Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My network has recently started acting strange...


  • Please log in to reply
14 replies to this topic

#1 friendlybear

friendlybear

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 22 August 2012 - 02:37 PM

and I think I may have picked up a network virus of some type. On the 2 main computers, I recently upgraded my antivirus protection to the new Trend Micro Titanium, because of a message indicating end of life. During these installations, I was forced to be without any antivirus protection as Trend Micro forced the uninstall of both Spybot SD and Malwarebytes during the install process. I have not been able to re-install either on either computer.

This morning, I woke up and cannot get either of them to connect to the internet. I tried connecting directly to the modem with both machines, but to no avail.
Thankfully, I have this little Dell netbook, that seems to be okay.

Trend Micro Titanium scans show no problems, but something is going on.

Anyone interested in helping me diagnose and cure this issue? I can follow instructions well, and do have a bit of experience with computers.

Where should I start?

edit:

Just a bit more information, I am the only computer administrator, but when I attempt to run or install any antivirus software in safe mode, I get this message.

The system administrator has set policies to prevent this installation.


Edited by friendlybear, 22 August 2012 - 03:14 PM.


BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 22 August 2012 - 04:01 PM

Hi,

Do you got the same error message when running in normal mode?

Download MiniToolBox and save the file to the Desktop.
Close the browser and run the tool, check the following options:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
Click on Go.

Please post the resulting log on your reply.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 friendlybear

friendlybear
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 22 August 2012 - 04:36 PM

Thank you very much for your assistance, SleepyDude.

In answer to your question, in normal mode, I get no error message when I attempt to install them, they just never show up. In task manager, I can see the installation process listed under processes' but not under applications.

Here is the log you requested.

MiniToolBox by Farbar Version: 23-07-2012
Ran by Randy (administrator) on 22-08-2012 at 14:30:03
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 ads.active.com
127.0.0.1 am1.activemeter.com
127.0.0.1 www.activemeter.com 127.0.0.1 ads.activepower.net
127.0.0.1 data2.activshopper.com 127.0.0.1 stat.active24stats.nl 127.0.0.1 ad2games.com
127.0.0.1 cms.ad2click.nl

There are 12368 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Disconnected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip



popd
# End of interface IP configuration




Windows IP Configuration



Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/22/2012 01:11:06 PM) (Source: MsiInstaller) (User: MINE)MINE
Description: The installation of C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (08/22/2012 01:06:55 PM) (Source: MsiInstaller) (User: MINE)MINE
Description: The installation of C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (08/22/2012 11:14:50 AM) (Source: MsiInstaller) (User: MINE)MINE
Description: The installation of C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (08/21/2012 08:36:29 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/21/2012 07:07:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/21/2012 07:07:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 08:13:25 PM) (Source: Application Error) (User: )
Description: Faulting application helpctr.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x01bfad77.
Processing media-specific event for [helpctr.exe!ws!]

Error: (08/20/2012 03:12:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (08/22/2012 02:23:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error: (08/22/2012 02:23:12 PM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service failed to start due to the following error:
%%2

Error: (08/22/2012 02:21:31 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 01:06:10 PM) (Source: DCOM) (User: MINE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/22/2012 01:06:01 PM) (Source: DCOM) (User: MINE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/22/2012 01:05:45 PM) (Source: DCOM) (User: MINE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/22/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AmdK8
FileDisk
Fips
PCLEPCI
SASKUTIL
tmactmon
tmcomm
tmeext
tmevtmgr
tmtdi

Error: (08/22/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service failed to start due to the following error:
%%2

Error: (08/22/2012 11:13:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 11:06:27 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASKUTIL


Microsoft Office Sessions:
=========================
Error: (08/22/2012 01:11:06 PM) (Source: MsiInstaller)(User: MINE)MINE
Description: C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi(NULL)(NULL)(NULL)

Error: (08/22/2012 01:06:55 PM) (Source: MsiInstaller)(User: MINE)MINE
Description: C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi(NULL)(NULL)(NULL)

