The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.
|
 |
|
Dev Shed Forums
> System Administration
> Antivirus Protection
|
Delf / WGA help needed. 1st Logs incl.
Discuss Delf / WGA help needed. 1st Logs incl. in the Antivirus Protection forum on Dev Shed.
Delf / WGA help needed. 1st Logs incl. Antivirus Protection forum discussing issues relating to antivirus programs, spyware, hijack protection, and personal firewalls for all operating systems. Keep your systems protected from hackers and other hazards.
|
|
 |
|
|
|
|
|
Dev Shed Forums Sponsor:
|
|
|
May 9th, 2012, 08:09 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
Delf / WGA help needed. 1st Logs incl.
Hi anyone, new user here.
Got a warning about Delf infection just after my Kaspersky license ran out. Checked with Kasp, Spybot S&D and MWB but didn't find anything.
All well for a week, then yesterday start getting WGA notifications out of nowhere, wiping my preferences and seemingly removing me as admin for some programs (incl. Spybot, worryingly).
Need help, clearly not clean and don't know how to proceed.
Logs:
Malwarebytes Anti-Malware 1.61.0.1400
Database version: v2012.05.08.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-PC [limited]
09/05/2012 11:38:14
mbam-log-2012-05-09 (11-38-14).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220185
Time elapsed: 3 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
May 9th, 2012, 08:10 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
SuperAntiSpyware Log
SUPERAntiSpyware Scan Log
Generated 05/09/2012 at 12:35 PM
Application Version : 5.0.1148
Core Rules Database Version : 8571
Trace Rules Database Version: 6383
Scan type : Complete Scan
Total Scan Time : 00:47:28
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 700
Memory threats detected : 0
Registry items scanned : 66642
Registry threats detected : 0
File items scanned : 72279
File threats detected : 3
Adware.Tracking Cookie
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\XOYUP627.txt [ /atdmt.com ]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\Z3PAGTBO.txt [ /atdmt.combing.com ]
C:\USERS\OWNER\Cookies\Z3PAGTBO.txt [ Cookie  wner@atdmt.combing.com/ ]
|
May 9th, 2012, 08:14 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
BitDefender Log pt.1
QuickScan 32-bit v0.9.9.114
Scan date: Wed May 09 21:55:13 2012
Machine ID: 72A7F282
No infection found.
Processes
Akamai NetSession Client 2960 C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
Akamai NetSession Client 4632 C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
ASUS Screen Saver Protector 4736 C:\Windows\AsScrPro.exe
ATK Hotkey 5904 C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
ATK Media 5444 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
ATKOSD2 5348 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
CameraMonitor Application 2840 C:\Windows\vsnp2uvc.exe
cyberlink brs 5848 C:\Program Files (x86)\CyberLink\Shared files\brs.exe
CyberLink MediaLibray Service 5068 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
DRP Su Updater 2716 C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe
Firefox 5336 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Firefox 1312 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
iTunes 5664 C:\Program Files (x86)\iTunes\iTunesHelper.exe
Java(TM) Platform SE Auto Updater 2 0 5740 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Kaspersky Anti-Virus 5800 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
OpenOffice.org 3.3 4092 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
OpenOffice.org 3.3 3016 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PowerDVD RC Service 1524 C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
RealPlayer (32-bit) 6004 C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
Skype 1876 C:\Program Files (x86)\Skype\Phone\Skype.exe
TeaTimer.exe 4288 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
USB 3.0 Monitor 5888 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
Network activity
Process Skype.exe (1876) connected on port 443 (HTTP over SSL) --> 157.55.130.148
Process Skype.exe (1876) connected on port 443 (HTTP over SSL) --> 193.120.199.14
Process Skype.exe (1876) listens on ports: 80 (HTTP), 443 (HTTP over SSL), 46366
Process netsession_win.exe (2960) listens on ports: 49312
Autoruns and critical files
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Akamai NetSession Client C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
ATK Hotkey C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
ATK Media C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
ATKOSD2 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
cyberlink brs C:\Program Files (x86)\CyberLink\Shared files\brs.exe
DRP Su Updater C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe
iTunes C:\Program Files (x86)\iTunes\iTunesHelper.exe
