Thread: I'm OK, RIGHT?

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0

    I'm OK, RIGHT?


    Don't really have any issues but thought I would run the little instruction set given in the thread "If you have infections issues start here".

    Step 1. Ran CCleaner. MMM. 9000 files cleaned. Several registry issues.

    Step 1a. Did not run ATF cleaner. That sucker was written in 2007 and the writeup does not mention Windows 7.

    Step 2. Ran malwarebytes. Not smiling any more. 5 Infections - see below:

    Malwarebytes' Anti-Malware 1.51.2.1300

    Database version: 8186

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    11/18/2011 1:00:33 AM
    mbam-log-2011-11-18 (01-00-33).txt

    Scan type: Quick scan
    Objects scanned: 214173
    Time elapsed: 3 minute(s), 58 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 5
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    Am I being sucked in?
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    Step 3. GAHHH - SuperAntiSpyware Free Edition has already caught 36 registry threats and 340 file threats, and we're only 10 minutes into the scan. Going to bed now, update MANYANA.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    SUPERAntiSpyware Scan Log
    http xyz superantispywaredaht-com

    Generated 11 18 2011 at 02 32 AM

    Application Version 5dot 0dot 1136

    Core Rules Database Version 7960
    Trace Rules Database Version 5772

    Scan type Complete Scan
    Total Scan Time 00 54 10

    Operating System Information
    Windows 7 Professional 64-bit, Service Pack 1 (Build 6dot 01dot 7601)
    UAC On - Limited User

    Memory items scanned 499
    Memory threats detected 0
    Registry items scanned 75109
    Registry threats detected 36
    File items scanned 85951
    File threats detected 428

