d86a8f90de494ff5ae613b C:\Program Files\Acronis\TrueImageHome\Common\gc.dll
MD5: 23a77ad2f9bf6a6a876a2d856a84b4c2 C:\Program Files\Acronis\TrueImageHome\Common\icudt38.dll
MD5: a0664a11eb3216974fde84e207e9a03d C:\Program Files\Acronis\TrueImageHome\Common\resource.dll
MD5: 0cbc63f216ea85e399ffc66101c31f58 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
MD5: ad1d53eb6e7570be95ee3aadbef00ce7 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MD5: 8082f66dc9c8167ff1aa548736f58457 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 10247c15d999cc116c87da36bd0ad64d C:\Program Files\Analog Devices\Core\smax4pnp.exe
MD5: 17cc0a9b3abb69ed96d1eeb8117df856 C:\Program Files\Analog Devices\Core\SMWDMIF.dll
MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: c5f6eca94ad8cfd054f6d14f14972026 C:\Program Files\Autorun Eater\billy.exe
MD5: 175fb9a3eb526fcf2cb60cbc3132a8e5 C:\Program Files\Autorun Eater\oldmcdonald.exe
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 874a0383bc8148aa4141bba6b50eadc0 C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
MD5: 8a3ba48b5be893e1d81bfac17a3c1b1f c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: a99783ada78e538fc9f5e7d9c21b33d2 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 605c6370240fc79cadbcd34960a741d2 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: f7dd2d785280db73dc9060f80361befb C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 0eee814627f4384291687671f76419f6 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 8b22cf51b907e3a221267cf1e502993a C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 1224bc6de919f8cd8c1c945280e63852 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 42cdfb2273eec623b903c311b19fb484 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MD5: 905b5bf5be0a86e8412801bf20357195 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 2424231bbd703a677d115c29983b4293 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
MD5: a0c2cb21f4b521429f033fdeb18d63d7 C:\Program Files\Common Files\System\directdb.dll
MD5: 186c9d39541cc0dffcc454f79aa0b0bf C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
MD5: b938c1ae3adce166190895685b0beb0d C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
MD5: 0734c95492371d092367f2f3af794a0d C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
MD5: 7636713b4f0944045ab4af7ced5245ab C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MD5: 7726c681f89f51d1d03f5dec2538da7b C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MD5: 69a3f07fad1fed82fb70b561593bbf54 C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 53fe2d34b143efdb80685281e751b91c C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: 89b42ab664ddd9d69f1a7cb94f0d5985 C:\Program Files\Internet Explorer\xpshims.dll
MD5: ca1972397b845b2f53f5dc63c22fd98a C:\Program Files\iPod\bin\iPodService.exe
MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 9aa67569d5257462e230767510b0c815 C:\Program Files\Java\jre6\bin\jqs.exe
MD5: ccc24faa47c47e66be61bf22603c5e3a C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 4d99fca201b72e0f2ca996e357baa170 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
MD5: 4566bbe928ef23e1c5a55d02d64c2872 C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
MD5: 5608e451b9d69b548103ba9cf39a3527 C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
MD5: 944cd511be9b0e55b8458842d60c738c C:\Program Files\Lavasoft\Ad-Aware\ceapi.dll
MD5: 6c4a3804510ad8e0f0c07b5be3d44ddb C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
MD5: f88c94d2469c34b98ddd639f37588f90 C:\Program Files\Lavasoft\Ad-Aware\lavalicense.dll