Java(TM) Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Kaspersky Anti-Virus C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
Malwarebytes Anti-Malware C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe
MUI StartMenu Application C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
MUI StartMenu Application C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
MUI StartMenu Application C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
MUI StartMenu Application C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
NVIDIA D3D shim drivers C:\Windows\SysWOW64\nvinit.dll
PowerDVD Language Application C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
PowerDVD RC Service C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
quickstart.exe C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe
RealPlayer (32-bit) C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
Skype C:\Program Files (x86)\Skype\Phone\Skype.exe
SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
TeaTimer.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
USB 3.0 Monitor C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
Browser plugins
AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Bitdefender QuickScan C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v9wd176k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Java Deployment Toolkit 6.0.310.5 C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
Java(TM) Platform SE 6 U31 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
Java(TM) Platform SE 6 U31 C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
Java(TM) Platform SE 6 U31 c:\program files (x86)\java\jre6\bin\ssv.dll
Kaspersky Anti-Virus c:\program files (x86)\kaspersky lab\kaspersky pure 2.0\ievkbd.dll
Kaspersky Anti-Virus c:\program files (x86)\kaspersky lab\kaspersky pure 2.0\klwtbbho.dll
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
NPCIG.dll C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_2_202_233.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
RealPlayer Download and Record Plugin c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
RealPlayer(tm) HTML5VideoShim Plug-In ( C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
sdhelper.dll c:\program files (x86)\spybot - search & destroy\sdhelper.dll
Silverlight Plug-In C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
Skype Toolbars c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
VLC Web Plugin C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Windows Live® Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft Office Live Plug-in for Firef C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
(verified) Microsoft® Windows Live Login Helper c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(verified) RealJukebox NS Plugin C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
(verified) RealJukebox NS Plugin c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
(verified) RealPlayer Version Plugin C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
(verified) RealPlayer Version Plugin c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
(verified) RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
(verified) RealPlayer(tm) G2 LiveConnect-Enabled P c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
Missing files
File not found: c:\program files (x86)\avg\avg9\avgssie.dll
--> HKLM\Software\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\InprocServer32\"(default)"
File not found: c:\programdata\SetWallpaper.cmd
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Setwallpaper"
|
May 9th, 2012, 08:15 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
BitDefender Log pt.2
Scan
MD5: e0ad06be7dbec6ef843711e97080549a C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
MD5: c98ff6c440e8967251f59c7919b505a1 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
MD5: 18140c8b44ac157309263410acd460ec C:\Program Files (x86)\ASUS\ASUS LifeFrame3\camera_effect.ax
MD5: 5aebf6fa9805c9101220aa4fb4fa17e7 C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MD5: 18e5c2f937f9deb8c282df66a3761925 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
MD5: 0ddbb330851c5506275ec86f31143e21 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\ATKMETHOD.dll
MD5: 5666955dc9fd455a003d86a21e0483a9 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MD5: 4c016fd76ed5c05e84ca8cab77993961 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
MD5: 63f1212ffe13e62ca1e8d8ee19abd9a7 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
MD5: 6529c89512ce4498919bdc512572f82c C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MD5: 649791f5b905e6a8ecced15ad8efd436 C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
MD5: 423d6f4821f0c9463cceebe91664e4aa C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: 8ba469072b5a692b659f856c7e97a230 C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