    Adwaredot Tracking Cookie
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia addot yieldmanager 3 dot txt Cookie olivia addot yieldmanagerdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia sdot clickability 1 dot txt Cookie olivia sdot clickabilitydaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia mediaplex 2 dot txt Cookie olivia mediaplexdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia atdot atwola 3 dot txt Cookie olivia atdot atwoladaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia mediabrandsww 2 dot txt Cookie olivia mediabrandswwdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia adinterax 1 dot txt Cookie olivia adinteraxdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia xyz burstnet 3 dot txt Cookie olivia xyz burstnetdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia media6degrees 1 dot txt Cookie olivia media6degreesdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia adecn 2 dot txt Cookie olivia adecndaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia rotatordot hadj7dot adjuggler 1 dot txt Cookie olivia rotatordot hadj7dot adjugglerdaht-net servlet ajrotator track pt63551
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia burstnet 3 dot txt Cookie olivia burstnetdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia invitemedia 2 dot txt Cookie olivia invitemediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia pointroll 3 dot txt Cookie olivia pointrolldaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia serving-sys 2 dot txt Cookie olivia serving-sysdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia msnportaldot 112dot 2o7 1 dot txt Cookie olivia msnportaldot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia cdn1dot trafficmp 2 dot txt Cookie olivia cdn1dot trafficmpdaht-com prod ig
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia a1dot interclick 2 dot txt Cookie olivia a1dot interclickdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia burstbeacon 1 dot txt Cookie olivia burstbeacondaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia adbrite 3 dot txt Cookie olivia adbritedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia adsdot pointroll 3 dot txt Cookie olivia adsdot pointrolldaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia doubleclick 2 dot txt Cookie olivia doubleclickdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia revsci 3 dot txt Cookie olivia revscidaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia advertising 3 dot txt Cookie olivia advertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia zedo 2 dot txt Cookie olivia zedodaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia tribalfusion 1 dot txt Cookie olivia tribalfusiondaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia trafficmp 1 dot txt Cookie olivia trafficmpdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia interclick 3 dot txt Cookie olivia interclickdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia r1-adsdot acedot advertising 2 dot txt Cookie olivia r1-adsdot acedot advertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia xyz burstbeacon 3 dot txt Cookie olivia xyz burstbeacondaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia atdmt 3 dot txt Cookie olivia atdmtdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies olivia collective-media 1 dot txt Cookie olivia collective-mediadaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 6GJENYMZdot txt Cookie olivia addot yieldmanagerdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia lucidmedia 1 dot txt Cookie olivia lucidmediadaht-com clicksense ad 6065
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia trackingdot servedbyy 1 dot txt Cookie olivia trackingdot servedbyydaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low AUFOIV2Wdot txt Cookie olivia citidot bridgetrackdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia volkswagendot 122dot 2o7 1 dot txt Cookie olivia volkswagendot 122dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low YWQ382SCdot txt Cookie olivia adserverdot adtechusdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 7ZV80K00dot txt Cookie olivia traveladvertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low R7AKQTIEdot txt Cookie olivia mediaplexdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia trafficdot proddot cobaltgroup 1 dot txt Cookie olivia trafficdot proddot cobaltgroupdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 4GO2298Bdot txt Cookie olivia atdot atwoladaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia clickforensics 1 dot txt Cookie olivia clickforensicsdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 2CBVDAFEdot txt Cookie olivia pro-marketdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low UQ4DAO1Hdot txt Cookie olivia mediabrandswwdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia adinterax 2 dot txt Cookie olivia adinteraxdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low UQWRXPPPdot txt Cookie olivia media6degreesdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia adecn 2 dot txt Cookie olivia adecndaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 5EW3I8G8dot txt Cookie olivia xyz burstnetdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 2ZFPCFP7dot txt Cookie olivia invitemediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low FJ5UB2T6dot txt Cookie olivia mediaforgedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia adknowledge 1 dot txt Cookie olivia adknowledgedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia affiliatedot utatracker 2 dot txt Cookie olivia affiliatedot utatrackerdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia targetdot dbdot advertising 1 dot txt Cookie olivia targetdot dbdot advertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low T60CAGDOdot txt Cookie olivia tdot pointrolldaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 3JVVWVVCdot txt Cookie olivia pointrolldaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia trackerdot adjump 2 dot txt Cookie olivia trackerdot adjumpdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low RF8BKAAEdot txt Cookie olivia serving-sysdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia msnportaldot 112dot 2o7 1 dot txt Cookie olivia msnportaldot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia specificmedia 2 dot txt Cookie olivia specificmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 3CHFKFFNdot txt Cookie olivia a1dot interclickdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low PGT4D0GDdot txt Cookie olivia burstbeacondaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia media1dot break 1 dot txt Cookie olivia media1dot breakdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia richmediadot yahoo 2 dot txt Cookie olivia richmediadot yahoodaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia oasn04dot 247realmedia 1 dot txt Cookie olivia oasn04dot 247realmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low ELUYR7I4dot txt Cookie olivia adbritedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low G2GPURSOdot txt Cookie olivia fastclickdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia evitedot 112dot 2o7 1 dot txt Cookie olivia evitedot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia clickboothlnk 1 dot txt Cookie olivia clickboothlnkdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low PDVMDVBFdot txt Cookie olivia intermundomediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 4D5TZQROdot txt Cookie olivia adsdot pointrolldaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia farecastcomdot 122dot 2o7 1 dot txt Cookie olivia farecastcomdot 122dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia jsfpdot coremetrics 1 dot txt Cookie olivia jsfpdot coremetricsdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low ZFSWLMG3dot txt Cookie olivia ardot atwoladaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 2AH4SQ5Ddot txt Cookie olivia doubleclickdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low YM8KIQPGdot txt Cookie olivia advertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low QYSBW5JRdot txt Cookie olivia zedodaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low DZFIS1QFdot txt Cookie olivia eyewonderdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low W1J9ASSRdot txt Cookie olivia tribalfusiondaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low OKZ1GDEMdot txt Cookie olivia insightexpressaidaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia specificclick 2 dot txt Cookie olivia specificclickdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low GUXC2FUJdot txt Cookie olivia trafficmpdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 5U4QUERNdot txt Cookie olivia interclickdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia msnbcdot 112dot 2o7 1 dot txt Cookie olivia msnbcdot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia gotachadot rotatordot hadj7dot adjuggler 2 dot txt Cookie olivia gotachadot rotatordot hadj7dot adjugglerdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 3WI3IG42dot txt Cookie olivia r1-adsdot acedot advertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low FN3RH1F5dot txt Cookie olivia lucidmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low AXONPTM7dot txt Cookie olivia contentdot yieldmanagerdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low SURFUYHRdot txt Cookie olivia legolas-mediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia 247realmedia 2 dot txt Cookie olivia 247realmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia redorbit 2 dot txt Cookie olivia redorbitdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 6YIJ56QTdot txt Cookie olivia atdmtdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 2J60KRI9dot txt Cookie olivia questionmarketdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia grdot burstnet 2 dot txt Cookie olivia grdot burstnetdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low T0RZDLVRdot txt Cookie olivia ru4daht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia statdot dealtime 2 dot txt Cookie olivia statdot dealtimedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low ZH2F7RFVdot txt Cookie olivia xyz googleadservicesdaht-com pagead conversion 1037752441
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low IO1BUM8Hdot txt Cookie olivia xyz homefinderdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia dmtracker 1 dot txt Cookie olivia dmtrackerdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia solvemedia 2 dot txt Cookie olivia solvemediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low JX1SOSZ5dot txt Cookie olivia collective-mediadaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia adserverdot webmasterbond 1 dot txt Cookie olivia adserverdot webmasterbonddaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia xyz google 2 dot txt Cookie olivia xyz googledaht-com accounts
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia ccdot gameadserve 2 dot txt Cookie olivia ccdot gameadservedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low S7MA1DTBdot txt Cookie olivia adserverdot leanmarketdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low FU9DTWFWdot txt Cookie olivia xyz googleadservicesdaht-com pagead conversion 1070254509
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia adtrackrs 2 dot txt Cookie olivia adtrackrsdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia indot getclicky 1 dot txt Cookie olivia indot getclickydaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia emediatrack 2 dot txt Cookie olivia emediatrackdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low BJKDX9H7dot txt Cookie olivia jeetyetmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia thumbplaydot 112dot 2o7 1 dot txt Cookie olivia thumbplaydot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 24T1EFMFdot txt Cookie olivia addot yieldmanagerdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low Q6OM4393dot txt Cookie olivia burstnetdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia qksrv 2 dot txt Cookie olivia qksrvdaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia dcdot tremormedia 1 dot txt Cookie olivia dcdot tremormediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia xyz redorbit 2 dot txt Cookie olivia xyz redorbitdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low ZJI7ZK0Hdot txt Cookie olivia dominionenterprisesdot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia linksynergy 2 dot txt Cookie olivia linksynergydaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia homestoredot 122dot 2o7 1 dot txt Cookie olivia homestoredot 122dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia cdn1dot trafficmp 1 dot txt Cookie olivia cdn1dot trafficmpdaht-com prod ig
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 0BX8ID52dot txt Cookie olivia xyz googleadservicesdaht-com pagead conversion 959296623
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia liveperson 1 dot txt Cookie olivia livepersondaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia zdot blogads 2 dot txt Cookie olivia zdot blogadsdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia lucidmedia 5 dot txt Cookie olivia lucidmediadaht-com clicksense
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia media303 2 dot txt Cookie olivia media303daht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia xyz pixeltrack66 2 dot txt Cookie olivia xyz pixeltrack66daht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 4UWWL70Adot txt Cookie olivia adsdot bridgetrackdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia counterdot surfcounters 1 dot txt Cookie olivia counterdot surfcountersdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 8Z1SYB8Hdot txt Cookie olivia revscidaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia easdot apmdot emediate 1 dot txt Cookie olivia easdot apmdot emediatedot eu
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia staticdot freewebsdot getclicky 1 dot txt Cookie olivia staticdot freewebsdot getclickydaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia statcounter 1 dot txt Cookie olivia statcounterdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia adsdot redorbit 2 dot txt Cookie olivia adsdot redorbitdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low NHVFC5KWdot txt Cookie olivia mmdot chitikadaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia microsoftwlcashbackdot 112dot 2o7 1 dot txt Cookie olivia microsoftwlcashbackdot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low E5MJBIB5dot txt Cookie olivia livepersondaht-net hc 5404042
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia 2o7 1 dot txt Cookie olivia 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low IMSO6KA2dot txt Cookie olivia xyz burstbeacondaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low YB1ZHTE9dot txt Cookie olivia adlegenddaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 4ZKT9LBJdot txt Cookie olivia openxdot jeetyetmediadaht-com www delivery
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia paypaldot 112dot 2o7 1 dot txt Cookie olivia paypaldot 112dot 2o7daht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low JR7HJGXJdot txt Cookie olivia homefinderdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low EBXZKBV3dot txt Cookie olivia mediadot adsvelocitydaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia nextag 1 dot txt Cookie olivia nextagdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 8YP2RZDAdot txt Cookie olivia edgedot redfordmediallcdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia liveperson 5 dot txt Cookie olivia livepersondaht-net hc 71384334
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low S2R39FYFdot txt Cookie olivia edgedot jeetyetmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low K4G0XLURdot txt Cookie olivia atwoladaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 8BT0V6GSdot txt Cookie olivia statsedot webtrendslivedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low J7GBZAN0dot txt Cookie olivia openxdot jeetyetmediadaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low DUZDZA9Ddot txt Cookie olivia serverdot iaddot livepersondaht-net
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia zboxdot zanox 1 dot txt Cookie olivia zboxdot zanoxdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 8IEFTVLRdot txt Cookie olivia clickfusedaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low I541XRA3dot txt Cookie olivia xyz clickmagicnetworkdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low 4QGU4V09dot txt Cookie olivia konteradaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia beta-adsdot acedot advertising 2 dot txt Cookie olivia beta-adsdot acedot advertisingdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low EG22UI7Sdot txt Cookie olivia xyz googleadservicesdaht-com pagead conversion 1072686189
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia addot zanox 2 dot txt Cookie olivia addot zanoxdaht-com
    C USERS olivia AppData Roaming Microsoft Windows Cookies Low olivia xyz qksrv 1 dot txt Cookie olivia xyz qksrvdaht-net
    C USERS olivia Cookies olivia addot yieldmanager 3 dot txt Cookie olivia addot yieldmanagerdaht-com
    C USERS olivia Cookies olivia sdot clickability 1 dot txt Cookie olivia sdot clickabilitydaht-com
    C USERS olivia Cookies olivia mediaplex 2 dot txt Cookie olivia mediaplexdaht-com
    C USERS olivia Cookies olivia atdot atwola 3 dot txt Cookie olivia atdot atwoladaht-com
    C USERS olivia Cookies olivia mediabrandsww 2 dot txt Cookie olivia mediabrandswwdaht-com
    C USERS olivia Cookies olivia adinterax 1 dot txt Cookie olivia adinteraxdaht-com
    C USERS olivia Cookies olivia xyz burstnet 3 dot txt Cookie olivia xyz burstnetdaht-com
    C USERS olivia Cookies olivia media6degrees 1 dot txt Cookie olivia media6degreesdaht-com
    C USERS olivia Cookies olivia adecn 2 dot txt Cookie olivia adecndaht-com
    C USERS olivia Cookies olivia rotatordot hadj7dot adjuggler 1 dot txt Cookie olivia rotatordot hadj7dot adjugglerdaht-net servlet ajrotator track pt63551
    C USERS olivia Cookies olivia burstnet 3 dot txt Cookie olivia burstnetdaht-com
    C USERS olivia Cookies olivia invitemedia 2 dot txt Cookie olivia invitemediadaht-com
    C USERS olivia Cookies olivia pointroll 3 dot txt Cookie olivia pointrolldaht-com
    C USERS olivia Cookies olivia serving-sys 2 dot txt Cookie olivia serving-sysdaht-com
    C USERS olivia Cookies olivia msnportaldot 112dot 2o7
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    And the second half of the 464 threats detected by SuperAntiSpyware, massaged so it could be accepted.

