Jump to content


Photo

Requesting check for spyware/malware


  • This topic is locked This topic is locked
21 replies to this topic

#1 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 28 May 2012 - 02:05 AM

Hi, requesting a checkup for any spyware or malware that may be on my computer. I've run a Kaspersky scan that says it finds malicious objects but it won't tell me what they are. Also, I opened up my laptop and there were three screens, one on top of the other, saying Ad-Aware was shut down unexpectedly. Maybe the HijackThis scan will help to give me some feedback. I also have Kaspersky and did a full scan. If you can tell me how to access the log for that, I can post that, too. I appreciate it.

Malwarebytes scan:


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ryan :: RYAN-PC [administrator]

Protection: Enabled

5/28/2012 2:18:58 AM
mbam-log-2012-05-28 (02-18-58).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 327526
Time elapsed: 45 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

DDS file:


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ryan at 3:46:25 on 2012-05-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.2520 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ask.com/?l=dis&o=14200
mStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe"
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [BackupNowEZtray] "C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe" -k
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 68.238.112.12
TCP: Interfaces\{CE768C94-973A-4DB2-86B1-DE85E8FF2235} : DhcpNameServer = 192.168.1.1 68.238.112.12
TCP: Interfaces\{CE768C94-973A-4DB2-86B1-DE85E8FF2235}\16474777966696 : DhcpNameServer = 10.129.108.129 64.134.255.2 64.134.255.10
TCP: Interfaces\{CE768C94-973A-4DB2-86B1-DE85E8FF2235}\843405C434D2C4962627162797 : DhcpNameServer = 65.32.5.74 65.32.5.75
TCP: Interfaces\{E417F927-F6F3-4930-9E2F-24BBA1AC6774} : DhcpNameServer = 12.127.16.67 12.127.17.71
TCP: Interfaces\{F3D72C7D-6532-43FE-95F8-E1CC3A2F807F} : DhcpNameServer = 75.94.255.12 64.13.115.12
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: FrostWire Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: FrostWire Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun-x64: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [BackupNowEZtray] "C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe" -k
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\windows\system32\DRIVERS\Lbd.sys --> C:\windows\system32\DRIVERS\Lbd.sys [?]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2011-4-6 21504]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-25 202296]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-2-27 499200]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-28 2152720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-10 654408]
R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe [2009-9-17 45312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-12-8 267192]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-25 2656280]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-2-27 885248]
R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\windows\system32\DRIVERS\bpenum.sys --> C:\windows\system32\DRIVERS\bpenum.sys [?]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\windows\system32\DRIVERS\bpmp.sys --> C:\windows\system32\DRIVERS\bpmp.sys [?]
R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\windows\system32\Drivers\bpusb.sys --> C:\windows\system32\Drivers\bpusb.sys [?]
R3 CeKbFilter;CeKbFilter;C:\windows\system32\DRIVERS\CeKbFilter.sys --> C:\windows\system32\DRIVERS\CeKbFilter.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-1 17152]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-8-25 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-12-20 822704]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-25 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-29 257696]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 GoToAssist Express Customer;GoToAssist Express Customer;C:\Program Files (x86)\Citrix\GoToAssist Express Customer\330\g2ax_service.exe [2011-11-9 161144]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-25 136176]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-28 03:44:27 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Ad-Aware Antivirus
2012-05-25 09:05:39 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBDFB9F8-1D07-4748-B330-776D6899CEA5}\offreg.dll
2012-05-25 09:04:56 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBDFB9F8-1D07-4748-B330-776D6899CEA5}\mpengine.dll
2012-05-11 01:38:34 1544704 ----a-w- C:\windows\System32\DWrite.dll
2012-05-11 01:38:33 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-05-11 01:38:29 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-05-11 01:38:29 3146240 ----a-w- C:\windows\System32\win32k.sys
2012-05-11 01:38:28 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 01:38:28 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-05-11 01:38:07 75120 ----a-w- C:\windows\System32\drivers\partmgr.sys
2012-05-11 01:37:59 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-05-11 01:37:58 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:37:58 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-11 01:37:58 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:37:57 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-11 01:37:57 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-04 06:31:41 -------- d-----w- C:\ProgramData\WeCareReminder
2012-05-04 06:31:14 -------- d-----w- C:\Users\Ryan\AppData\Roaming\OpenCandy
.
==================== Find3M ====================
.
2012-05-07 03:16:37 955848 ----a-w- C:\windows\System32\npdeployJava1.dll
2012-05-07 03:16:37 839112 ----a-w- C:\windows\System32\deployJava1.dll
2012-05-05 18:22:12 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 18:22:12 419488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 18:20:25 8769696 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 19:56:40 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-03-08 22:50:28 49016 ----a-w- C:\windows\SysWow64\sirenacm.dll
2012-03-08 22:40:52 48488 ----a-w- C:\windows\System32\drivers\fssfltr.sys
2012-03-08 22:37:20 302448 ----a-w- C:\windows\WLXPGSS.SCR
2012-03-01 06:46:16 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\windows\SysWow64\wmi.dll
.