MD5: 885ba7ae8f650e7d7bcb5b966e00ddce c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: f7dd2d785280db73dc9060f80361befb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: a3609397ef273b03295dbb10274be12c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 06a4250c9e3606cae3f68da45702f342 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 6e5b42219f1fe4a3d087d9d501e343d5 C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
MD5: 98a078f838a70f84e1bd490d7c7675f4 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MD5: 6a5d0ed8f280ab8e312a4252472a14a4 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MD5: 57b4d34232852bfe4453be571df90d21 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
MD5: 2168e61b9e3b06eeb8b3eacdfdc4699b C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MD5: c3a5ffd57c2563204cd9351f0c7a0dea C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll
MD5: a1a6fc56a1d0dadc164637fe43c40605 C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll
MD5: 652b4e6919ab957e202057fd60d1b42a C:\Program Files (x86)\Cyberlink\PowerDVD9\CLRCEngine3.dll
MD5: 86810e2d993f7327eb5b25b5d17d21c1 C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
MD5: f5fba8724de219e96d9abaf4772d31a3 C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
MD5: b196ad6815800558ecbbb8f5de06fabb C:\Program Files (x86)\CyberLink\Shared files\brs.exe
MD5: f12a68ed55053940cadd59ca5e3468dd C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: a1c148801b4af64847aeb9f3ad9594ef C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
MD5: 41118d920b2b268c0adc36421248cdcf C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
MD5: e0ad06be7dbec6ef843711e97080549a C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
MD5: 4ea7bb1ac8fea8a1a794b12464b27488 C:\Program Files (x86)\iTunes\iTunesHelper.dll
MD5: f4d0446ba874917354801f210e66f545 C:\Program Files (x86)\iTunes\iTunesHelper.exe
MD5: 378137a1872cf45448c1f665635929ef C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 221b9e05b7d5f22b27f5281e80c7118e C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: a9770771b622a871643ea2a4a3983e95 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
MD5: 34e3709244736b8976820f730e5a8815 C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
MD5: 8e6c86726b67d3faa3144849b9aac06c c:\program files (x86)\java\jre6\bin\ssv.dll
MD5: 3d19081fede8e9ef5b4fbb5f88ee4544 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
MD5: 13df8cb66d46d078c6f08311624953b6 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\eka_meta.dll
MD5: 2d7b85b2dd1cd303c52d29ad99c37c22 c:\program files (x86)\kaspersky lab\kaspersky pure 2.0\ievkbd.dll
MD5: 8ecf8af465b7988aebb8adaf492ebe83 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klscav.dll
MD5: 8f00d50db7ccdec5e71ebdc3de333ced c:\program files (x86)\kaspersky lab\kaspersky pure 2.0\klwtbbho.dll
MD5: b54b52dd4b6ff985d876f3b8857677c9 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\params.ppl
MD5: e8e65e322ab2efcb613c226f86243738 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\prloader.dll
MD5: 301d6f356ab10c205bf655414c72c87f C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\prremote.dll
MD5: 33946484180518816312e994b97106e8 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\pxstub.ppl
MD5: aa6389bbe8a80d1b1cf747237119223f C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\scrchpg.dll
MD5: bbe79c67709d42d9f0230a6d3bec5003 C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\service.dll
MD5: 5cce53eb00ce026f431ee67be2d4c0cb C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\shellex.dll
MD5: 1b82bcf0b8f9228b39f75b0dfa079a21 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
MD5: ba400ed640bca1eae5c727ae17c10207 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
MD5: ed327201724ea05d509b7939abe49e98 C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
MD5: bd5fc9f3ef6ce0e4e149e9825285974d C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MD5: 4f69aabb5d82aa4ef6dff7871212adf6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MD5: 2c83614ca5c79d7f75c65e79fcabb257 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MD5: 3817d77e8371f2b8bfab4653fb23230c C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MD5: 0993ab4dc534b208c5557d0586195589 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MD5: 97258f0898f8e3f3d154ce1dd71fd50b C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MD5: f8d269cb2edd02963adab1065352487d C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MD5: 1200b011ad494a9e41d882143deb9d68 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MD5: 6d8f7647f8eadb1f0d003b13ac7aff8b C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MD5: 4eb7702ea671448197af4ca2b0d6f7d0 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MD5: 77685eccd3cc603c49fb6df510f2d191 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MD5: cbbaa8d5109e5c51c241482be107d1b2 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MD5: e52f9b31aea7458e415616b88f41d6b6 C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MD5: 65d434a6ead6152acffca952121b8fa2 C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MD5: a7b6857b7503d9ca4f40d17a7ebb67fb C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MD5: a878453a1714870eaada83e6434bdb77 C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: e0ad06be7dbec6ef843711e97080549a C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 25a86a8d2a66b599800d3530dc8ca4af C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MD5: 9a0f86431a4304985a6a32356d8a1e5a C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MD5: 49c2a8dbd535ec9ff202aca627c3ec6a C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MD5: ed866bd9b4f737c4e798eb92dca30931 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MD5: cbe42bf86e34fbb1ca197da60b024792 C:\Program Files (x86)\Mozilla Firefox\xul.dll
MD5: 96aa8ba23142cc8e2b30f3cae0c80254 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: 21ba9b0831f4d7f278f5e82363e94f96 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
MD5: 08b438a5a06cd877f19b92f6868c031d C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
MD5: 6477c69fc49d97c7bf406d27e81fc17f C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MD5: 53108d7dcadd5b6a94e200f7dbbf9024 C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll
MD5: fbfef84c69e626bb8cdcce155a1388cb C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll
MD5: 0e38649ec32ef7f813341522e8ef0825 C:\Program Files (x86)\OpenOffice.org 3\program\aggmi.dll
MD5: ae2f480e76e07cde1f6513494e471aaf C:\Program Files (x86)\OpenOffice.org 3\program\avmediami.dll
MD5: 0a77096bf7a424a7da9d4e68afd3eac3 C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
MD5: 1543c0ddb9bffb268734634aceab142f C:\Program Files (x86)\OpenOffice.org 3\program\canvastoolsmi.dll
MD5: 36e91aa600d3003028bfe8c9f0c149ca C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
MD5: 42c5fbce821e96be91f705fb480de8e8 C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
MD5: 9d937a3a63cd7cbc76b375145bbc5348 C:\Program Files (x86)\OpenOffice.org 3\program\cppcanvasmi.dll
MD5: 9cf60047d9e4e45ae68d94609e9d109b C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
MD5: e721b9714d2979a68559c9ee66921a65 C:\Program Files (x86)\OpenOffice.org 3\program\drawinglayermi.dll
MD5: 5b3a3fb1a9e396c724462d16419a8673 C:\Program Files (x86)\OpenOffice.org 3\program\editengmi.dll
MD5: 5b76f061ede130acb48324225964d05b C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
MD5: 9081ac6aeda03aa3de1acf9d23515d09 C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
MD5: b47f152e8af4a3f19b9b411b1e668cb5 C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
MD5: 8cc62afb865e5c6064ada46b66288462 C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll
MD5: aced2b3fabcf935a5d49124b5d1f34ca C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
MD5: dce441f125f9ebdc0df2bb38c4d7d34b C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
MD5: 1dad346fe3ae4e31a2a67f3db35e72ae C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
MD5: b23719129a11dd57bbd404a7d82378c2 C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
MD5: c54e57d86f2ace9f49791c4177d3d599 C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
MD5: 1353f9041e0decc382f4342d488c64b6 C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
MD5: 5a0f88edb2c2ec8d0a0edc15984e6f71 C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
MD5: 825c2eb8513dc4d7c8c3f200a00291f7 C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
MD5: fc391a8f8674e909d88a272c99e27046 C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MD5: 935634bc68cc84a35dd69306a8f7915c C:\Program Files (x86)\OpenOffice.org 3\program\lngmi.dll
MD5: 6c597bf83a6178efebffc4469f2d3150 C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
MD5: 944d3e67eb4d29495a93812227333bab C:\Program Files (x86)\OpenOffice.org 3\program\logmi.dll
MD5: 399e67e5d6ced660dd47f83531ce480c C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
MD5: b079f2fa188c23aadbd94909e088e568 C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovecoremi.dll
MD5: 04ab2c6620975f64d1ef63ca1e28159f C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
MD5: f7dce54077ee9d8a351c4b1ffa866ee7 C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
MD5: 7c27f5ad651035a99aa84ccf0f6e9b43 C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll
MD5: ac8d4e684f5e655db4600bce35eefb3a C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll
MD5: 896d51dcb17ae9da68930e9de59236e5 C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
MD5: 2337ec951c4af6e1af65d10bd9615beb C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
MD5: 11e8d8272fdbe213ade3dad91427ce35 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