    And yeah, I never went to bed, just stared at the scan, horrified, for an hour while it scanned.


    C USERS michael AppData Roaming Microsoft Windows Cookies michael casalemedia 2 dot txt Cookie michael casalemediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael azjmp 1 dot txt Cookie michael azjmpdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael xyz burstbeacon 1 dot txt Cookie michael xyz burstbeacondaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael atdmt 3 dot txt Cookie michael atdmtdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael fastclick 1 dot txt Cookie michael fastclickdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael overture 1 dot txt Cookie michael overturedaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael xyz burstnet 2 dot txt Cookie michael xyz burstnetdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael advertising 2 dot txt Cookie michael advertisingdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael statdot onestat 2 dot txt Cookie michael statdot onestatdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael doubleclick 2 dot txt Cookie michael doubleclickdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael the-best-track 1 dot txt Cookie michael the-best-trackdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael yieldmanager 1 dot txt Cookie michael yieldmanagerdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael tacodadot atdot atwola 1 dot txt Cookie michael tacodadot atdot atwoladaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael burstnet 2 dot txt Cookie michael burstnetdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael adsdot pointroll 1 dot txt Cookie michael adsdot pointrolldaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael viacomdot adbureau 1 dot txt Cookie michael viacomdot adbureaudaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael salesdot liveperson 2 dot txt Cookie michael salesdot livepersondaht-net hc 76226072
    C USERS michael AppData Roaming Microsoft Windows Cookies michael eyewonder 1 dot txt Cookie michael eyewonderdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael userdot lucidmedia 1 dot txt Cookie michael userdot lucidmediadaht-com clicksense
    C USERS michael AppData Roaming Microsoft Windows Cookies michael adecn 1 dot txt Cookie michael adecndaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael smileycentral 1 dot txt Cookie michael smileycentraldaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael questionmarket 3 dot txt Cookie michael questionmarketdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael salesdot liveperson 3 dot txt Cookie michael salesdot livepersondaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael lfstmedia 2 dot txt Cookie michael lfstmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael tribalfusion 3 dot txt Cookie michael tribalfusiondaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael pointroll 3 dot txt Cookie michael pointrolldaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael 2o7 1 dot txt Cookie michael 2o7daht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael liveperson 3 dot txt Cookie michael livepersondaht-net hc 76226072
    C USERS michael AppData Roaming Microsoft Windows Cookies michael dmtracker 1 dot txt Cookie michael dmtrackerdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael trackdot freegiftcenter 2 dot txt Cookie michael trackdot freegiftcenterdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael ru4 3 dot txt Cookie michael ru4daht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael realmedia 1 dot txt Cookie michael realmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael burstbeacon 3 dot txt Cookie michael burstbeacondaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael interclick 2 dot txt Cookie michael interclickdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael msnportaldot 112dot 2o7 2 dot txt Cookie michael msnportaldot 112dot 2o7daht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael atdot atwola 2 dot txt Cookie michael atdot atwoladaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies michael liveperson 1 dot txt Cookie michael livepersondaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies michael invitemedia 2 dot txt Cookie michael invitemediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael xyz googleadservices 2 dot txt Cookie michael xyz googleadservicesdaht-com pagead conversion 1070774672
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael insightexpressai 2 dot txt Cookie michael insightexpressaidaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael chitika 2 dot txt Cookie michael chitikadaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael atdmt 1 dot txt Cookie michael atdmtdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael dcdot tremormedia 1 dot txt Cookie michael dcdot tremormediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael fastclick 2 dot txt Cookie michael fastclickdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael media6degrees 1 dot txt Cookie michael media6degreesdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael amex-insights 2 dot txt Cookie michael amex-insightsdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael xyz burstnet 1 dot txt Cookie michael xyz burstnetdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael advertising 1 dot txt Cookie michael advertisingdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael adservedot scubaboard 2 dot txt Cookie michael adservedot scubaboarddaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael pro-market 1 dot txt Cookie michael pro-marketdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael xyz googleadservices 1 dot txt Cookie michael xyz googleadservicesdaht-com pagead conversion 1017811644
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael serving-sys 1 dot txt Cookie michael serving-sysdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low 0320SP2Vdot txt Cookie michael doubleclickdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael adservedot brandgivewaycentre 2 dot txt Cookie michael adservedot brandgivewaycentredaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael adsonar 2 dot txt Cookie michael adsonardaht-com adserving
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael specificmedia 2 dot txt Cookie michael specificmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael statcounter 1 dot txt Cookie michael statcounterdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael adscendmedia 1 dot txt Cookie michael adscendmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael e-2dj6wfmiemcjwlpdot statsdot esomniture 1 dot txt Cookie michael e-2dj6wfmiemcjwlpdot statsdot esomnituredaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael e-2dj6wjkyugajofpdot statsdot esomniture 2 dot txt Cookie michael e-2dj6wjkyugajofpdot statsdot esomnituredaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael cdn1dot trafficmp 2 dot txt Cookie michael cdn1dot trafficmpdaht-com prod ig
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael eyewonder 2 dot txt Cookie michael eyewonderdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael mediadot mtvnservices 1 dot txt Cookie michael mediadot mtvnservicesdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael lucidmedia 1 dot txt Cookie michael lucidmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael serverdot cpmstar 2 dot txt Cookie michael serverdot cpmstardaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael questionmarket 2 dot txt Cookie michael questionmarketdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael lfstmedia 2 dot txt Cookie michael lfstmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael mediadot photobucket 2 dot txt Cookie michael mediadot photobucketdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael advertisingdot sheknows 1 dot txt Cookie michael advertisingdot sheknowsdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael pointroll 1 dot txt Cookie michael pointrolldaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael 2o7 1 dot txt Cookie michael 2o7daht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael dmtracker 1 dot txt Cookie michael dmtrackerdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael ru4 2 dot txt Cookie michael ru4daht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael CAH6FKI4dot txt Cookie michael xyz targetdaht-com Gifts-Teen-Boys-Gift-Giving b
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael tourmycountry 2 dot txt Cookie michael tourmycountrydaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael interclick 2 dot txt Cookie michael interclickdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael lockedonmedia 1 dot txt Cookie michael lockedonmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael msnportaldot 112dot 2o7 1 dot txt Cookie michael msnportaldot 112dot 2o7daht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael dealtime 1 dot txt Cookie michael dealtimedaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael invitemedia 2 dot txt Cookie michael invitemediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael overture 2 dot txt Cookie michael overturedaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael zedo 1 dot txt Cookie michael zedodaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael yieldmanager 1 dot txt Cookie michael yieldmanagerdaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael adsdot pointroll 2 dot txt Cookie michael adsdot pointrolldaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael viacomdot adbureau 2 dot txt Cookie michael viacomdot adbureaudaht-net
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael targetdot dbdot advertising 1 dot txt Cookie michael targetdot dbdot advertisingdaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael easdot apmdot emediate 1 dot txt Cookie michael easdot apmdot emediatedot eu
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael 247realmedia 1 dot txt Cookie michael 247realmediadaht-com
    C USERS michael AppData Roaming Microsoft Windows Cookies Low michael clicksor 2 dot txt Cookie michael clicksordaht-com
    C USERS michael Cookies michael casalemedia 2 dot txt Cookie michael casalemediadaht-com
    C USERS michael Cookies michael azjmp 1 dot txt Cookie michael azjmpdaht-com
    C USERS michael Cookies michael xyz burstbeacon 1 dot txt Cookie michael xyz burstbeacondaht-com
    C USERS michael Cookies michael atdmt 3 dot txt Cookie michael atdmtdaht-com
    C USERS michael Cookies michael fastclick 1 dot txt Cookie michael fastclickdaht-net