============= FINISH: 3:47:31.96 ===============

Security Check results:


Results of screen317's Security Check version 0.99.28
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
Kaspersky Internet Security 2012
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Java™ 6 Update 31
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbam.exe
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
Kaspersky Lab Kaspersky Internet Security 2012 x64 klwtblfs.exe
Trend Micro HiJackThis HiJackThis.exe
``````````End of Log````````````

#2 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 28 May 2012 - 02:11 AM

I figured out how to post the Kaspersky scan. Here it is:


Rootkit Scan: running (events: 6, objects: 1598, time: 00:07:52)
Task started 5/28/2012 4:00:45 AM Scan
ComboFix.exe Packed: UPX 5/28/2012 4:03:40 AM Scan
GROOVE.EXE Packed: PE_Patch 5/28/2012 4:03:41 AM Scan
swreg.exe Packed: UPX 5/28/2012 4:06:27 AM Scan
htmlayout.dll Packed: UPX 5/28/2012 4:06:28 AM Scan
HiJackThis.exe Packed: UPX 5/28/2012 4:07:53 AM Scan
Vulnerability Scan: completed 4 hours ago (events: 82, objects: 51039, time: 00:10:22)
Task started 5/27/2012 11:21:10 PM Scan
SkinOverAllNoFullNoCaption.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
SkinOverAllNoVolNoCaptionNoFull.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
SkinOverPlay.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
SkinOverPlayMute.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
SkinOverPlaySeekMute.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
SkinOverPlaySeekStop.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
SkinOverPlayStopSeekMuteVol.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
VideoPlayer.swf Packed: Swf2Swc 5/27/2012 11:21:21 PM Scan
BootStrapLoader.swf Packed: Swf2Swc 5/27/2012 11:21:35 PM Scan
NavViewerWebApp.swf Packed: Swf2Swc 5/27/2012 11:21:35 PM Scan
Preview.swf Packed: Swf2Swc 5/27/2012 11:21:35 PM Scan
WindowsInstaller-KB893803-v2-x86.exe Packed: PE_Patch 5/27/2012 11:22:07 PM Scan
PDAppFlex.swf Packed: Swf2Swc 5/27/2012 11:22:15 PM Scan
PDAppFlex.swf Packed: Swf2Swc 5/27/2012 11:22:16 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:22:16 PM Scan
DWAFlex.swf Packed: Swf2Swc 5/27/2012 11:22:16 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:22:16 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:22:16 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:22:17 PM Scan
PWAFlex.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
UWAFlex.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
Adobe AIR Application Installer.swf Packed: Swf2Swc 5/27/2012 11:22:18 PM Scan
setup.swf Packed: Swf2Swc 5/27/2012 11:22:20 PM Scan
stylesNative.swf Packed: Swf2Swc 5/27/2012 11:22:20 PM Scan
fwplayer.exe Packed: UPX 5/27/2012 11:22:43 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:54 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:54 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:54 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:55 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:55 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:56 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:56 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:56 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:56 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:56 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:56 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:56 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:56 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:56 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:57 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:57 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:57 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:57 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:57 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:57 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:58 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:58 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:58 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:59 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:58 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:59 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:59 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:59 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:59 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:22:59 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:59 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:22:59 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:22:59 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:22:59 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:23:00 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:23:00 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:23:01 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:23:01 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:23:02 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:23:02 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:23:02 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:23:02 PM Scan
GROOVE.EXE Packed: PE_Patch 5/27/2012 11:24:10 PM Scan
HiJackThis.exe Packed: UPX 5/27/2012 11:26:02 PM Scan
gt.exe Packed: PE_Patch.PECompact 5/27/2012 11:30:45 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:30:45 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:30:46 PM Scan
PEV.exe Packed: PE_Patch.PECompact 5/27/2012 11:31:16 PM Scan
data0000.res Packed: PE_Patch 5/27/2012 11:31:16 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:31:16 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:31:16 PM Scan
Task completed 5/27/2012 11:31:32 PM Scan
Critical Areas Scan: completed 4 hours ago (events: 5, objects: 9091, time: 00:16:21)
Task started 5/27/2012 11:21:08 PM Scan
ComboFix.exe Packed: UPX 5/27/2012 11:33:27 PM Scan
GROOVE.EXE Packed: PE_Patch 5/27/2012 11:33:28 PM Scan
HiJackThis.exe Packed: UPX 5/27/2012 11:35:14 PM Scan
Task completed 5/27/2012 11:37:30 PM Scan
Full Scan: completed 3 hours ago (events: 1196, objects: 421930, time: 01:46:50)
Task completed 5/28/2012 1:07:57 AM Scan
VTS_03_1.VOB Processing error 5/28/2012 1:07:57 AM Read error Scan
VTS_03_0.VOB Processing error 5/28/2012 1:07:56 AM Read error Scan
VTS_02_5.VOB Processing error 5/28/2012 1:07:56 AM Read error Scan
VTS_02_4.VOB Processing error 5/28/2012 1:07:56 AM Read error Scan
VTS_02_2.VOB Processing error 5/28/2012 1:07:51 AM Read error Scan
VTS_02_1.VOB Processing error 5/28/2012 1:07:48 AM Read error Scan
VTS_02_0.VOB Processing error 5/28/2012 1:07:47 AM Read error Scan
VTS_01_1.VOB Processing error 5/28/2012 1:07:44 AM Read error Scan
VTS_01_0.VOB Processing error 5/28/2012 1:07:41 AM Read error Scan
VIDEO_TS.VOB Processing error 5/28/2012 1:07:41 AM Read error Scan
dvd-rom.exe Packed: Swf2Exe 5/28/2012 1:07:38 AM Scan
CTRL.s3 Packed: MIME.Broken 5/28/2012 12:52:59 AM Scan
PecBundle Packed: PECompact 5/28/2012 12:52:29 AM Scan
PE_Patch.PECompact Packed: PecBundle 5/28/2012 12:52:28 AM Scan
gt.exe Packed: PE_Patch.PECompact 5/28/2012 12:52:28 AM Scan
CTRL.s3 Packed: MIME.Broken 5/28/2012 12:50:11 AM Scan
snowboarder_girl.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
sad_blocks.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
lightbulb.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
knock.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
kiss.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
yatta.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
daisuki.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
aseru.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
arigatou.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
heartkey.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
eyeball.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
taxi.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
star.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
sleepy.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
punch.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
laugh.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
firefly.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
cry.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
bow.swf Packed: Swf2Swc 5/28/2012 12:47:36 AM Scan
Update.swf Packed: Swf2Swc 5/28/2012 12:47:32 AM Scan
SharePane.swf Packed: Swf2Swc 5/28/2012 12:47:31 AM Scan
EmailArchive.swf Packed: Swf2Swc 5/28/2012 12:47:25 AM Scan
navviewerwebapp.swf Packed: Swf2Swc 5/28/2012 12:47:23 AM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/28/2012 12:47:21 AM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/28/2012 12:47:21 AM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/28/2012 12:47:21 AM Scan
SharePane.swf Packed: Swf2Swc 5/28/2012 12:47:19 AM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/28/2012 12:47:17 AM Scan
SpringSkins.swf Packed: Swf2Swc 5/28/2012 12:47:17 AM Scan
AcetateSkins.swf Packed: Swf2Swc 5/28/2012 12:47:17 AM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/28/2012 12:47:17 AM Scan
Wave.swf Packed: Swf2Swc 5/28/2012 12:47:17 AM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
AcetateSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
SpringSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
GuidedWalkthrough.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
AcetateSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
SpringSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
FreeForm.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
AcetateSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
SpringSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
BasicClickThrough.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
SpringSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
AcetateSkins.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
BasicGrid.swf Packed: Swf2Swc 5/28/2012 12:47:16 AM Scan
ISSetup.dll Packed: UPX 5/28/2012 12:47:03 AM Scan