Error: (08/22/2012 11:14:50 AM) (Source: MsiInstaller)(User: MINE)MINE
Description: C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi(NULL)(NULL)(NULL)

Error: (08/21/2012 08:36:29 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (08/21/2012 07:07:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/21/2012 07:07:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 08:13:25 PM) (Source: Application Error)(User: )
Description: helpctr.exe5.1.2600.5512unknown0.0.0.001bfad77

Error: (08/20/2012 03:12:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

7-PDF Maker Version 1.3.0 (Build 148) (Version: 7-PDF Maker - Version 1.3.0 (Build 148))
7-Zip 4.65
AC3Filter 1.63b (Version: 1.63b)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD Processor Driver (Version: 1.3.2.0053)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Avi2Dvd 0.6.4 (Version: 0.6.4)
AviSynth 2.5
Bass Audio Decoder (remove only)
Bejeweled 2
Bonjour (Version: 2.0.5.0)
CD Audio Reader Filter (remove only)
CoreAAC Audio Decoder (remove only)
Cribbage (Version: 2.0.9.1)
Daytona USA Killer
DCoder Image Source (remove only)
Deep Sea Challenge
Deer Avenger
DirectShow .SHN FIlter
DirectVobSub (remove only)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.1.9)
DivX Version Checker (Version: 7.1.0.9)
DScaler 5 Mpeg Decoders
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 320 Series Printer Uninstall
ffdshow [rev 3299] [2010-03-03] (Version: 1.0.0.3299)
FFMPEG Core Files (remove only)
Gabest MPEG Splitter (remove only)
GIMP 2.6.10 (Version: 2.6.10)
Google Chrome (Version: 21.0.1180.83)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
Haali Media Splitter
Hallmark Card Studio 2008 Deluxe (Version: 9.0.0.11)
Hollywood FX 5.5 Additional Effects
ImageShack Uploader 2.2.0 (Version: 2.2.0)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Jungle Games
Magic ISO Maker v5.5 (build 0276)
MagicDisc 2.7.106
magicJack (Version: 2.0.6073.4413)
MediaMonkey 3.2 (Version: 3.2)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MKVToolNix 5.4.0 (Version: 5.4.0)
mkw Audio Compression Toolkit
MONOGRAM AMR Splitter/Decoder (remove only)
Mp3tag v2.46a (Version: v2.46a)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Essentials (Version: 7.02.8507)
neroxml (Version: 1.0.0)
NVIDIA Control Panel 267.24 (Version: 267.24)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA Graphics Driver 267.24 (Version: 267.24)
NVIDIA Install Application (Version: 2.265.36.0)
NVIDIA nView 135.50 (Version: 135.50)
NVIDIA nView Desktop Manager (Version: 6.14.10.13550)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
Paint Shop Pro 7 (Version: 7.0.0.0000)
Pinnacle Hollywood FX for Studio
proDAD Heroglyph 1.0
proDAD Heroglyph 2.0
QuickTime (Version: 7.69.80.9)
QuickTime Alternative 1.47 (Version: 1.47)
Real Alternative 1.60 (Version: 1.60)
Realtek High Definition Audio Driver (Version: 5.10.0.5574)
Registry Clean Expert
Sesame Street Elmo's Preschool
SHOUTcast Source (remove only)
Sports Car GT
Studio 9 (Version: 9.4)
Studio 9 Content CD/DVD (Version: 9.30.000)
StudioTax 2011 (Version: 7.0.7.2)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Internet Security 2012 (Version: 5.2)
UBCD4Win 3.60
Unlocker 1.8.7 (Version: 1.8.7)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.4 (Version: 1.1.4)
WebFldrs XP (Version: 9.50.7523)
WIDCOMM Bluetooth Software (Version: 5.5.0.7900)
WinAVI Video Converter 9.0 (Version: 9.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
WinImage
WinRAR archiver
Xvid 1.2.2 final uninstall (Version: 1.2)
Yahoo! Messenger

**** End of log ****

#4 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 22 August 2012 - 04:50 PM

Hi,

How the computer is connected to the internet?
By network cable? Do you have a modem, router?