    C USERS michael Cookies michael overture 1 dot txt Cookie michael overturedaht-com
    C USERS michael Cookies michael xyz burstnet 2 dot txt Cookie michael xyz burstnetdaht-com
    C USERS michael Cookies michael advertising 2 dot txt Cookie michael advertisingdaht-com
    C USERS michael Cookies michael statdot onestat 2 dot txt Cookie michael statdot onestatdaht-com
    C USERS michael Cookies michael doubleclick 2 dot txt Cookie michael doubleclickdaht-net
    C USERS michael Cookies michael the-best-track 1 dot txt Cookie michael the-best-trackdaht-com
    C USERS michael Cookies michael yieldmanager 1 dot txt Cookie michael yieldmanagerdaht-net
    C USERS michael Cookies michael tacodadot atdot atwola 1 dot txt Cookie michael tacodadot atdot atwoladaht-com
    C USERS michael Cookies michael burstnet 2 dot txt Cookie michael burstnetdaht-com
    C USERS michael Cookies michael adsdot pointroll 1 dot txt Cookie michael adsdot pointrolldaht-com
    C USERS michael Cookies michael viacomdot adbureau 1 dot txt Cookie michael viacomdot adbureaudaht-net
    C USERS michael Cookies michael salesdot liveperson 2 dot txt Cookie michael salesdot livepersondaht-net hc 76226072
    C USERS michael Cookies michael eyewonder 1 dot txt Cookie michael eyewonderdaht-com
    C USERS michael Cookies michael userdot lucidmedia 1 dot txt Cookie michael userdot lucidmediadaht-com clicksense
    C USERS michael Cookies michael adecn 1 dot txt Cookie michael adecndaht-com
    C USERS michael Cookies michael smileycentral 1 dot txt Cookie michael smileycentraldaht-com
    C USERS michael Cookies michael questionmarket 3 dot txt Cookie michael questionmarketdaht-com
    C USERS michael Cookies michael salesdot liveperson 3 dot txt Cookie michael salesdot livepersondaht-net
    C USERS michael Cookies michael lfstmedia 2 dot txt Cookie michael lfstmediadaht-com
    C USERS michael Cookies michael tribalfusion 3 dot txt Cookie michael tribalfusiondaht-com
    C USERS michael Cookies michael pointroll 3 dot txt Cookie michael pointrolldaht-com
    C USERS michael Cookies michael 2o7 1 dot txt Cookie michael 2o7daht-net
    C USERS michael Cookies michael liveperson 3 dot txt Cookie michael livepersondaht-net hc 76226072
    C USERS michael Cookies michael dmtracker 1 dot txt Cookie michael dmtrackerdaht-com
    C USERS michael Cookies michael trackdot freegiftcenter 2 dot txt Cookie michael trackdot freegiftcenterdaht-com
    C USERS michael Cookies michael ru4 3 dot txt Cookie michael ru4daht-com
    C USERS michael Cookies michael realmedia 1 dot txt Cookie michael realmediadaht-com
    C USERS michael Cookies michael burstbeacon 3 dot txt Cookie michael burstbeacondaht-com
    C USERS michael Cookies michael interclick 2 dot txt Cookie michael interclickdaht-com
    C USERS michael Cookies michael msnportaldot 112dot 2o7 2 dot txt Cookie michael msnportaldot 112dot 2o7daht-net
    C USERS michael Cookies michael atdot atwola 2 dot txt Cookie michael atdot atwoladaht-com
    C USERS michael Cookies michael liveperson 1 dot txt Cookie michael livepersondaht-net
    C USERS michael Cookies michael invitemedia 2 dot txt Cookie michael invitemediadaht-com
    C USERS olivia APPDATA LOCAL TEMP LOW COOKIES olivia ADBRITE 1 dot TXT ADBRITE
    adot ads2dot msadsdaht-net C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    ads2dot msadsdaht-net C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    bdot ads2dot msadsdaht-net C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    cdn4dot specificclickdaht-net C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    dcldot wdpromediadaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    dcl2dot wdpromediadaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    hsdot interpollsdaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    mediadot theoniondaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    mediadot wfaadaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    media1dot breakdaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    media1dot clubpenguindaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    msnbcmediadot msndaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    parksandresortsdot wdpromediadaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    s0dot 2mdndaht-net C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    secure-usdot imrworldwidedaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    udndot specificclickdaht-net C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    xyz redorbitdaht-com C USERS olivia APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS 9B2HLPSU
    C USERS olivia APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW olivia LUCIDMEDIA 2 dot TXT LUCIDMEDIA
    149dot memecounterdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    ads1dot msndaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    atdmtdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    cdn4dot specificclickdaht-net C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    coredot insightexpressaidaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    iadot media-imdbdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    interclickdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    m1dot 2mdndaht-net C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    macromediadaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    mediadot gamefudgedaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    mediadot mtvnservicesdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    mediadot resulthostdot org C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    mediadot scanscoutdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    mediadot tattomediadaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    mediadot wfaadaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    media1dot clubpenguindaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    media2dot hallpassdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    memecounterdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    msnbcmediadot msndaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    msntestdot serving-sysdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    objectsdot tremormediadaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    oddcastdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    secure-usdot imrworldwidedaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    serving-sysdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    spedot atdmtdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    udndot specificclickdaht-net C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    videodot redorbitdaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    yodot staticdot presidiomediadaht-com C USERS PUBLIC HOMEPC OLD PC APPLICATION DATA MACROMEDIA FLASH PLAYER #SHAREDOBJECTS E5UWWALX
    C USERS PUBLIC HOMEPC OLD PC COOKIES HOMEPC 112dot 2O7 2 dot TXT 112dot 2O7
    149dot memecounterdaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    adot ads2dot msadsdaht-net C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    ads2dot msadsdaht-net C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    bdot ads2dot msadsdaht-net C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    cdn4dot specificclickdaht-net C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    coredot insightexpressaidaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    media1dot clubpenguindaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    msnbcmediadot msndaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    msntestdot serving-sysdaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    multimediadot msndaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    objectsdot tremormediadaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    parksandresorts2dot wdpromediadaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    s0dot 2mdndaht-net C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    udndot specificclickdaht-net C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    wdw2dot wdpromediadaht-com C USERS michael APPDATA ROAMING MACROMEDIA FLASH PLAYER #SHAREDOBJECTS NXWEB2RP
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael ADBRITE 2 dot TXT ADBRITE
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael AFFILIATEdot ZANTRACKER 1 dot TXT AFFILIATEdot ZANTRACKER
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael APMEBF 1 dot TXT APMEBF
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael CONTENTdot YIELDMANAGER 2 dot TXT CONTENTdot YIELDMANAGER
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael INTERMUNDOMEDIA 1 dot TXT INTERMUNDOMEDIA
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael REVSCI 1 dot TXT REVSCI
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael TRAFFICMP 2 dot TXT TRAFFICMP
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES LOW michael xyz GOOGLEADSERVICES 4 dot TXT xyz GOOGLEADSERVICES
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael ADdot YIELDMANAGER 3 dot TXT ADdot YIELDMANAGER
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael ADBRITE 2 dot TXT ADBRITE
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael APMEBF 1 dot TXT APMEBF
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael ADSdot ACLAP 1 dot TXT ADSdot ACLAP
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael ADSERVEdot BRANDGIVEWAYCENTRE 1 dot TXT ADSERVEdot BRANDGIVEWAYCENTRE
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael BSdot SERVING-SYS 2 dot TXT BSdot SERVING-SYS
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael BURSTNET 1 dot TXT BURSTNET
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael COLLECTIVE-MEDIA 1 dot TXT COLLECTIVE-MEDIA
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael CONTENTdot YIELDMANAGER 2 dot TXT CONTENTdot YIELDMANAGER
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael DCdot TREMORMEDIA 1 dot TXT DCdot TREMORMEDIA
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael FASTCLICK 2 dot TXT FASTCLICK
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael INVITEMEDIA 1 dot TXT INVITEMEDIA
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael MSNBCdot 112dot 2O7 1 dot TXT MSNBCdot 112dot 2O7
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael POINTROLL 2 dot TXT POINTROLL
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael REVSCI 2 dot TXT REVSCI
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael SPECIFICMEDIA 1 dot TXT SPECIFICMEDIA
    C USERS michael APPDATA ROAMING MICROSOFT WINDOWS COOKIES michael TRIBALFUSION 2 dot TXT TRIBALFUSION