GROOVE.EXE Packed: PE_Patch 5/28/2012 12:46:30 AM Scan
ISSetup.dll Packed: UPX 5/28/2012 12:46:27 AM Scan
ISSetup.dll Packed: UPX 5/28/2012 12:46:23 AM Scan
ISSetup.dll Packed: UPX 5/28/2012 12:46:22 AM Scan
sad_blocks.swf Packed: Swf2Swc 5/28/2012 12:46:09 AM Scan
daisuki.swf Packed: Swf2Swc 5/28/2012 12:46:09 AM Scan
arigatou.swf Packed: Swf2Swc 5/28/2012 12:46:09 AM Scan
taxi.swf Packed: Swf2Swc 5/28/2012 12:46:09 AM Scan
star.swf Packed: Swf2Swc 5/28/2012 12:46:09 AM Scan
laugh.swf Packed: Swf2Swc 5/28/2012 12:46:09 AM Scan
tpwsav.sys Packed: PE_Patch 5/28/2012 12:45:34 AM Scan
ISSetup.dll Packed: UPX 5/28/2012 12:45:22 AM Scan
PecBundle Packed: PECompact 5/28/2012 12:45:20 AM Scan
PE_Patch.PECompact Packed: PecBundle 5/28/2012 12:45:20 AM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/28/2012 12:45:20 AM Scan
PecBundle Packed: PECompact 5/28/2012 12:45:15 AM Scan
PE_Patch.PECompact Packed: PecBundle 5/28/2012 12:45:15 AM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/28/2012 12:45:15 AM Scan
PecBundle Packed: PECompact 5/28/2012 12:45:02 AM Scan
PE_Patch.PECompact Packed: PecBundle 5/28/2012 12:45:02 AM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/28/2012 12:45:02 AM Scan
ERDNT.EXE Packed: UPX 5/28/2012 12:44:31 AM Scan
PecBundle Packed: PECompact 5/28/2012 12:43:19 AM Scan
PE_Patch.PECompact Packed: PecBundle 5/28/2012 12:43:19 AM Scan
PEV.exe Packed: PE_Patch.PECompact 5/28/2012 12:43:19 AM Scan
snowboarder_girl.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
sad_blocks.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
lightbulb.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
knock.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
kiss.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
yatta.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
daisuki.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
aseru.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
arigatou.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
heartkey.swf Packed: Swf2Swc 5/28/2012 12:02:32 AM Scan
eyeball.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
taxi.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
star.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
sleepy.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
punch.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
laugh.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
firefly.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
cry.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
bow.swf Packed: Swf2Swc 5/28/2012 12:02:31 AM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:36 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:31 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:31 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:31 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:31 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:31 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:31 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:30 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:30 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:30 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:30 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:30 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:30 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:30 PM Scan
isrt.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:30 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:30 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:29 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:29 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:28 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:28 PM Scan
isrt.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:28 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:28 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:28 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:28 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:28 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:27 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:27 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:27 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:27 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:26 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:25 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:25 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:25 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:25 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:25 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:13 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:13 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:13 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:11 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:10 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:59:09 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:09 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:09 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:09 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:08 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:59:08 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:08 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:08 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:07 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:59:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:06 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:06 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:06 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:06 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:05 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:05 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:05 PM Scan
isrt.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:05 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:04 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:03 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:59:03 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:01 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:01 PM Scan
isrt.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:01 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:59:00 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:59:00 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:59:00 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:59:00 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:59 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:58 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:57 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:56 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:55 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:58:55 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:58:55 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:58:54 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:58:54 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:58:54 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:58:53 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:58:53 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:58:53 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:58:52 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:58:52 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:58:52 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:58:52 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:58:52 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:58:52 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:51 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:51 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:58:51 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:50 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:49 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:49 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:49 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:49 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:49 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:49 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:58:48 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:58:47 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:58:46 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:58:46 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:58:46 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:58:45 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:58:45 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:58:45 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:58:45 PM Scan
fwplayer.exe Packed: UPX 5/27/2012 11:58:23 PM Scan
snowboarder_girl.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
sad_blocks.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
lightbulb.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
kiss.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
yatta.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
daisuki.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
aseru.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
arigatou.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
heartkey.swf Packed: Swf2Swc 5/27/2012 11:58:21 PM Scan
fwplayer.exe Packed: UPX 5/27/2012 11:58:20 PM Scan
eyeball.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
taxi.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
star.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
sleepy.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
punch.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
laugh.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
bow.swf Packed: Swf2Swc 5/27/2012 11:58:20 PM Scan
stylesNative.swf Packed: Swf2Swc 5/27/2012 11:57:50 PM Scan
setup.swf Packed: Swf2Swc 5/27/2012 11:57:50 PM Scan
Adobe AIR Application Installer.swf Packed: Swf2Swc 5/27/2012 11:57:49 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
UWAFlex.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