MD5: bc404941d7ce1f816825bfdb33bfd77d C:\Program Files\Lavasoft\Ad-Aware\lavamessage.dll
MD5: 2a66bb1f9d9ed7a8bcd58e505bb3ed3c C:\Program Files\Lavasoft\Ad-Aware\Resources.dll
MD5: 8f12ea9218ee07feb36b11850305eeab C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MD5: 86bf40f2ab08be8b358738a04715b55a C:\Program Files\Lavasoft\Ad-Aware\SBTE.dll
MD5: a1155047afa986eed03d1d87cf56a08f C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MD5: a78beb06bca7fd37034fc910a55231a0 C:\Program Files\Lavasoft\Ad-Aware\viprebridge.dll
MD5: 1843e81fa7acfff4344a7dd4328d7da0 C:\Program Files\Microsoft Office\Office12\1033\ONINTL.DLL
MD5: 123271bd5237ab991dc5c21fdf8835eb C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
MD5: 533aecd1b5356870ae2d905b4d3b42b7 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
MD5: 0e34b7bb1fcf22bcc1e394d16f9e992b C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
MD5: 30efebdc960a482e3e188b9960b286e2 C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL
MD5: 30db64d316f502558db2380f7343c9fd C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MD5: d8c2b95bc2353e1f18850d6b8f5dba13 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
MD5: 207204af80505af51271fe164b56f662 C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL
MD5: ce6db25ffa35fd051c503f11db745862 C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
MD5: 116aa2b169abd0b620961caff0aeac84 C:\Program Files\Outlook Express\msoeres.dll
MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\qttask.exe
MD5: a470cc40b031a0ee22017fba72898a12 C:\Program Files\SpeedFan\speedfan.exe
MD5: 7b37f8ec25c9ad853e8126c1d0992201 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\msvcm90.dll
MD5: 7b37f8ec25c9ad853e8126c1d0992201 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\msvcm90.dll
MD5: 0be914c883471e9f728e9e690d51bdec C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\sqlceer35EN.DLL
MD5: 063aa78559ccd459e8613a727ee1cbe4 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\sqlceme35.dll
MD5: 30b8190c119ee82a2fea935c82f90bf8 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\sqlceqp35.dll
MD5: f400387a9f86ca917d89e53d46deb02e C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\sqlcese35.dll
MD5: 156fde0e85025d180598e8fbd4db3d23 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SqlServerCe.dll
MD5: 5bb2ed6a1070001038276c814bc8c1de C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
MD5: f80be707cffd38099c2a888e18a91e5f C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFMEIPC.dll
MD5: f80be707cffd38099c2a888e18a91e5f C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFMEIPC.dll
MD5: 3ba6faf9276294285b88c2e6c85a4a09 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
MD5: f36acaa08eb44355cf98955993eb75b4 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XP\Shadow.dll
MD5: 686b224b4987c22b153fbb545fee9657 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL
MD5: 997f2e3b66f1a987dee83947fb40a033 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
MD5: 3f75189dc77459f51d0a39787de6fc19 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
MD5: f2ece68acf2c051effb305708c3aefa9 C:\Program Files\Windows Desktop Search\dbres.dll
MD5: e8a3670314b3ddfe6dd18c4b501a9476 C:\Program Files\Windows Desktop Search\deskbar.dll
MD5: 2a0b76fcc5138ac0321a01766c980387 C:\Program Files\Windows Desktop Search\en-us\dbres.dll.mui
MD5: 0e28e671281ebf1f1f8fe093d2bd4a7b C:\Program Files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
MD5: 56183fb6413b7c5cb42b8ac1541a4ee8 C:\Program Files\Windows Desktop Search\en-us\WindowsSearchRes.dll.mui