    Adwaredot MyWebSearch FunWebProducts
    (x64) HKCR Interface {07B18EAC-A523-4961-B6BB-170DE4475CCA}
    (x64) HKCR Interface {07B18EAC-A523-4961-B6BB-170DE4475CCA} ProxyStubClsid32
    (x64) HKCR Interface {07B18EAC-A523-4961-B6BB-170DE4475CCA} TypeLib
    (x64) HKCR Interface {07B18EAC-A523-4961-B6BB-170DE4475CCA} TypeLib#Version
    (x64) HKCR Interface {17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
    (x64) HKCR Interface {17DE5E5E-BFE3-4E83-8E1F-8755795359EC} ProxyStubClsid32
    (x64) HKCR Interface {17DE5E5E-BFE3-4E83-8E1F-8755795359EC} TypeLib
    (x64) HKCR Interface {17DE5E5E-BFE3-4E83-8E1F-8755795359EC} TypeLib#Version
    (x64) HKCR Interface {2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    (x64) HKCR Interface {2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} ProxyStubClsid32
    (x64) HKCR Interface {2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} TypeLib
    (x64) HKCR Interface {2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} TypeLib#Version
    (x64) HKCR Interface {3E720453-B472-4954-B7AA-33069EB53906}
    (x64) HKCR Interface {3E720453-B472-4954-B7AA-33069EB53906} ProxyStubClsid32
    (x64) HKCR Interface {3E720453-B472-4954-B7AA-33069EB53906} TypeLib
    (x64) HKCR Interface {3E720453-B472-4954-B7AA-33069EB53906} TypeLib#Version
    (x64) HKCR Interface {63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    (x64) HKCR Interface {63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} ProxyStubClsid32
    (x64) HKCR Interface {63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} TypeLib
    (x64) HKCR Interface {63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} TypeLib#Version
    (x64) HKCR Interface {BBABDC90-F3D5-4801-863A-EE6AE529862D}
    (x64) HKCR Interface {BBABDC90-F3D5-4801-863A-EE6AE529862D} ProxyStubClsid32
    (x64) HKCR Interface {BBABDC90-F3D5-4801-863A-EE6AE529862D} TypeLib
    (x64) HKCR Interface {BBABDC90-F3D5-4801-863A-EE6AE529862D} TypeLib#Version
    (x64) HKCR Interface {E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    (x64) HKCR Interface {E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} ProxyStubClsid32
    (x64) HKCR Interface {E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} TypeLib
    (x64) HKCR Interface {E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} TypeLib#Version
    (x64) HKCR Interface {E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    (x64) HKCR Interface {E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} ProxyStubClsid32
    (x64) HKCR Interface {E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} TypeLib
    (x64) HKCR Interface {E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} TypeLib#Version
    (x64) HKCR Interface {EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    (x64) HKCR Interface {EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} ProxyStubClsid32
    (x64) HKCR Interface {EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} TypeLib
    (x64) HKCR Interface {EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} TypeLib#Version
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    And here is step 4, using Bit Defender Online Scanner with explorer running in administrator mode.