PWAFlex.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:57:48 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:57:47 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:57:47 PM Scan
DWAFlex.swf Packed: Swf2Swc 5/27/2012 11:57:46 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:57:46 PM Scan
UWAFlex.swf Packed: Swf2Swc 5/27/2012 11:57:46 PM Scan
PDAppFlex.swf Packed: Swf2Swc 5/27/2012 11:57:46 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:57:45 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:57:45 PM Scan
PDAppFlex.swf Packed: Swf2Swc 5/27/2012 11:57:45 PM Scan
PWAFlex.swf Packed: Swf2Swc 5/27/2012 11:57:44 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:57:44 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:57:44 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:57:43 PM Scan
DWAFlex.swf Packed: Swf2Swc 5/27/2012 11:57:43 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:57:43 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:57:43 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:57:43 PM Scan
PDAppFlex.swf Packed: Swf2Swc 5/27/2012 11:57:42 PM Scan
snowboarder_girl.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
sad_blocks.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
lightbulb.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
knock.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
kiss.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
yatta.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
daisuki.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
aseru.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
arigatou.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
heartkey.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
eyeball.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
taxi.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
star.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
sleepy.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
punch.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
laugh.swf Packed: Swf2Swc 5/27/2012 11:57:39 PM Scan
firefly.swf Packed: Swf2Swc 5/27/2012 11:57:38 PM Scan
cry.swf Packed: Swf2Swc 5/27/2012 11:57:38 PM Scan
bow.swf Packed: Swf2Swc 5/27/2012 11:57:38 PM Scan
SharePane.swf Packed: Swf2Swc 5/27/2012 11:57:37 PM Scan
Update.swf Packed: Swf2Swc 5/27/2012 11:57:37 PM Scan
EchoSign.swf Packed: Swf2Swc 5/27/2012 11:57:37 PM Scan
EmailArchive.swf Packed: Swf2Swc 5/27/2012 11:57:25 PM Scan
Preview.swf Packed: Swf2Swc 5/27/2012 11:56:57 PM Scan
NavViewerWebApp.swf Packed: Swf2Swc 5/27/2012 11:56:57 PM Scan
BootStrapLoader.swf Packed: Swf2Swc 5/27/2012 11:56:57 PM Scan
SharePane.swf Packed: Swf2Swc 5/27/2012 11:56:57 PM Scan
Update.swf Packed: Swf2Swc 5/27/2012 11:56:56 PM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/27/2012 11:56:49 PM Scan
rdpvmp.sys Packed: PE_Patch 5/27/2012 11:56:44 PM Scan
rdpdispm.sys Packed: PE_Patch 5/27/2012 11:56:44 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:56:44 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:56:44 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:56:44 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:56:44 PM Scan
Wave.swf Packed: Swf2Swc 5/27/2012 11:56:44 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
GuidedWalkthrough.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
FreeForm.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
BasicClickThrough.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
BasicGrid.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
VideoPlayer.swf Packed: Swf2Swc 5/27/2012 11:56:43 PM Scan
SkinOverPlayStopSeekMuteVol.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
SkinOverPlaySeekStop.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
SkinOverPlaySeekMute.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
SkinOverPlayMute.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
SkinOverPlay.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
SkinOverAllNoVolNoCaptionNoFull.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
SkinOverAllNoFullNoCaption.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
EmailArchive.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/27/2012 11:56:42 PM Scan
EmailArchive.swf Packed: Swf2Swc 5/27/2012 11:56:41 PM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/27/2012 11:56:41 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:56:22 PM Scan
RtkHDAud.sys Packed: PE_Patch 5/27/2012 11:56:11 PM Scan
kb888111xpsp2.exe Packed: PE_Patch 5/27/2012 11:55:54 PM Scan
kb888111xpsp1.exe Packed: PE_Patch 5/27/2012 11:55:54 PM Scan
hdaudbus.sys Packed: PE_Patch 5/27/2012 11:55:53 PM Scan
kb888111w2ksp4.exe Packed: PE_Patch 5/27/2012 11:55:53 PM Scan
hdaudio.sys Packed: PE_Patch 5/27/2012 11:55:53 PM Scan
hdaudbus.sys Packed: PE_Patch 5/27/2012 11:55:53 PM Scan
kb888111srvrtm.exe Packed: PE_Patch 5/27/2012 11:55:53 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:55:42 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:55:42 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:55:42 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:55:37 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:55:37 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:55:37 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:55:35 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:55:35 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:55:35 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:55:30 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:55:30 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:55:30 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:55:26 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:55:26 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:55:26 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:55:21 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:55:18 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:55:16 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:55:12 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:55:12 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:55:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:06 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:55:06 PM Scan
Silverlight.4.0.exe Packed: PE_Patch 5/27/2012 11:55:00 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:54:41 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:54:40 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:54:40 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:54:23 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:54:22 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:54:22 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:54:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:54:08 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:54:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:54:07 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:54:07 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:54:07 PM Scan
tutorial.swf Packed: Swf2Swc 5/27/2012 11:54:06 PM Scan
preload.swf Packed: Swf2Swc 5/27/2012 11:54:05 PM Scan
menu.swf Packed: Swf2Swc 5/27/2012 11:54:05 PM Scan
demo.swf Packed: Swf2Swc 5/27/2012 11:54:05 PM Scan
controls.swf Packed: Swf2Swc 5/27/2012 11:54:05 PM Scan
_EC93C5134D1BF473516445497B47FAFE Packed: Swf2Swc 5/27/2012 11:54:05 PM Scan
_EC93C5134D1BF473516445497B47FAFE Packed: Swf2Swc 5/27/2012 11:54:05 PM Scan
tutorial.swf Packed: Swf2Swc 5/27/2012 11:54:04 PM Scan
preload.swf Packed: Swf2Swc 5/27/2012 11:54:04 PM Scan
menu.swf Packed: Swf2Swc 5/27/2012 11:54:04 PM Scan
demo.swf Packed: Swf2Swc 5/27/2012 11:54:04 PM Scan
controls.swf Packed: Swf2Swc 5/27/2012 11:54:04 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:53:53 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:53:52 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:53:52 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:53:41 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:53:41 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:53:41 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:53:40 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:53:31 PM Scan
GROOVE.EXE Packed: PE_Patch 5/27/2012 11:53:28 PM Scan
vcredist_x86.exe Packed: PE_Patch 5/27/2012 11:53:19 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:17 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:17 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:17 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:17 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:17 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:16 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:16 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:16 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:16 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:16 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:15 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:14 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:13 PM Scan
stream.sys Packed: PE_Patch 5/27/2012 11:53:13 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:53:13 PM Scan
# Packed: UPX 5/27/2012 11:53:12 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:53:11 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:53:11 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:53:09 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:53:09 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:53:09 PM Scan
instmsi30.exe Packed: PE_Patch 5/27/2012 11:53:08 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:53:07 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:53:07 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:53:07 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:53:06 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:52:59 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:52:59 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:52:59 PM Scan