MD5: 975903af2812c3c60654f4a63da99fac C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
MD5: 31abde2465e68d5e89e59bc1e5b957ff C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
MD5: f48a59a61ab3861e257b07494aa74efa C:\Program Files (x86)\OpenOffice.org 3\program\stsmi.DLL
MD5: c8c69707c3c5a8da8eef4e2b366d489e C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
MD5: 3042b002cab072d3b006ca4d3c401b94 C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
MD5: 971016f14718cf72f8558edebaf5b731 C:\Program Files (x86)\OpenOffice.org 3\program\svxcoremi.dll
MD5: 47de96043b793be9aea7110d929d7f95 C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
MD5: 84227e23fe1f1c6f360e36b7e48cb8c9 C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
MD5: dfeae45fe41d9a64856777712195bb2a C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
MD5: f712daa5d5ccfd0d551f26d745a6ec27 C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
MD5: 711ec474f2a2306c4c8452968264d1ca C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
MD5: ef6f8f011dcfb105f3ca06272e09854d C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
MD5: 447555e5594f1873075744a9abdc6b93 C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
MD5: 3e6c3d5cace39dfe55da8701a5d70424 C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
MD5: 7c1b924dc90904b709905a83010b1dc4 C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
MD5: 93158cf346df1564320ed849a9c24cec C:\Program Files (x86)\OpenOffice.org 3\program\xomi.dll
MD5: 69fe2a5dafb4e987955d2444e4649c02 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
MD5: 82540bcbba281e327bb4067d151bb144 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
MD5: e0301670430079057e139f811e771b43 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
MD5: 61ad309f2a15071c1cb0910abbd4822c C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
MD5: 8380176b773155134f0504d98026779d C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
MD5: 74e3c9b58969256756c2109d016b445c C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
MD5: e547758e403624b7ceeb734a266338bb C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
MD5: adf08121608b583c295f326503063fd5 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
MD5: e85291f31e85b1d1fb97a37b738bcf11 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
MD5: 8c9a7e5cf5d8d2ce30b5184bb3068082 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
MD5: 49c2e7d52b19bd3ae62e194a5b3a9afc C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
MD5: 896329227e0ddf80698038c55894dc94 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
MD5: af43c4f7f3c8bc95dad95024f96cdc4a C:\Program Files (x86)\QuickTime\QTTask.exe
MD5: 374afc771ea02cfafe94ff48c391c022 C:\Program Files (x86)\Skype\Phone\Skype.exe
MD5: d3d76ea75470d658e30b323911d669a7 c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: 390679f7a217a5e73d756276c40ae887 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MD5: 1f8ffde82c52353906244afdc6baf2ab C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
MD5: f6717211c1ec2cddaa81b97b0727c2e9 C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
MD5: aaa414455fe1aa87e424bdfcae249b50 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: df96c3cd6ae15f6d0a6bcb70f9c1e88d C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
MD5: baef86ebeaece76573fa822dea256f6c C:\Program Files\Intel\TurboBoost\TurboBoost.exe
MD5: 4472c8825b5e41d8697d5962f47ab1c9 C:\Program Files\iPod\bin\iPodService.exe
MD5: 7d9d615201a483d6fa99491c2e655a5a C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
MD5: 3289766038db2cb14d07dc84392138d5 C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
MD5: 58a38e75f3316a83c23df6173d41f2b5 C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
MD5: 7d8464976ccaf1a7faf17af8d7c2e061 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: f4c253d1c2da99696e135a320c54dbad C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: 45a20a8416ee7dc7711953cc68b07643 C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
MD5: 7ae2120f494195664fdff401f2693ec9 C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
MD5: 1db3300fe6ef0d52ecabbb903fca6a41 C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe
MD5: 1570f1e976e042c833f736e3cfe03d96 C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v9wd176k.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: 07e56f90546052d0574355e16ab48a6f C:\Windows\AsScrPro.exe
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: ac4c51eb24aa95b77f705ab159189e24 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: a585bebf7d054bd9618eda0922d5484a C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\cryptui.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 64ca3862d74ea610cd64dc6ad652db5e C:\Windows\system32\d2d1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: 91b4aad4412bb223b466f3dfb43e86da C:\Windows\system32\D3Dx10_40.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: ccf4e830512c0a298791f1d34b81c215 C:\Windows\system32\dwrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