    I'm starting to feel better. OR DO I?


    QuickScan 32-bit v0.9.9.100
    ---------------------------
    Scan date: Fri Nov 18 03:17:53 2011
    Machine ID: 70406792



    No infection found.
    -------------------



    Processes
    ---------
    Flash® Player Installer/Uninstaller 4036 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    Microsoft Search Enhancement Pack 1672 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    MobileDeviceService 1420 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    Norton PC Checkup Launcher Service 4040 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\SymcPCCULaunchSvc.exe
    NVIDIA Update Components 3136 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    Symantec Security Technologies 1588 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvcHst.exe
    Symantec Security Technologies 2796 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvcHst.exe
    Windows® Internet Explorer 1456 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    Windows® Internet Explorer 2136 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    Windows® Internet Explorer 3944 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    (verified) Microsoft® Visual Studio .NET 1536 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE


    Network activity
    ----------------
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.86.64.162
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.86.64.162
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 184.28.205.55
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 184.28.205.55
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.45.95
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.45.95
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.47.96
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.47.96
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.51
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 72.246.231.139
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 72.246.231.139
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.227.64
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.227.64
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 66.235.142.2
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 66.235.142.2
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.47.96
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.227.63
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.227.63
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 184.28.205.55
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 184.28.205.55
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.227.89
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.227.89
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.227.39
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.227.39
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 66.220.146.32
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 66.220.146.32
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 66.220.146.32
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.192.88
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 24.143.205.185
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 184.86.45.177
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 184.86.45.177
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 66.132.220.30
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 199.68.156.31
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 66.132.220.119
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 199.68.156.83
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 216.137.43.108
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 216.137.43.108
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 204.246.169.250
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 204.246.169.250
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 204.246.169.250
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 204.246.169.250
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 204.246.169.250
    Process iexplore.exe (1456) connected on port 443 (HTTP over SSL) --> 74.125.45.95
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.227.78
    Process iexplore.exe (1456) connected on port 80 (HTTP) --> 74.125.227.78
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.198.35
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.198.35
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 74.125.227.27
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 74.125.227.27
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 74.125.227.91
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 74.125.227.91
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 173.194.64.106
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 173.194.64.106
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 74.125.227.78
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 74.125.227.78
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 184.86.88.74
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 184.86.88.74
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.72
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.72
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.89
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 184.73.187.64
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 184.73.187.64
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 184.73.187.64
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 184.73.187.64
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.34
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.34
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.192.34
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 209.35.17.17
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 24.143.198.18
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 107.20.154.27
    Process iexplore.exe (2136) connected on port 80 (HTTP) --> 107.20.154.27



    Autoruns and critical files
    ---------------------------
    Internet Explorer C:\Program Files (x86)\Internet Explorer
    Microsoft® Windows® Operating System c:\windows\syswow64\userinit.exe
    SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Windows Live™ Photo Gallery C:\Windows\WLXPGSS.SCR
    (verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


    Browser plugins
    ---------------
    AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
    Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
    BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
    Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
    Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
    Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    Google Update C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    Java(TM) Platform SE 6 U29 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    Java(TM) Platform SE 6 U29 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    Microsoft Search Enhancement Pack c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
    Microsoft® CoReXT c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
    Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
    Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
    npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    Panda3D Game Engine Plug-in 1.0.2 C:\Windows\Downloaded Program Files\p3dactivex.ocx
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
    QuickTime Plug-in 7.6.9 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
    Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    Windows Activation Technologies C:\Windows\system32\Wat\npWatWeb.dll
    Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    Windows® Internet Explorer c:\windows\syswow64\ieframe.dll
    (verified) Microsoft Office Live Plug-in for Firef C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    (verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
    (verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
    (verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