vcredist_x64.exe1 Packed: PE_Patch 5/27/2012 11:52:58 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:52:50 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:52:50 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:52:50 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:52:49 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:52:49 PM Scan
ISSetup.dll Packed: PE_Patch.PECompact 5/27/2012 11:52:49 PM Scan
# Packed: UPX 5/27/2012 11:52:40 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:35 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:34 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
_IsRes.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
isrt.dll Packed: UPX 5/27/2012 11:52:33 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:52:24 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:52:22 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:52:22 PM Scan
ISSetup.dll Packed: UPX 5/27/2012 11:52:21 PM Scan
vcredist_x64.exe Packed: PE_Patch 5/27/2012 11:51:50 PM Scan
tutorial.swf Packed: Swf2Swc 5/27/2012 11:51:26 PM Scan
preload.swf Packed: Swf2Swc 5/27/2012 11:51:25 PM Scan
menu.swf Packed: Swf2Swc 5/27/2012 11:51:25 PM Scan
demo.swf Packed: Swf2Swc 5/27/2012 11:51:25 PM Scan
controls.swf Packed: Swf2Swc 5/27/2012 11:51:25 PM Scan
WiMAX.swf Packed: Swf2Swc 5/27/2012 11:51:25 PM Scan
WindowsInstaller-KB893803-v2-x86.exe Packed: PE_Patch 5/27/2012 11:50:47 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:50:45 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:50:45 PM Scan
pevb.3XE Packed: PE_Patch.PECompact 5/27/2012 11:50:45 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:50:45 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:50:45 PM Scan
pev.3XE Packed: PE_Patch.PECompact 5/27/2012 11:50:45 PM Scan
data0000.res Packed: PE_Patch 5/27/2012 11:50:44 PM Scan
catchme.3XE Packed: UPX 5/27/2012 11:50:44 PM Scan
FileKill.3XE Packed: UPX 5/27/2012 11:50:43 PM Scan
ERDNT.e_e Packed: UPX 5/27/2012 11:50:42 PM Scan
ERDNT.e_e Packed: UPX 5/27/2012 11:50:40 PM Scan
Unconfirmed 50410.crdownload Packed: UPX 5/27/2012 11:50:39 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:50:37 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:50:36 PM Scan
gt.exe Packed: PE_Patch.PECompact 5/27/2012 11:50:36 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:50:30 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:50:29 PM Scan
gt.exe Packed: PE_Patch.PECompact 5/27/2012 11:50:29 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:50:21 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:50:20 PM Scan
gt.exe Packed: PE_Patch.PECompact 5/27/2012 11:50:20 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:50:12 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:50:11 PM Scan
gt.exe Packed: PE_Patch.PECompact 5/27/2012 11:50:11 PM Scan
setup_av_free_cnet.exe Packed: UPX 5/27/2012 11:49:55 PM Scan
# Packed: UPX 5/27/2012 11:49:54 PM Scan
# Packed: UPX 5/27/2012 11:49:54 PM Scan
# Packed: UPX 5/27/2012 11:49:54 PM Scan
Objlist.exe Packed: UPX 5/27/2012 11:49:48 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:49:46 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:49:46 PM Scan
OTL.exe Packed: PE_Patch.PECompact 5/27/2012 11:49:46 PM Scan
Silverlight.exe Packed: PE_Patch 5/27/2012 11:49:43 PM Scan
lp_6500_e710nz_wixlib_File_flash_27 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_26 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_25 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_24 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_23 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_22 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_21 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_20 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_19 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
lp_6500_e710nz_wixlib_File_flash_18 Packed: Swf2Swc 5/27/2012 11:49:11 PM Scan
EmailArchive.swf Packed: Swf2Swc 5/27/2012 11:46:58 PM Scan
EmailArchive.swf Packed: Swf2Swc 5/27/2012 11:46:58 PM Scan
SharePane.swf Packed: Swf2Swc 5/27/2012 11:46:58 PM Scan
PDAppFlex.swf Packed: Swf2Swc 5/27/2012 11:46:57 PM Scan
UWAFlex.swf Packed: Swf2Swc 5/27/2012 11:46:55 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:46:54 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:46:54 PM Scan
PWAFlex.swf Packed: Swf2Swc 5/27/2012 11:46:53 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:46:53 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:46:53 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:46:52 PM Scan
DWAFlex.swf Packed: Swf2Swc 5/27/2012 11:46:50 PM Scan
fonts_system.swf Packed: Swf2Swc 5/27/2012 11:46:50 PM Scan
fonts_clean.swf Packed: Swf2Swc 5/27/2012 11:46:50 PM Scan
AdobeIDFlex.swf Packed: Swf2Swc 5/27/2012 11:46:50 PM Scan
skinoverallnofullnocaption.s Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
skinoverallnovolnocaptionnof Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
skinoverplay.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
skinoverplaymute.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
skinoverplayseekmute.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
skinoverplayseekstop.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
skinoverplaystopseekmutevol. Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
videoplayer.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
BasicGrid.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
BasicClickThrough.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
FreeForm.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:46:47 PM Scan
GuidedWalkthrough.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
TechOfficeSkins.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
SpringSkins.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
AcetateSkins.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
GreyRedSkins.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
Wave.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
navviewerwebapp.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
preview.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
bootstraploader.swf Packed: Swf2Swc 5/27/2012 11:46:46 PM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/27/2012 11:46:09 PM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/27/2012 11:46:09 PM Scan
FormsDataCollection.swf Packed: Swf2Swc 5/27/2012 11:46:09 PM Scan
EmailArchive.swf Packed: Swf2Swc 5/27/2012 11:45:32 PM Scan
external.js Packed: JSPack 5/27/2012 11:44:02 PM Scan
HiJackThisEXE Packed: UPX 5/27/2012 11:43:36 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:43:33 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:43:33 PM Scan
pevb.3XE Packed: PE_Patch.PECompact 5/27/2012 11:43:33 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:43:32 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:43:32 PM Scan
pev.3XE Packed: PE_Patch.PECompact 5/27/2012 11:43:32 PM Scan
data0000.res Packed: PE_Patch 5/27/2012 11:43:32 PM Scan
dotnetfx35setup.exe Packed: PE_Patch 5/27/2012 11:43:31 PM Scan
catchme.3XE Packed: UPX 5/27/2012 11:43:31 PM Scan
FileKill.3XE Packed: UPX 5/27/2012 11:43:30 PM Scan
ERDNT.e_e Packed: UPX 5/27/2012 11:43:29 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:43:27 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:43:26 PM Scan
pevb.3XE Packed: PE_Patch.PECompact 5/27/2012 11:43:26 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:43:26 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:43:26 PM Scan
pev.3XE Packed: PE_Patch.PECompact 5/27/2012 11:43:26 PM Scan
# Packed: PE_Patch 5/27/2012 11:43:26 PM Scan
data0000.res Packed: PE_Patch 5/27/2012 11:43:26 PM Scan
catchme.3XE Packed: UPX 5/27/2012 11:43:25 PM Scan
FileKill.3XE Packed: UPX 5/27/2012 11:43:23 PM Scan
Flash PlayerInstaller.exe Packed: UPX 5/27/2012 11:43:23 PM Scan
ERDNT.e_e Packed: UPX 5/27/2012 11:43:23 PM Scan
ComboFix.exe Packed: UPX 5/27/2012 11:43:22 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:43:21 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:43:21 PM Scan
PEV.DAT Packed: PE_Patch.PECompact 5/27/2012 11:43:21 PM Scan
# Packed: PE_Patch 5/27/2012 11:43:20 PM Scan
MBR.DAT Packed: UPX 5/27/2012 11:43:20 PM Scan
PecBundle Packed: PECompact 5/27/2012 11:43:19 PM Scan
PE_Patch.PECompact Packed: PecBundle 5/27/2012 11:43:19 PM Scan
PEV.DAT Packed: PE_Patch.PECompact 5/27/2012 11:43:19 PM Scan
# Packed: PE_Patch 5/27/2012 11:43:19 PM Scan
MBR.DAT Packed: UPX 5/27/2012 11:43:19 PM Scan
dds.com Packed: UPX 5/27/2012 11:43:18 PM Scan
chromeinstall.exe Packed: UPX 5/27/2012 11:43:16 PM Scan
chromeinstall-6u29.exe Packed: UPX 5/27/2012 11:43:13 PM Scan
stylesNative.swf Packed: Swf2Swc 5/27/2012 11:43:04 PM Scan
setup.swf Packed: Swf2Swc 5/27/2012 11:43:04 PM Scan
setup.swf Packed: Swf2Swc 5/27/2012 11:43:04 PM Scan
Adobe AIR Application Installer.swf Packed: Swf2Swc 5/27/2012 11:43:04 PM Scan
# Packed: PE_Patch 5/27/2012 11:42:53 PM Scan
adawarebp.dll Packed: PE_Patch 5/27/2012 11:42:52 PM Scan
external.js Packed: JSPack 5/27/2012 11:42:49 PM Scan
# Packed: UPX 5/27/2012 11:42:39 PM Scan
data0000 Packed: UPX 5/27/2012 11:42:39 PM Scan
# Packed: UPX 5/27/2012 11:42:38 PM Scan
WindowsInstaller-KB893803-v2-x86.exe Packed: PE_Patch 5/27/2012 11:42:37 PM Scan
OCBrowserHelper_1.0.3.85.dll Packed: UPX 5/27/2012 11:42:34 PM Scan
HiJackThis.exe Packed: UPX 5/27/2012 11:42:30 PM Scan
snowboarder_girl.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
sad_blocks.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
lightbulb.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
knock.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
kiss.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
yatta.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
daisuki.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
aseru.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
arigatou.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
heartkey.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
eyeball.swf Packed: Swf2Swc 5/27/2012 11:42:15 PM Scan
taxi.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