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#5 friendlybear

friendlybear
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 22 August 2012 - 05:08 PM

I have a motorola cable modem, and a linksys WRT310N which I have disconnected from the computer in question during my troubleshooting in order to use the netbook I am on here with. The netbook is not normally part of my network, so I wired it direct to the modem to avoid infection, if I am in fact infected. The computer I gave you the log file of is normally a wired connection to the router when it is connected.

#6 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 22 August 2012 - 05:17 PM

I have a motorola cable modem, and a linksys WRT310N which I have disconnected from the computer in question during my troubleshooting in order to use the netbook I am on here with. The netbook is not normally part of my network, so I wired it direct to the modem to avoid infection, if I am in fact infected. The computer I gave you the log file of is normally a wired connection to the router when it is connected.


Please connect the pc to the router again and create a new log please.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#7 friendlybear

friendlybear
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 22 August 2012 - 05:31 PM

I have reconnected directly to modem, ran minitoolbox again, here are the results. I am now connecting to the internet with the machine in question.


MiniToolBox by Farbar Version: 23-07-2012
Ran by Randy (administrator) on 22-08-2012 at 15:22:18
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 ads.active.com
127.0.0.1 am1.activemeter.com
127.0.0.1 www.activemeter.com 127.0.0.1 ads.activepower.net
127.0.0.1 data2.activshopper.com 127.0.0.1 stat.active24stats.nl 127.0.0.1 ad2games.com
127.0.0.1 cms.ad2click.nl

There are 12368 more lines starting with "127.0.0.1"


Name: google.com
Addresses: 173.194.33.14, 173.194.33.1, 173.194.33.6, 173.194.33.0
173.194.33.2, 173.194.33.7, 173.194.33.4, 173.194.33.9, 173.194.33.8
173.194.33.3, 173.194.33.5



Pinging google.com [173.194.33.5] with 32 bytes of data:



Reply from 173.194.33.5: bytes=32 time=51ms TTL=54

Reply from 173.194.33.5: bytes=32 time=36ms TTL=54



Ping statistics for 173.194.33.5:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 36ms, Maximum = 51ms, Average = 43ms

Server: ns1.citywest.ca
Address: 24.244.65.130

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=91ms TTL=54

Reply from 72.30.38.140: bytes=32 time=90ms TTL=54



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 90ms, Maximum = 91ms, Average = 90ms

Server: ns1.citywest.ca
Address: 24.244.65.130

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x20003 ...00 1f c6 c8 6c 28 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 69.176.169.1 69.176.169.26 20
69.176.169.0 255.255.255.0 69.176.169.26 69.176.169.26 20
69.176.169.26 255.255.255.255 127.0.0.1 127.0.0.1 20
69.255.255.255 255.255.255.255 69.176.169.26 69.176.169.26 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 69.176.169.26 69.176.169.26 20
224.0.0.0 240.0.0.0 69.176.169.26 69.176.169.26 20
255.255.255.255 255.255.255.255 69.176.169.26 69.176.169.26 1
Default Gateway: 69.176.169.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/22/2012 01:11:06 PM) (Source: MsiInstaller) (User: MINE)MINE
Description: The installation of C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (08/22/2012 01:06:55 PM) (Source: MsiInstaller) (User: MINE)MINE
Description: The installation of C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (08/22/2012 11:14:50 AM) (Source: MsiInstaller) (User: MINE)MINE
Description: The installation of C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.

Error: (08/21/2012 08:36:29 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/21/2012 07:07:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/21/2012 07:07:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 08:13:25 PM) (Source: Application Error) (User: )
Description: Faulting application helpctr.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x01bfad77.
Processing media-specific event for [helpctr.exe!ws!]