    Scan
    ----
    MD5: 4393dcb856a2a109e266e6f59e2ef31a C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
    MD5: 203a74767eb81f96a5166b1933db46d0 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
    MD5: 848bc9a0bb2361e549fd4c22d7548fb8 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
    MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
    MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
    MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
    MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
    MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
    MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
    MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
    MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
    MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
    MD5: 8b22cf51b907e3a221267cf1e502993a C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL
    MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    MD5: 1224bc6de919f8cd8c1c945280e63852 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
    MD5: 905b5bf5be0a86e8412801bf20357195 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
    MD5: bb0667b0171b632b97ea759515476f07 C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    MD5: 6bf01e200063d7274f3af06d226671f5 c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
    MD5: 9d4a1690af93f233e15380398bec7431 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    MD5: 8c2044169be2224c8a7cb8e81e7581af C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    MD5: a1659e4d08fe8d0f0bc61960d8c0369e C:\Program Files (x86)\Internet Explorer\ieproxy.dll
    MD5: d9d5b8876afaef641fa71cf40ebfa4f2 C:\Program Files (x86)\Internet Explorer\IEShims.dll
    MD5: 904e13ba41af2e353a32cf351ca53639 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    MD5: 4393dcb856a2a109e266e6f59e2ef31a C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
    MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
    MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    MD5: dc365b6e595683f67bc21a203432e336 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    MD5: 1e96525ae85d402f9f8047f8caef5f06 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    MD5: 46d748ab26eba869c6953863afd0617d c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\agcore.dll
    MD5: ce6db25ffa35fd051c503f11db745862 c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    MD5: 16a252022535b680046f6e34e136d378 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    MD5: a4ad1aa4c57409480c1d84bbca6becf0 c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
    MD5: 09a06ecc3ce3048b17f25f75acc63d14 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccIPC.dll
    MD5: 5b465c535ea4f73c4b14a1320b8ca5f8 C:\PROGRAM FILES (X86)\NORTON PC CHECKUP\ENGINE\2.0.11.20\CCJOBMGR.DLL
    MD5: 88104ccbc329d185a881031a11259229 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccL90U.dll
    MD5: 2b61f6766cae1125c00dd9ddd268d876 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSet.dll
    MD5: 4050600091370422c9b20ac34dc1acac C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvc.dll
    MD5: 2f86be1818c2d7ac90478e3323ee7fcb C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvcHst.exe
    MD5: 0921ed273d89ba9778437ecd26b6a78a C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccVrTrst.dll
    MD5: 725e8022808c6b92d99ef36f2e9fce02 C:\PROGRAM FILES (X86)\NORTON PC CHECKUP\ENGINE\2.0.11.20\DIMASTER.DLL
    MD5: 75c2f8067b10f47239f8d2caba736f5b C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\SymcPCCULaunchSvc.exe
    MD5: e7818cd4fb51284c948d68a7a85a69b8 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    MD5: 4ce9dac1518ff7e77bd213e6394b9d77 C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    MD5: ac421a44de902f2627f1e63793ed89cd C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
    MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
    MD5: 28ad5e311996a34025cfb07e131058dd C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    MD5: 7e47c328fc4768cb8beafbcfafa70362 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    MD5: 4472c8825b5e41d8697d5962f47ab1c9 C:\Program Files\iPod\bin\iPodService.exe
    MD5: 157e9e498206a3366baa7e4697bdd947 c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    MD5: 566ddd5d82520da01d75f81428ac4c38 c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    MD5: 7d9d615201a483d6fa99491c2e655a5a C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    MD5: 3289766038db2cb14d07dc84392138d5 C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    MD5: 58a38e75f3316a83c23df6173d41f2b5 C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    MD5: 302d8522ff30ca031cadf681b7bf2e11 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
    MD5: 368b2bee3f88bfb883d2c74a258de6f6 C:\Windows\AppPatch\AcLayers.DLL
    MD5: 6d7de520d8aa80a243347becd401eb54 C:\Windows\AppPatch\AcWow64.DLL
    MD5: 713b6d8a41f8fb39cf12332ea8e17133 C:\Windows\Downloaded Program Files\p3dactivex.ocx
    MD5: 1fa2274532e71bc48bbcc0046a5d4c4a C:\Windows\Downloaded Program Files\qsax.dll
    MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
    MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
    MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
    MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
    MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
    MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
    MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
    MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
    MD5: 454e292861a4ef1d72f43f42bbaf6917 C:\Windows\system32\Crypt32.dll
    MD5: a585bebf7d054bd9618eda0922d5484a C:\Windows\system32\cryptsvc.dll
    MD5: 35cede6439ff0d8903223a0817ffe46c C:\Windows\system32\d2d1.dll
    MD5: 2de90400a63818fa38c4c5c9adb166bf C:\Windows\system32\d3d10_1.dll
    MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
    MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
    MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\DBGHELP.DLL
    MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\system32\DEVRTL.dll
    MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
    MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\dnsapi.DLL
    MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
    MD5: 0a5c7253183a6f956d10a3a4bbc96288 C:\Windows\system32\DWrite.dll
    MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
    MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
    MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
    MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
    MD5: f0f079a8a947fcfbf8275be7ec1a35ae C:\Windows\system32\IEFRAME.dll
    MD5: 83424cf46ffef33736df95c6db52f4bb C:\Windows\system32\IEUI.dll
    MD5: 68563ac389f92ee79f1c714288ba1dce C:\Windows\system32\ImgUtil.dll
    MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
    MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\iphlpapi.dll
    MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
    MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
    MD5: 04e0cd31a63dfc0d73725a3d1768fb5a C:\Windows\system32\MSHTML.dll
    MD5: 0ce4d3bd306da6d1f6f233c403f5b667 C:\Windows\system32\msi.dll
    MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
    MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
    MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
    MD5: 4205ca4cd43e725db9ff02b0a588a8c6 C:\Windows\System32\msxml3.dll
    MD5: 269d867585cda04d3972a39f3694e7df C:\Windows\System32\msxml6.dll
    MD5: 8b57a1ad493653bb57f281fe75dd175b C:\Windows\System32\NaturalLanguage6.dll
    MD5: 8ce1a6d16b9077e91e192499eb611c5f C:\Windows\system32\NETAPI32.dll
    MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
    MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\system32\NLAapi.dll
    MD5: cdb029db496a0d9a3f1a422824b7b8fa C:\Windows\system32\nvapi.dll
    MD5: 6e58693ccb1c92109b099cbe4ad7696f C:\Windows\system32\nvd3dum.dll
    MD5: aabe6452dfff3baa664a33795b2166fc C:\Windows\system32\nvwgf2um.dll
    MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
    MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
    MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\PROPSYS.dll
    MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
    MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
    MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
    MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\SAMCLI.DLL
    MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
    MD5: a8ce0c7f1d37e0b8082608a148b6b976 C:\Windows\system32\Secur32.dll
    MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
    MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
    MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
    MD5: 6a1e8deb746912df47cf651e138401d7 C:\Windows\System32\StructuredQuery.dll
    MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
    MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
    MD5: 465dbf63a5049e4db4bc5c12ffe781cb C:\Windows\system32\tquery.dll
    MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
    MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
    MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
    MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
    MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
    MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
    MD5: 02c61d8ad469417f5508225c75de3236 C:\Windows\system32\webio.dll
    MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\windowscodecs.dll
    MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
    MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
    MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
    MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
    MD5: 2d0d2da87bea7144f2a17f19d0d17e4c C:\Windows\system32\WinTrust.dll
    MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
    MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\system32\ws2_32.dll
    MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
    MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
    MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\XmlLite.dll
    MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
    MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
    MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\comdlg32.dll
    MD5: 454e292861a4ef1d72f43f42bbaf6917 C:\Windows\syswow64\CRYPT32.dll
    MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
    MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll
    MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll
    MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
    MD5: f0f079a8a947fcfbf8275be7ec1a35ae c:\windows\syswow64\ieframe.dll
    MD5: 217557259182c86a6d3ade11bc42b74a C:\Windows\syswow64\iertutil.dll
    MD5: b2fd31e20b423335fe3273b4bf95813c C:\Windows\syswow64\imagehlp.dll
    MD5: 3be120ba72475250fa6bfcb3bee6a7f7 C:\Windows\SysWOW64\jscript9.dll
    MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\Windows\syswow64\kernel32.dll
    MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\Windows\syswow64\KERNELBASE.dll
    MD5: e9f427ef46965d33e878a507a2f5ccb6 C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx
    MD5: d5f72e03edf8bdea4847d693237330c7 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.dll
    MD5: 54126cddef533083d0ffdb94810ad1aa C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
    MD5: d124f55b9393c976963407dff51ffa79 C:\Windows\SysWOW64\ntdll.dll
    MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
    MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
    MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
    MD5: 135f7ac9be35ab1df727faf2e60e92f8 C:\Windows\SysWOW64\schannel.dll
    MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
    MD5: 699b9dda17581b8e7f50a0ff05c7e102 C:\Windows\syswow64\SHELL32.dll
    MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
    MD5: 7224d964a6d657374c551c878eb2c386 C:\Windows\syswow64\SspiCli.dll
    MD5: 3bf5881cb3d3402ade70be9e96e18c67 C:\Windows\syswow64\urlmon.dll
    MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
    MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\syswow64\userinit.exe
    MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\syswow64\USP10.dll
    MD5: 5e7a2cf7719161c5e6c0e47d67ad45ae C:\Windows\SysWOW64\vbscript.dll
    MD5: d3788d91530cfa005bd516189a4c676e C:\Windows\syswow64\WININET.dll
    MD5: 2d0d2da87bea7144f2a17f19d0d17e4c C:\Windows\syswow64\WINTRUST.dll
    MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
    MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
    MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP 80.dll
    MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR 80.dll
    MD5: db001faea818ae2e14a74e0adc530fc0 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCP 90.dll
    MD5: b3892e6da8e2c8ce4b0a9d3eb9a185e5 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCR 90.dll
    MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    MD5: 74908820c298ad4768efa5e27ac4fc20 C:\Windows\WLXPGSS.SCR