star.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
sleepy.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
punch.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
laugh.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
firefly.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
cry.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
bow.swf Packed: Swf2Swc 5/27/2012 11:42:14 PM Scan
nircmdc.exe Packed: UPX 5/27/2012 11:42:08 PM Scan
Objlist.exe Packed: UPX 5/27/2012 11:42:08 PM Scan
swreg.exe Packed: UPX 5/27/2012 11:42:07 PM Scan
nircmdc.exe Packed: UPX 5/27/2012 11:42:06 PM Scan
Objlist.exe Packed: UPX 5/27/2012 11:42:06 PM Scan
jre-6u31-windows-i586-iftw-rv.exe Packed: UPX 5/27/2012 11:42:04 PM Scan
f_003956 Packed: Swf2Swc 5/27/2012 11:41:44 PM Scan
f_003944 Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_00393a Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_003939 Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_003938 Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_003935 Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_003931 Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_00392f Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_00392b Packed: Swf2Swc 5/27/2012 11:41:43 PM Scan
f_003917 Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_003915 Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_003914 Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_003916 Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_003911 Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_00390d Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_00390c Packed: Swf2Swc 5/27/2012 11:41:42 PM Scan
f_003901 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038fd Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038f9 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038e2 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038e0 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038dd Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038dc Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038d9 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038d6 Packed: JSPack 5/27/2012 11:41:41 PM Scan
f_0038d1 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038ce Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038d0 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038cd Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038cc Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038cb Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038ca Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c8 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c7 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c6 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c5 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c4 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c2 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c3 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038bf Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038c0 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038bd Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038bc Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_0038ab Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_00389c Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003893 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003883 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_00387b Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_00387a Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003872 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003867 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003866 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003865 Packed: Swf2Swc 5/27/2012 11:41:41 PM Scan
f_003856 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_003854 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
packed Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_00381d Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_00381c Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_00381b Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_00381a Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_003813 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_003812 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_003811 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_00380e Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_003807 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_0037c6 Packed: Swf2Swc 5/27/2012 11:41:40 PM Scan
f_0037ee Packed: Swf2Swc 5/27/2012 11:41:39 PM Scan
f_0037ed Packed: Swf2Swc 5/27/2012 11:41:39 PM Scan
f_0037d8 Packed: Swf2Swc 5/27/2012 11:41:39 PM Scan
f_0037da Packed: Swf2Swc 5/27/2012 11:41:39 PM Scan
f_0037d4 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037d3 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037d0 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037cf Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037ce Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037cc Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037cd Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037cb Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037c9 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037a1 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037bb Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037a8 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037a4 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037a3 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037a0 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_0037a2 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00379f Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00379c Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_003789 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_003793 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00378f Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00378d Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_003788 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00378c Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00378b Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_00378a Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_003786 Packed: Swf2Swc 5/27/2012 11:41:38 PM Scan
f_003778 Packed: Swf2Swc 5/27/2012 11:41:37 PM Scan
f_003768 Packed: Swf2Swc 5/27/2012 11:41:36 PM Scan
f_003742 Packed: Swf2Swc 5/27/2012 11:41:36 PM Scan
f_003744 Packed: Swf2Swc 5/27/2012 11:41:36 PM Scan
f_003740 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00373f Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00372e Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00372c Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00372b Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00372a Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_003729 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_003728 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_003727 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_003724 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00371e Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00371c Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00371b Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
packed Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_003715 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_003713 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00370d Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_00370c Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_0036e3 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_0036e2 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_0036e0 Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_0036de Packed: Swf2Swc 5/27/2012 11:41:35 PM Scan
f_0036c4 Packed: Swf2Swc 5/27/2012 11:41:34 PM Scan
f_0036ba Packed: Swf2Swc 5/27/2012 11:41:34 PM Scan
f_0036b9 Packed: Swf2Swc 5/27/2012 11:41:34 PM Scan
f_00368d Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_003686 Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_003678 Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_003674 Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_00365e Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_003645 Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_003640 Packed: Swf2Swc 5/27/2012 11:41:33 PM Scan
f_003638 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_003639 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035de Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035dd Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035d8 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035dc Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035d5 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035d6 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035d4 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_00359f Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035c1 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035a5 Packed: Swf2Swc 5/27/2012 11:41:32 PM Scan
f_0035a4 Packed: Swf2Swc 5/27/2012 11:41:32 PM S

#3 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 28 May 2012 - 02:21 AM

Also forgot but here is the HijackThis log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:18:59 AM, on 5/28/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14200
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BackupNowEZtray] "C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe" -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset...lineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GoToAssist Express Customer - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist Express Customer\330\g2ax_service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NTI BackupNowEZSvr - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel® Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16420 bytes

#4 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 29 May 2012 - 03:07 PM

Hello Alien300x.