Error: (08/20/2012 03:12:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (08/22/2012 02:23:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASKUTIL

Error: (08/22/2012 02:23:12 PM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service failed to start due to the following error:
%%2

Error: (08/22/2012 02:21:31 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 01:06:10 PM) (Source: DCOM) (User: MINE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/22/2012 01:06:01 PM) (Source: DCOM) (User: MINE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/22/2012 01:05:45 PM) (Source: DCOM) (User: MINE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/22/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AmdK8
FileDisk
Fips
PCLEPCI
SASKUTIL
tmactmon
tmcomm
tmeext
tmevtmgr
tmtdi

Error: (08/22/2012 11:14:06 AM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service failed to start due to the following error:
%%2

Error: (08/22/2012 11:13:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 11:06:27 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASKUTIL


Microsoft Office Sessions:
=========================
Error: (08/22/2012 01:11:06 PM) (Source: MsiInstaller)(User: MINE)MINE
Description: C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi(NULL)(NULL)(NULL)

Error: (08/22/2012 01:06:55 PM) (Source: MsiInstaller)(User: MINE)MINE
Description: C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi(NULL)(NULL)(NULL)

Error: (08/22/2012 11:14:50 AM) (Source: MsiInstaller)(User: MINE)MINE
Description: C:\DOCUME~1\Randy\LOCALS~1\Temp\RarSFX0\Sophos Virus Removal Tool.msi(NULL)(NULL)(NULL)

Error: (08/21/2012 08:36:29 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (08/21/2012 07:07:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/21/2012 07:07:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 08:13:25 PM) (Source: Application Error)(User: )
Description: helpctr.exe5.1.2600.5512unknown0.0.0.001bfad77

Error: (08/20/2012 03:12:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/20/2012 03:12:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

7-PDF Maker Version 1.3.0 (Build 148) (Version: 7-PDF Maker - Version 1.3.0 (Build 148))
7-Zip 4.65
AC3Filter 1.63b (Version: 1.63b)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD Processor Driver (Version: 1.3.2.0053)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Avi2Dvd 0.6.4 (Version: 0.6.4)
AviSynth 2.5
Bass Audio Decoder (remove only)
Bejeweled 2
Bonjour (Version: 2.0.5.0)
CD Audio Reader Filter (remove only)
CoreAAC Audio Decoder (remove only)
Cribbage (Version: 2.0.9.1)
Daytona USA Killer
DCoder Image Source (remove only)
Deep Sea Challenge
Deer Avenger
DirectShow .SHN FIlter
DirectVobSub (remove only)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.1.9)
DivX Version Checker (Version: 7.1.0.9)
DScaler 5 Mpeg Decoders
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 320 Series Printer Uninstall
ffdshow [rev 3299] [2010-03-03] (Version: 1.0.0.3299)
FFMPEG Core Files (remove only)
Gabest MPEG Splitter (remove only)
GIMP 2.6.10 (Version: 2.6.10)
Google Chrome (Version: 21.0.1180.83)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
Haali Media Splitter
Hallmark Card Studio 2008 Deluxe (Version: 9.0.0.11)
Hollywood FX 5.5 Additional Effects
ImageShack Uploader 2.2.0 (Version: 2.2.0)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Jungle Games
Magic ISO Maker v5.5 (build 0276)
MagicDisc 2.7.106
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MediaMonkey 3.2 (Version: 3.2)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MKVToolNix 5.4.0 (Version: 5.4.0)
mkw Audio Compression Toolkit
MONOGRAM AMR Splitter/Decoder (remove only)
Mp3tag v2.46a (Version: v2.46a)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Essentials (Version: 7.02.8507)
neroxml (Version: 1.0.0)
NVIDIA Control Panel 267.24 (Version: 267.24)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA Graphics Driver 267.24 (Version: 267.24)
NVIDIA Install Application (Version: 2.265.36.0)
NVIDIA nView 135.50 (Version: 135.50)
NVIDIA nView Desktop Manager (Version: 6.14.10.13550)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
Paint Shop Pro 7 (Version: 7.0.0.0000)
Pinnacle Hollywood FX for Studio
proDAD Heroglyph 1.0
proDAD Heroglyph 2.0
QuickTime (Version: 7.69.80.9)
QuickTime Alternative 1.47 (Version: 1.47)
Real Alternative 1.60 (Version: 1.60)
Realtek High Definition Audio Driver (Version: 5.10.0.5574)
Registry Clean Expert
Sesame Street Elmo's Preschool
SHOUTcast Source (remove only)
Sports Car GT
Spybot - Search & Destroy (Version: 1.6.2)
Studio 9 (Version: 9.4)
Studio 9 Content CD/DVD (Version: 9.30.000)
StudioTax 2011 (Version: 7.0.7.2)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Internet Security 2012 (Version: 5.2)
UBCD4Win 3.60
Unlocker 1.8.7 (Version: 1.8.7)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.4 (Version: 1.1.4)
WebFldrs XP (Version: 9.50.7523)
WIDCOMM Bluetooth Software (Version: 5.5.0.7900)
WinAVI Video Converter 9.0 (Version: 9.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
WinImage
WinRAR archiver
Xvid 1.2.2 final uninstall (Version: 1.2)
Yahoo! Messenger