MD5: 40d777b7a95e00593eb1568c68514493 C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: ab142f0ddc6e236472da8ba5b23a9e66 C:\Windows\system32\igd10umd32.dll
MD5: 8020c0923cb26676e998d0bd246cfaef C:\Windows\system32\igdumd32.dll
MD5: c679f9e548ecb2e75a2879a3aacb6104 C:\Windows\system32\igdumdx32.dll
MD5: 93117349047ddb7b3ff24eb006207606 C:\Windows\system32\ImgUtil.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\Iphlpapi.DLL
MD5: d541fa755bf406293ae0a29727209e83 C:\Windows\system32\jsproxy.dll
MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\Windows\system32\mapi32.dll
MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\Windows\system32\MFC42.DLL
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 7069aab8536f29ed7323140973a2894b C:\Windows\system32\msdmo.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: 1020c0c4bac624daf56712ea6d5865ce C:\Windows\system32\MSVCR71.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 4205ca4cd43e725db9ff02b0a588a8c6 C:\Windows\System32\msxml3.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\system32\NLAapi.dll
MD5: eb77db354791a5932ca559b6f6374e95 C:\Windows\system32\ntshrui.dll
MD5: 55efe98e5d331bb68a4d895439f13632 C:\Windows\system32\nvapi.dll
MD5: 19bc0ff8b0b4c9c440b5f5169f3dbc0d C:\Windows\system32\nvumdshim.dll
MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\Windows\system32\ODBC32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\oleacc.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\olepro32.dll
MD5: 487f44b08efeaf5ad087878357b9403d C:\Windows\system32\pdh.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\System32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 1affb765af1fdcc0c185c38e9ddddaee C:\Windows\system32\schannel.DLL
MD5: 69678722290c78d5d7198c60b5a4e3e8 C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\System32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\Windows\system32\userinit.exe
MD5: 24744ab6647b336fd2738f71da6ad7d6 C:\Windows\system32\vsnp2uvc.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\system32\wer.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\winspool.drv
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: 1957d49a9613faad1c73b508cce02aa5 C:\Windows\system32\wmp.dll
MD5: 0fbc74aa20fe0ae6884279f893169c60 C:\Windows\system32\wmploc.dll
MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\wtsapi32.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\comdlg32.dll
MD5: 454e292861a4ef1d72f43f42bbaf6917 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: 19bc13711ac403feb830522e4831701b C:\Windows\SysWOW64\gameux.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: ec528c1ec2c0318a1612456e438d6963 C:\Windows\SysWOW64\ieframe.dll
|
May 9th, 2012, 08:17 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
BitDefender Log pt.3
MD5: b54856b913ccbf23f456f87148f42920 C:\Windows\SysWOW64\iepeers.dll
MD5: 6872331a809fc689f6b2b60816b7eea5 C:\Windows\syswow64\iertutil.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\syswow64\IMM32.dll
MD5: 494701186ccf559024b9db11760b7dbc C:\Windows\SysWOW64\jscript.dll
MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\Windows\syswow64\kernel32.dll
MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\Windows\syswow64\KERNELBASE.dll
MD5: c140f86932b5b61f54a4d836e2d34ab2 C:\Windows\SysWOW64\ksproxy.ax
MD5: 630a31f277349109299e590856a4b004 C:\Windows\SysWOW64\kswdmcap.ax
MD5: 459ac130c6ab892b1cd5d7544626efc5 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 62059985af996f4ffe5451cb0d5924bf C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\Windows\SysWOW64\MFC42.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: 624a8fc27001639d08f3558fbb607187 C:\Windows\SysWOW64\mshtml.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: e73b0f1819602cb6ef176fb78d76a47b C:\Windows\SysWOW64\ntdll.dll
MD5: 40b09407651348a5ab98c73780454659 C:\Windows\SysWOW64\nvinit.dll
MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\Windows\SysWOW64\ODBC32.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: 0ae0c4955e1de29ccdc9da1b816fe5ee C:\Windows\SysWOW64\quartz.dll
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: 16ab4bd2acc52109f43739bf0e89e18f C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: 44b2693080979a0e05085b3faaa43a09 C:\Windows\syswow64\SspiCli.dll
MD5: fd859e892a62c5d4b708ea1d92550988 C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\syswow64\USP10.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\SysWOW64\wer.dll
MD5: 7cca8574a3b9bb41a4150739e21f1b23 C:\Windows\syswow64\WININET.dll
MD5: a7d79e9f660340ab20cd73f12910985f C:\Windows\syswow64\wintrust.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: d5c19842c2271327ca20511c30ffeed3 C:\Windows\vsnp2uvc.exe