MD5: 2996faeca864ee4938aa247b2386a69b C:\Program Files\Windows Desktop Search\msnlExtRes.dll
MD5: 994ad0d8550b8b26990a6e3aa0791502 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
MD5: f23a5d407b753f2e5e2bb6a95ab6d12b C:\Program Files\Windows Desktop Search\WdsMktTools.dll
MD5: 2c2830b08045e2a1c1930eb064a8fac0 C:\Program Files\Windows Desktop Search\wdsShell.dll
MD5: b5c9f63c01fcfec3f64ec6a0940a1825 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
MD5: cbfd0fb0a9491ed3f1bab4c64a04d2f1 C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll
MD5: b5b27b057b97a947c31b41f0ef3b4d44 C:\Program Files\Windows Desktop Search\wordwheel.dll
MD5: 16f96c1496cbd0965285ab19a9271d02 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MD5: f054572a92573ca32d5f3aa8c15d2bac C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MD5: 2849f13593d2712ccb97ffbdd3c1232e C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MD5: 516fd7927172bbbe2d335ea94d816b9e C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MD5: a093e1fd3d1338d3c0ef45df07e18462 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MD5: ff867e6d71a16c4d53b4672654232310 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MD5: f4053754c32b3af6f64b321caf2bde50 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MD5: 025debd5c035eab50ccb63aa2dc2c3e0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MD5: e26d6062aaba181a666636eaed07189a C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MD5: 44a6eed699f721f3cdd779c5eac0bfab C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MD5: 01d92f377f7afa834b4a3be41a28fd17 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MD5: 7400c2b29c0024ebc98b94f3ae6034d5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MD5: ef31c803666cb694de51e69018a0dbda C:\WINDOWS\Downloaded Program Files\DellSystem.dll
MD5: bb7fcdcd4de287340b5c1bb1949ad3c6 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: 219af0f9a54ebeeb3e7e20025d801034 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll
MD5: 860fad57b4668a9f5f350a9d5444ae89 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MD5: 2bac92e8ac5e16ed60062e9141b8d5f6 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: f282d4edd85d53e20d902cc92190c5f5 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MD5: bf88feadc7786ea328bdcc5cb116de89 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 36ba8022693af7e967359ff3f97531d7 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll
MD5: 35a936c7c029a5b705d3ffd40518d660 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: f64fd5c7fef7fc25cba37974ff3584d7 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll
MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
MD5: 78e862846112347eee8214b649ae563f C:\WINDOWS\system32\dispex.dll
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll
MD5: 8879f2a6068b528a167597e137a32402 C:\WINDOWS\system32\dopdfmn7.dll
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: 3a3a82ffd268bcfb7ae6a48cecf00ad9 C:\WINDOWS\system32\DRIVERS\b57xp32.sys
MD5: c2eb4539a4f6ab6edd01bdc191619975 C:\WINDOWS\system32\drivers\cpuz135_x32.sys
MD5: 336abe8721cbc3110f1c6426da633417 C:\WINDOWS\system32\DRIVERS\Lbd.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 664469f03c955e851c5de58eea233f5a C:\WINDOWS\system32\DRIVERS\tdrpm228.sys
MD5: 6dcb8ddb481cd3c40fa68593723b4d89 C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
MD5: 83cafcb53201bbac04d822f32438e244 C:\WINDOWS\System32\Drivers\usbaapl.sys
MD5: b9d2d59ff389a8c824308a08665c97f2 C:\WINDOWS\system32\EDCrypt.DLL