**** End of log ****

Edited by Elise, 24 August 2012 - 05:13 AM.
Removed IP info as requested


#8 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 22 August 2012 - 05:41 PM

Ok, based on the log the computer can connect to the internet, it gest IP address and can ping yahoo and google just fine.

Did the problem start immediately after you install Trend Micro Titanium Internet Security 2012?

What happens when you try to access some web pages?

Which browser you use? Please test with more than one.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#9 friendlybear

friendlybear
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 22 August 2012 - 05:51 PM

Yes the problem began after installation and update of Trend Micro. I started a full initial scan and left it run over night, and woke up to this. I contacted my ISP, but have yet to receive a reply, so started to troubleshoot on my own.

It had been a bit slower the last couple of days, and I at first suspected ISP issues. It seems to be connecting to all webpages fine now with both Chrome and IE8. I normally use Google Chrome.

Should I put the router back in the mix?

edit: Just to add, the modem pc activity light which normally blinks when the nic is communicating, is solid on.

Edited by friendlybear, 22 August 2012 - 05:56 PM.


#10 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 22 August 2012 - 06:02 PM

Yes the problem began after installation and update of Trend Micro. I started a full initial scan and left it run over night, and woke up to this. I contacted my ISP, but have yet to receive a reply, so started to troubleshoot on my own.

It had been a bit slower the last couple of days, and I at first suspected ISP issues. It seems to be connecting to all webpages fine now with both Chrome and IE8. I normally use Google Chrome.

Should I put the router back in the mix?


Yes try that, maybe the router had some temporary failure.

I'm not sure the installation of Trend Micro Titanium Internet Security 2012 its ok, your list of installed programs shows:
- Trend Micro Titanium (Version: 5.00)
- Trend Micro Titanium Internet Security 2012 (Version: 5.2)

It seems to me you can have a mix of two different versions... Lets try to confirm.

Please download Autoruns
- run the program and let it do the scan
- click File > Save...
- save the file AutoRuns on the desktop but choose Type Text (*.txt)
- open the file AutoRuns.txt you save and Copy & Paste the content to your reply

Edited by SleepyDude, 22 August 2012 - 06:03 PM.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#11 friendlybear

friendlybear
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 22 August 2012 - 06:10 PM

I have reconnected the router, but only to this computer. Seems to be ok.

Here is the Autoruns log. I did notice that in Autoruns, some of the entries showed up pink.