I don't know how to interpret that Kaspersky log, which doesn't seem to indicate any detections. DDS looks clean, and HijackThis is not accurate for 64-bit system.

You ran an old obsolete version of Security Check.
Please download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • It will take several minutes to run.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Then:
Please scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan.
  • Include the contents of this report (if any) in your next reply.
  • Click the Back button.
  • Click the Finish button.
Please let me know if you see any problems.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#5 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 29 May 2012 - 06:25 PM

Security Check results:


Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Lavasoft Ad-Watch Live! Anti-Virus
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 31
Java version out of date!
Adobe Reader X (10.1.3)
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes Anti-Malware mbam.exe
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
Kaspersky Lab Kaspersky Internet Security 2012 x64 klwtblfs.exe
Kaspersky Lab Kaspersky Internet Security 2012 klwtbws.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

ESETSscan:

C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Ryan\.frostwire5\updates\frostwire-5.3.5.windows.exe Win32/OpenCandy application deleted - quarantined


Also, is there a version of HijackThis for 64-bit computers?

#6 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 29 May 2012 - 07:21 PM

Please read this OpenCandy writeup.
You might also find this interesting: OpenCandy: A New Kind of Adware/Spyware
Basically it is installed by some installers of other software, discloses a lot of info about your PC, and may maintain communication with its site.

DDS is the replacement for HijackThis and includes Pseudo HJT Report. It doesn't have any direct removal capability though; for that we can use OTL.

In addition to OpenCandy, you have a number of toolbars and browser helpers which may have been installed without your knowledge.

Ask
FrostWire
WeCareReminder

We will remove them unless you want to keep them.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy the contents of these files, one at a time, and post with your next two replies. (They are long files; don't put them in the same reply).

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#7 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 30 May 2012 - 12:12 AM

OTL.txt file came up; didn't see an Extras.txt file.

Here's OTL.txt:


OTL logfile created on: 5/30/2012 2:00:57 AM - Run 2
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Ryan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 46.76% Memory free
11.82 Gb Paging File | 6.50 Gb Available in Paging File | 55.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.59 Gb Total Space | 526.43 Gb Free Space | 90.67% Space Free | Partition Type: NTFS
Drive D: | 6.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: RYAN-PC | User Name: Ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ryan\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbws.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe (NewTech Infosystems, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\sqlite3.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (DMAgent) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Red Bend Ltd.)
SRV:64bit: - (WiMAXAppSrv) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Intel® Corporation)
SRV:64bit: - (EvtEng) Intel® -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) Intel® -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll ()
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (GoToAssist Express Customer) -- C:\Program Files (x86)\Citrix\GoToAssist Express Customer\330\g2ax_service.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (TMachInfo) -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NTI BackupNowEZSvr) -- C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe (NewTech Infosystems, Inc.)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (CeKbFilter) -- C:\Windows\SysNative\drivers\CeKbFilter.sys (Compal Electronics, INC.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (bpmp) Intel® Centrino® -- C:\Windows\SysNative\drivers\bpmp.sys (Intel Corporation)
DRV:64bit: - (bpusb) Intel® Centrino® -- C:\Windows\SysNative\drivers\bpusb.sys (Intel Corporation)
DRV:64bit: - (bpenum) Intel® Centrino® -- C:\Windows\SysNative\drivers\bpenum.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) ___ Intel® -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation)
DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV:64bit: - (Thpdrv) -- C:\Windows\SysNative\drivers\thpdrv.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Ryan\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14200
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {C99019F1-4239-4B1D-AC73-58C5468EDC84}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{B63A5D03-4879-4E04-AFCC-ECDFAABD9CEE}: "URL" = http://websearch.ask...25-580C0F2EC215
IE - HKCU\..\SearchScopes\{C99019F1-4239-4B1D-AC73-58C5468EDC84}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/04/25 22:36:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/05/04 07:02:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012/05/04 07:02:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012/05/04 07:02:49 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Frostwire Toolbar = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.14.1.20071_0\
CHR - Extension: YouTube = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: We-Care Reminder = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.25_0\
CHR - Extension: Virtual Keyboard = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Gmail = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2011/12/01 17:22:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BackupNowEZtray] C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Ryan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.112.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE768C94-973A-4DB2-86B1-DE85E8FF2235}: DhcpNameServer = 192.168.1.1 68.238.112.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E417F927-F6F3-4930-9E2F-24BBA1AC6774}: DhcpNameServer = 12.127.16.67 12.127.17.71
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D72C7D-6532-43FE-95F8-E1CC3A2F807F}: DhcpNameServer = 75.94.255.12 64.13.115.12
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dl

#8 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 30 May 2012 - 12:17 AM

Just a note: on the options screen, the "extra registry" was selected as none. I can change that and run the scan again if necessary...

#9 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 30 May 2012 - 11:04 AM

Extra Registry set to None just means there is no Extras.txt. We probably do not need it.

Do you know what these files are? Are they audio files you downloaded intentionally?

C:\Users\Ryan\Documents\Untitled (number).wma
number is 127, 168, etc


Updating Java:
  • Go here and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: Posted Image
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.

Finally:
Bring up OTL (don't run it just yet).

In the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
[2012/05/04 02:31:14 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\OpenCandy
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
:Files
C:\Program Files (x86)\Ask.com\
C:\ProgramData\WeCareReminder\
:Commands
[EMPTYTEMP]
[CREATERESTOREPOINT]

Close other windows.
Then click the red 'Run Fix' button (not the Run Scan).

Post the log OTL.TXT in your reply.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#10 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 30 May 2012 - 04:25 PM

Yes, those are audio files I saved. I'm aware of them. Second, I should bring it to your attention I'm using Chrome. I didn't delete one of the Javas because it looks like it is the same version but 64-bit. That must be the one for Internet Explorer. The one I downloaded for Chrome just now doesn't have 64-bit in parentheses. Is that gonna be a problem?

Here is the OTL log:


All processes killed
========== OTL ==========
C:\Users\Ryan\AppData\Roaming\OpenCandy\OpenCandy_B52DB96DA16F4248848D12CD0F8FD271 folder moved successfully.
C:\Users\Ryan\AppData\Roaming\OpenCandy\B52DB96DA16F4248848D12CD0F8FD271 folder moved successfully.