MD5: ffb3115aa757abefba7fba90bad5dd0a C:\WINDOWS\system32\en-us\tQuery.dll.mui
MD5: 77ebf3e9386daa51551af429052d88d0 C:\WINDOWS\system32\giveio.sys
MD5: b9da7b8ca4601625ca9264cd846ac576 C:\WINDOWS\system32\hccutils.DLL
MD5: d9f3db62d1b361d82cd82a347ea6218d C:\WINDOWS\system32\hkcmd.exe
MD5: 0b8fb29cda02015448c9f5260a013f19 C:\WINDOWS\system32\IEFRAME.dll
MD5: 515aaa9c87d5c475b06dfeba3706d74f C:\WINDOWS\system32\iepeers.dll
MD5: 1ab894fa897e26b23ca53beed72f61f4 C:\WINDOWS\system32\iertutil.dll
MD5: a58241451a149929a679c82fa934ef81 C:\WINDOWS\system32\igfxdev.dll
MD5: 57aa18b2896055e8cb269b19dd85e7f3 C:\WINDOWS\system32\INETCOMM.dll
MD5: b6932761058dc21beaa7a1245b1b20e6 C:\WINDOWS\system32\infosoft.dll
MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll
MD5: de2fb32a9ec98b8f1b9a2b869af5d269 C:\WINDOWS\system32\l3codecx.ax
MD5: bd007d624e4cd905ab2e8df2c6de891c C:\WINDOWS\system32\Macromed\Flash\Flash11c.ocx
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
MD5: 561b3e96164c918e0564cab3d21ce871 C:\WINDOWS\system32\msfeeds.dll
MD5: dd8d655e1881b70a5259a23a6018a6c2 C:\WINDOWS\system32\mshtml.dll
MD5: 85ac5f11d4759d13674b3e92eac3f140 C:\WINDOWS\system32\msident.dll
MD5: 7ed041c7f82a381417aa3f43ab55f95a C:\WINDOWS\system32\msidntld.dll
MD5: c52ce534397e1d3a442fb4c88a3cbe42 C:\WINDOWS\system32\msonpmon.dll
MD5: 6e914eedd145c5acce56f4d5f3d606fc C:\WINDOWS\system32\mssph.dll
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: d59a7119054d70fc745a1bf9c06dcc65 C:\WINDOWS\system32\oeph.dll
MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: b2cf9f1f606dec23f70a40b01df3c396 C:\WINDOWS\system32\printui.dll
MD5: 34ffb6aba2da398bb33422e1e9275ba9 C:\WINDOWS\system32\quartz.dll
MD5: c7c84df7233f4834cd190f3dccaf50ca C:\WINDOWS\system32\rdpwsx.dll
MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll
MD5: 63ae668f783df28772d200f41cb40873 C:\WINDOWS\system32\scrobj.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: 3fa2e254bfbce52b3c6f1bf23aab6911 C:\WINDOWS\system32\speedfan.sys
MD5: 741b6b597e8c99e1938809f64f7bf13c C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
MD5: 3182f47a67f86b5dd991e0fb7659d0e3 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL
MD5: 77a54bdfbad4604e6131ae68e3cf76d6 C:\WINDOWS\system32\srclient.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: ba8fdf82d0b1316d5eaf60f5a0498de1 C:\WINDOWS\system32\uncdms.dll
MD5: 496ce99bbbb7680323921df30b405c36 C:\WINDOWS\system32\urlmon.dll
MD5: 31cf51dcda1424b813cc97b20f71b431 C:\WINDOWS\system32\vbscript.dll
MD5: e837fdbb92e9873e538395b623f45462 C:\WINDOWS\system32\wbem\cimwin32.dll
MD5: 4306fa2f1099d7c606139255fdb62b19 C:\WINDOWS\system32\wbem\framedyn.dll
MD5: c7000f2db2a5515c64c257478769a481 C:\WINDOWS\system32\wbem\unsecapp.exe
MD5: 880f7ed2df24db14af96c6d797958796 C:\WINDOWS\system32\wbem\wbemdisp.dll
MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
MD5: 552263502ea8c24d301a0c43ff90b3ed C:\WINDOWS\system32\WININET.dll
MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll
MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll
MD5: 5caf91e865fe0c85048a233e594544d2 c:\windows\system32\WUDFPlatform.dll
MD5: 18473f44d6de85c8cb4e70f503c5ea64 C:\WINDOWS\System32\xactsrv.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll
No file uploaded.
Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 0.76 KB recvd
Scanned 695 files and modules - 42 seconds
==============================================================================
Process Explorer file (I had a REALLY hard time downloading this file -- kept hanging after about 15%. I had to do it on my laptop then email it over.)
Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 98.44 0 K 28 K
procexp.exe 956 0.78 12,692 K 75,980 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
Interrupts n/a 0.78 0 K 0 K Hardware Interrupts and DPCs
wmiprvse.exe 1208 2,420 K 27,636 K WMI Microsoft Corporation
winlogon.exe 644 8,160 K 3,164 K Windows NT Logon Application Microsoft Corporation
WindowsSearch.exe 3632 5,868 K 53,724 K Windows Search System Tray Microsoft Corporation
WDSC.exe 388 11,328 K 49,300 K WD Shadow Copy
WDFME.exe 2008 79,448 K 127,372 K WD File Management Engine
WDDMStatus.exe 2972 3,616 K 31,820 K WD Drive Manager WDC
WDDMService.exe 1860 76,344 K 95,532 K WD Drive Manager Service WDC
unsecapp.exe 1708 2,228 K 26,732 K WMI Microsoft Corporation
TrueImageMonitor.exe 3132 6,016 K 34,040 K Acronis True Image Monitor Acronis
TimounterMonitor.exe 3140 1,976 K 28,056 K Monitor for Acronis True Image Backup Archive Explorer Acronis
System 4 0 K 232 K
svchost.exe 1820 2,464 K 28,004 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 864 2,828 K 30,044 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 944 1,960 K 27,156 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1076 2,384 K 22,800 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1176 2,004 K 22,100 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1240 1,364 K 24,444 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1492 1,336 K 28,204 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 4032 10,832 K 40,548 K Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1396 3,932 K 33,172 K Spooler SubSystem App Microsoft Corporation
speedfan.exe 2512 7,888 K 36,608 K Almico Software (www.almico.com)
smss.exe 504 172 K 928 K Windows NT Session Manager Microsoft Corporation
smax4pnp.exe 3064 2,588 K 23,256 K SMax4PNP MFC Application Analog Devices, Inc.
services.exe 688 2,956 K 9,408 K Services and Controller app Microsoft Corporation
searchindexer.exe 444 21,220 K 46,700 K Microsoft Windows Search Indexer Microsoft Corporation
schedul2.exe 1528 980 K 18,748 K Acronis Scheduler 2 Acronis
schedhlp.exe 3216 800 K 19,112 K Acronis Scheduler Helper Acronis
PDVDDXSrv.exe 3272 1,700 K 32,812 K CyberLink PowerDVD Resident Program CyberLink Corp.
ONENOTEM.EXE 3704 728 K 21,124 K Microsoft Office OneNote Quick Launcher Microsoft Corporation
oldmcdonald.exe 3320 7,788 K 29,024 K Old McDonald Old McDonald's Farm
mDNSResponder.exe 1592 1,080 K 10,372 K Bonjour Service Apple Inc.
lsass.exe 700 4,292 K 2,688 K LSA Shell (Export Version) Microsoft Corporation
jqs.exe 1772 2,304 K 1,404 K Java Quick Starter Service Sun Microsystems, Inc.
igfxpers.exe 3068 688 K 12,584 K persistence Module Intel Corporation
iexplore.exe 3960 11,008 K 2,032 K Internet Explorer Microsoft Corporation
iexplore.exe 1060 49,672 K 116,068 K Internet Explorer Microsoft Corporation
hkcmd.exe 1668 724 K 12,376 K hkcmd Module Intel Corporation
GrooveMonitor.exe 3280 2,160 K 31,832 K GrooveMonitor Utility Microsoft Corporation
explorer.exe 1336 31,212 K 78,192 K Windows Explorer Microsoft Corporation
DivXUpdate.exe 3340 3,120 K 33,996 K DivX Update
ctfmon.exe 3416 928 K 21,100 K CTF Loader Microsoft Corporation
csrss.exe 620 1,804 K 8,076 K Client Server Runtime Process Microsoft Corporation
billy.exe 3552 6,024 K 25,868 K Billy The Goat Old McDonald's Farm
AppleMobileDeviceService.exe 1556 10,040 K 52,704 K MobileDeviceService Apple Inc.
alg.exe 1928 1,176 K 25,564 K Application Layer Gateway Service Microsoft Corporation
AAWTray.exe 3460 2,496 K 21,580 K Ad-Aware Tray Application Lavasoft Limited
AAWService.exe 1312 66,960 K 93,476 K Ad-Aware Service Application Lavasoft Limited
Edited by ToniB, 31 January 2012 - 10:32 AM.