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP 80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR 80.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR 90.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 0029eba325f2fc9b6ba46bee33f32a09 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c8 0\gdiplus.dll
The following file(s) must be uploaded for server-side scanning:
C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\cppcanvasmi.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
C:\Program Files (x86)\OpenOffice.org 3\program\drawinglayermi.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
C:\Program Files (x86)\OpenOffice.org 3\program\lngmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
C:\Program Files (x86)\OpenOffice.org 3\program\canvastoolsmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\logmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\aggmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\stsmi.DLL
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovecoremi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
C:\Program Files (x86)\OpenOffice.org 3\program\avmediami.dll
C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
Upload started - 39 file(s)
salhelper3MSC.dll (13312)
localebe1.uno.dll (24064)
oooimprovecoremi.dll (24576)
i18nisolang1MSC.dll (26112)
i18npapermi.dll (29184)
msci_uno.dll (51712)
store3.dll (53248)
i18nutilMSC.dll (66560)
oooimprovementmi.dll (83968)
uwinapi.dll (86016)
logmi.dll (88576)
jvmfwk3.dll (92160)
stocservices.uno.dll (92672)
reg3.dll (92672)
vos3MSC.dll (94208)
aggmi.dll (129024)
deploymentmiscmi.dll (135680)
cppu3.dll (142848)
emsermi.dll (148480)
avmediami.dll (211456)
ucb1.dll (212992)
sotmi.dll (256000)
ucpfile1.dll (257024)
cppcanvasmi.dll (285184)
oleautobridge.uno.dll (287232)
fwimi.dll (311296)
ucbhelper4MSC.dll (358912)
sofficeapp.dll (379904)
configmgr.uno.dll (396800)
cppuhelper3MSC.dll (432128)
bootstrap.uno.dll (452608)
canvastoolsmi.dll (503296)
stsmi.DLL (511488)
tlmi.dll (529408)
xcrmi.dll (531456)
stlport_vc7145.dll (597504)
basegfxmi.dll (700928)
svlmi.dll (777216)
libdb47.dll (832000)
Upload speed - 38 KB/s
Upload finished - 39 uploaded, 0 failed
The uploaded file(s) were found clean.
Scan finished - communication took 265 sec
Total traffic - 9.85 MB sent, 1.03 KB recvd
Scanned 478 files and modules - 304 seconds
|
May 9th, 2012, 08:21 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
Last one, HJT
Sorry, i did the BitDefender scan with Firefox. That may be why it's unacceptably long. Again, sorry.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:28, on 09/05/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DrvUpdater] C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe /hide
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16404 bytes
|
May 9th, 2012, 08:23 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
aaaaaaaaand the Uninstall List
????????????
µTorrent
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.5.1 MUI
Alcor Micro USB Card Reader
Apple Application Support
Apple Software Update
ASUS AI Recovery
ASUS AP Bank
ASUS CopyProtect
ASUS FancyStart
ASUS LifeFrame3
ASUS MultiFrame
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Video Magic
ASUS Video Magic
ASUS Virtual Camera
ASUS_N_Series_Screensaver
ATK Hotkey
ATK Package
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC 8
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Chicken Invaders 2
Choice Guard
ControlDeck
CyberLink LabelPrint
CyberLink LabelPrint
CyberLink MediaShow Espresso
CyberLink MediaShow Espresso
CyberLink Power2Go
CyberLink Power2Go
CyberLink PowerDVD 9
CyberLink PowerDVD 9
Dream Day Wedding Married in Manhattan
Express Gate
Flickr Uploadr 3.2.1
Game Park Console
G-Force
Google Earth Plug-in
Google Update Helper
HD Tune 2.55
HijackThis 2.0.2
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Island Wars 2
Java(TM) 6 Update 22
Java(TM) 6 Update 31
Junk Mail filter update
Kaspersky PURE 2.0
Kaspersky PURE 2.0
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 12.0 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP3 Parser (KB973685)
NEC Electronics USB 3.0 Host Controller Driver
NEC Electronics USB 3.0 Host Controller Driver
OpenOffice.org 3.3
Piggly
Portal 2
QuickTime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
SHARP Android??? ?????????????
Skype Click to Call
Skype™ 5.5
Smileyville
Solid MP4 Video Converter 3.8.5
Spotify
Spybot - Search & Destroy
Vimeo Uploader
Vimeo Uploader
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 2.0.1
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinFlash
Wireless Console 3
|
May 9th, 2012, 01:21 PM
|
|
|
the first thing I am seeing is, in HJT log, alot of system files showing as "file missing".
I would run a full chkdsk scan of your C: partition [including the surface scan to check for bad sectors].