C:\Users\Ryan\AppData\Roaming\OpenCandy folder moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== FILES ==========
C:\Program Files (x86)\Ask.com\Updater folder moved successfully.
C:\Program Files (x86)\Ask.com\assets\oobe folder moved successfully.
C:\Program Files (x86)\Ask.com\assets folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\ProgramData\WeCareReminder\wecarereminder@bryan\META-INF folder moved successfully.
C:\ProgramData\WeCareReminder\wecarereminder@bryan\defaults\preferences folder moved successfully.
C:\ProgramData\WeCareReminder\wecarereminder@bryan\defaults folder moved successfully.
C:\ProgramData\WeCareReminder\wecarereminder@bryan\components folder moved successfully.
C:\ProgramData\WeCareReminder\wecarereminder@bryan\chrome folder moved successfully.
C:\ProgramData\WeCareReminder\wecarereminder@bryan folder moved successfully.
C:\ProgramData\WeCareReminder folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Ryan
->Temp folder emptied: 83571106 bytes
->Temporary Internet Files folder emptied: 3555462 bytes
->Java cache emptied: 2979 bytes
->Google Chrome cache emptied: 403067473 bytes
->Flash cache emptied: 59422 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 120285455 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 556 bytes
RecycleBin emptied: 3324533 bytes

Total Files Cleaned = 586.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 05302012_180626

Files\Folders moved on Reboot...
C:\Users\Ryan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\windows\temp\kls1EDE.tmp not found!

Registry entries deleted on Reboot...

#11 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 30 May 2012 - 05:05 PM

Please follow the directions I gave -
Download the latest Java from http://www.java.com/en/
Uninstall all the old Javas and then install the one that you downloaded.

You have a 32-bit Java because you seem to be running an old 32-bit version of Chrome 19.0.1084.46.
Please uninstall your Chrome.
Then use IE to install Chrome from https://www.google.com/chrome
It should be 19.0.1084.52

After that: You ran an old version of Security Check.
Please download Security Check 0.99.41 by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#12 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 30 May 2012 - 06:09 PM

The version of Java I already had on the computer was 64-bit. I removed it and downloaded the one you suggested but I'm pretty sure, as there's no 64-bit in parentheses, that it's 32-bit. I removed Google Chrome but now when I try to install it on IE, it says ChromeSetup_exe (1) couldn't be downloaded. Here are the results of the Security Check.

Checkup.txt:

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Lavasoft Ad-Watch Live! Anti-Virus
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware version 1.61.0.1400
JavaFX 2.1.0
Java™ 7 Update 4
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

#13 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 30 May 2012 - 08:54 PM

You have the right Java now. Same as I have for my Win 7 64-bit PC. Java isn't marked as 64-bit. I imagine you will find you have both 32-bit in Program Files (x86) and 64-bit in Program Files.

The Chrome situation is quite puzzling. Perhaps blocked by your protection. See if you can disable your Kaspersky and Ad-Aware protections while you do the download, or do the download in Safe Mode with Networking. Make sure you are downloading from the actual Chrome site. https://www.google.com/chrome#eula
And uncheck the box for 'Set Google Chrome as my default browser'.
Something may object to the Registry change, and you can always make it the default later.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#14 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 30 May 2012 - 11:15 PM

I was able to successfully download Chrome. I saw what you were saying about Java and I was able to find the file in Program Files (x86), but no location for it in the regular program files. Just wanna make sure this isn't gonna be a problem, security-speaking or otherwise.

#15 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 30 May 2012 - 11:57 PM

The 64-bit Java is no more secure than the 32-bit, as far as I know.
You'll need to use IE to get the 64-bit Java for it. Browse to http://www.java.com/en/ using IE and you'll get the 64-bit download..

Chrome for Windows is as yet a 32-bit browser - see http://productforums.google.com/forum/#!topic/chrome/H0R4p4eC35c
and if you look in Task Manager, Processes tab, you will see 'chrome.exe *32'. (I didn't realize that myself.)
Chrome is a wonderful fast browser and there is no reason to worry that it isn't 64-bit.

Please run another ESET scan as a final check. Follow the same directions as before. http://www.spywarein...post__p__766087

If ESET finds nothing then I believe you are in good shape and we can proceed to cleaning up our tools. Let me know if you are having any remaining or new troubles or concerns.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#16 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 01 June 2012 - 07:57 PM

Looks like ESET found nothing. Thanks for the info on Chrome. I did do a download for Java with Internet Explorer and hopefully it has the 64-bit installed (just makes me feel better having the most up-to-date program installed).

#17 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 01 June 2012 - 08:22 PM

Yes, right, you will probably occasionally use IE and it's important that it be using the latest Java.

Please clean up our tools - if you need them again you should always get the latest versions.

Delete the DDS files and Security Check folder from your Desktop.
Run OTL and click its 'CleanUp' button. It will remove itself and its files.
Optionallly uninstall ESET.
You can optionally uninstall HijackThis; however it is never updated any more so that isn't necessary.


Advice for malware prevention:

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

http://www.systemloo...p?type=filename

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.

For much more old but still useful information, read Tony Klein's excellent article: How did I get infected in the first place
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#18 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 03 June 2012 - 01:13 PM

Glad we could help. :)

[Reopened]
Everyone else please begin a New Topic.

Edited by cnm, 06 June 2012 - 05:09 PM.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#19 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 06 June 2012 - 05:08 PM

Reopened at request of topic owner.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#20 Alien300x

Alien300x

    Member

  • Full Member
  • Pip
  • 88 posts

Posted 09 June 2012 - 12:36 PM

Hi, thanks for all your help. I still have a concern about pop-ups that appear on my computer saying "Ad-Aware was shut down unexpectedly." The computer is idle when they appear and there's always more than one box that shows up saying the same warning, usually about three. Do you know what could be causing this?

#21 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 09 June 2012 - 01:06 PM

Seems to be a common problem: https://www.google.c...wn unexpectedly

I can't tell what version of Ad-Aware you are using.

In your place I would just uninstall Ad-Aware. You have Kaspersky Internet Security, and the realtime components of Ad-Aware might even conflict with it. Uninstall can be difficult so be sure to follow this:How to uninstall Ad-Aware antivirus
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#22 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 June 2012 - 03:26 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE




Member of UNITE
Support SpywareInfo Forum - click the button