    No file uploaded.

    Scan finished - communication took 2 sec
    Total traffic - 0.02 MB sent, 0.80 KB recvd
    Scanned 321 files and modules - 20 seconds

    ==============================================================================
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    Step 5 Arrives. What will this tool say? I need sleep.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:32:30 AM, on 11/18/2011
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvcHst.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-3019566487-3890124038-1667859115-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-3019566487-3890124038-1667859115-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
    O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\SymcPCCULaunchSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.11.20\ccSvcHst.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9033 bytes
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0
    The uninstall list from Hijackthis Misc Tools.

    YAWN...


    Acrobat.com
    Acrobat.com
    Adobe AIR
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.4.6
    Amazon MP3 Downloader 1.0.12
    Amazon MP3 Uploader
    Amazon MP3 Uploader
    AmpliTube X-GEAR
    Apple Application Support
    Apple Software Update
    ARO 2011
    Audacity 1.3.12 (Unicode)
    Audio Creator LE 1.5
    Cakewalk Sound Center 1.0.0
    Call of Duty Game of the Year Edition
    Compatibility Pack for the 2007 Office system
    D3DX10
    EA Download Manager
    GameSpy Arcade
    GEAR driver installer for x86 and x64
    Google Chrome
    Google Earth
    Google Update Helper
    HijackThis 2.0.2
    IrfanView (remove only)
    Java(TM) 6 Update 29
    Junk Mail filter update
    Malwarebytes' Anti-Malware version 1.51.2.1300
    McAfee Security Scan Plus
    Microsoft Office File Validation Add-In
    Microsoft Office Live Add-in 1.3
    Microsoft Office Outlook Connector
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Edition 2003
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    MSVCRT
    MSVCRT_amd64
    Music Creator 5
    Norton PC Checkup
    OneTouch Version 2.2
    PaperPort 6.5
    QuickTime
    Rails Across America
    RollerCoaster Tycoon 2 Triple Thrill Pack
    Rosetta Stone Version 3
    Safari
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Tropico 2: Pirate Cove
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mail
    Windows Live Messenger
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer Resources
    Wizard101



    Ok, now to bed zzzzz
  16. #9
  17. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2011
    Posts
    9
    Rep Power
    0

    Sleep is a Good Thing


    Got a few hours of shut-eye, got a nice mug of coffee from the girl-of-my-dreams, and discovered sysintenals' AUTORUNS. Amazingly cool tool, disables a few more startups, and here is hijackthis after a reboot.

    I'M still OK, right?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:59:47 AM, on 11/18/2011
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
    O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 6416 bytes

IMN logo majestic logo threadwatch logo seochat tools logo