Next, if you have your OS install cd [hopefully you do or can get a copy of one], follow the tutorial HERE to scan and replace your missing system files.
After that, update definitions for malwarebytes, then, run a FULL scan [not quick scan].
Next, run HJT scan and post back your log.
|
May 9th, 2012, 08:51 PM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
Thanks, but...
Thanks for the quick response. However, 2 problems arise...
1) chkdsk doesn't seem to be opening properly
and
2) I don't currently have acess to my installation CD (i'm on the other side of the world from all of my backup stuff) and with WGA playing up i don't think i can download from windows.
Any other ways to acheive the same results?
|
May 9th, 2012, 11:44 PM
|
|
|
|
you need to be able to replace the missing system files and the only way I know is by following that tutorial in the link I gave.
You might try using system restore, but, I have a feeling that it will not help in this case.
I'm not sure how you're trying to run chkdsk, but, I would try tapping F8 when you first boot your machine, until you see the options that allow you to "Repair your Computer"..select that option, and log in with administrative permissions then choose the command prompt option and try running chkdsk C: /r from it if you can.
|
May 11th, 2012, 12:03 PM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
Update: sorry for the delay
Ok, ran chkdsk, it said it corrected some volumes but couldn't produce a logfile.
Then ran SFC, which found some corrupt files but couldn't fix them.
Ran HJT and it said on opening that it doesn't have admin priveleges and so can't access some files, so therefore can't fix them. Odd when signed in as admin, another symptom of this WGA BS. Restarted as admin, full log below:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:02:37, on 12/05/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DrvUpdater] C:\Users\Owner\AppData\Roaming\DRPSu\DrvUpdater.exe /hide
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16450 bytes
|
May 11th, 2012, 01:12 PM
|
|
|
|
I am seeing some ASUS programs listed on there.
Is this on an ASUS laptop that has the recovery partition on it?
If so, I would highly suggest that you backup your important files and, then, perform a factory recovery...as that would be your 'easiest' option.
Otherwise, there are still quite a few 'missing' system files that need to be on your machine [look in the O23 - Service section to see all of them.]
If SFC can't repair or replace those missing system files, then, you will have to do it manually [ THE HARD WAY ] by using a win7x64 OS install disk to EXPAND those missing files back to their rightful place(s).
However, your easiest route is to use the ASUS system recovery [if you are using an ASUS laptop]..but, remember to backup all your important stuff .
|
May 12th, 2012, 06:21 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
ASUS magic
Good spot, i should've said so before. I am indeed using an ASUS, so i assume it has a recovery partition although being painfully n00bular at this kind of system management I'm not sure how exactly to go about this... embarassing, doubly so for the feeling of wasting your time, but how do i proceed?
Also, if i back up to an external HD will it not replicate any infections when i bring them back over to the main computer?
|
May 12th, 2012, 12:15 PM
|
|
|
|
what is the model of the ASUS [MAGIC isn't the model]?
can you get to the disk manager [ start, run, diskmgmt.msc ]?
if so, you can check to see for sure if you actually have a recovery partition on that laptop....look for about a 10gb FAT32 partition most likely right after your main C: partition. If its there, then, you have the recovery partition and can most likely use it to perform your recovery.
I know on the netbook, to access the recovery option, you start tapping F9 when you first turn ON teh machine. If it is a netbook, you may need to press F2 to get into the bios and turn OFF/disable the 'boot booster' option.
As for your backup being infected, thats what having a good antivirus installed is for, to scan your backup files for any infection BEFORE you return them back to your machine.
|
May 17th, 2012, 07:44 AM
|
|
Registered User
|
|
Join Date: May 2012
Posts: 12
Time spent in forums: 1 h 13 m
Reputation Power: 0
|
|
|
Ok, final check before the plunge
Thanks again, and sorry for the delay things got hectic again!
I have a 14GB partition, not Fat32 (or even defined as anything) in addition to my 2 active partitions, so i assume that's the recovery part.
Just to check, seeing as i don't have my CD's with me, the recovery partition should be able to complete a full installation, factory fresh, right? If so, will execute your instructions the moment i get confirmation and pray ta gahd this works
Model is N-Series. 61JV. Anything i should know?
|
Developer Shed Advertisers and Affiliates
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
Rate This Thread |
 Linear Mode
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