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "FUFAXSTM" "FAX Status Monitor" "SEIKO EPSON CORPORATION" "c:\program files\epson software\fax utility\fufaxstm.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "LifeCam" "LifeExp.exe" "Microsoft Corporation" "c:\program files\microsoft lifecam\lifeexp.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "PinnacleDriverCheck" "" "" "c:\windows\system32\psdrvcheck.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime alternative\qttask.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
+ "Trend Micro Client Framework" "Trend Micro Client Session Agent Monitor" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\uiwatchdog.exe"
+ "Trend Micro Titanium" "Trend Micro Client Main Console" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\uiwinmgr.exe"
+ "UnlockerAssistant" "" "" "c:\program files\unlocker\unlockerassistant.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamgui.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "cdloader" "magicJack (cdloader2)" "magicJack L.P." "c:\documents and settings\randy\application data\mjusbsp\cdloader2.exe"
+ "EPSON WorkForce 320 Series" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\w32x86\3\e_fatigja.exe"
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files\yahoo!\messenger\yahoomessenger.exe"
+ "RegClean Expert Scheduler" "RegClean Expert Scheduler" "iExpert Software" "c:\program files\registry clean expert\rchelper.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "tmbp" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\7.1.1102\7.1.1102\tmbpie32.dll"
+ "tmpx" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1078\tmieplg.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-PDFMaker" "" "" "c:\program files\7-pdf\7-pdf maker\7p.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files\magiciso\misosh.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files\magiciso\misosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\windows\system32\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 135.50 " "NVIDIA Corporation" "c:\program files\nvidia corporation\nview\nvshell.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files\magiciso\misosh.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\7.1.1102\7.1.1102\tmbpie32.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\2.0.1313\6.8.1078\tmieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
X "20100420_173600_Randy.job" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\backitup.exe"
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.3 r300" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-299502267-329068152-1801674531-1003Core.job" "Google Installer" "Google Inc." "c:\documents and settings\randy\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-299502267-329068152-1801674531-1003UA.job" "Google Installer" "Google Inc." "c:\documents and settings\randy\local settings\application data\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "" "File not found: C:\Program Files\SUPERAntiSpyware\SASCORE.EXE"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Amsp" "Manages Trend Micro security modules" "Trend Micro Inc." "c:\program files\trend micro\amsp\coreserviceshell.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bin\btwdins.exe"
+ "EPSON_EB_RPCV4_04" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\program files\common files\epson\epw!3 ssrp\e_s50st7.exe"
+ "EPSON_PM_RPCV4_04" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\program files\common files\epson\epw!3 ssrp\e_s50rp7.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "MSCamSvc" "MsCamSvc.exe" "Microsoft Corporation" "c:\program files\microsoft lifecam\mscams32.exe"
+ "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, CD/DVD or FTP." "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbservice.exe"
+ "NMIndexingService" "Nero Home" "Nero AG" "c:\program files\common files\ahead\lib\nmindexingservice.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AmdK8" "AMD Processor Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdk8.sys"
+ "arusb(TP-LINK)" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\arusb.sys"
+ "ASAPIW2k" "ASAPI" "Pinnacle Systems GmbH" "c:\windows\system32\drivers\asapiw2k.sys"
+ "BENDER" "Pinnacle Bender Series Driver" "Pinnacle Systems" "c:\windows\system32\drivers\bender.sys"
+ "btaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btaudio.sys"
+ "BTDriver" "Bluetooth BTPORT Driver for Windows 2000" "Broadcom Corporation." "c:\windows\system32\drivers\btport.sys"
+ "BTKRNL" "Bluetooth Bus Enumerator" "Broadcom Corporation." "c:\windows\system32\drivers\btkrnl.sys"
+ "BTWDNDIS" "Bluetooth LAN Access Server Driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwdndis.sys"
+ "btwhid" "Bluetooth Virtual HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwhid.sys"
+ "BTWUSB" "Driver for Bluetooth USB Devices" "Broadcom Corporation." "c:\windows\system32\drivers\btwusb.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "FileDisk" "FileDisk Virtual Disk Driver" "Bo Brantén" "c:\windows\system32\drivers\filedisk.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HPUATA" "USBAT Mass Storage Class Client driver" "SCM Microsystems Inc." "c:\windows\system32\drivers\hpuata.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "JL2005C" "" "" "File not found: System32\Drivers\jl2005c.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MarvinBus" "Pinnacle Marvin Discrete Bus Enumerator" "Pinnacle Systems GmbH" "c:\windows\system32\drivers\marvinbus.sys"
+ "mcdbus" "MagicISO SCSI Host Controller" "MagicISO, Inc." "c:\windows\system32\drivers\mcdbus.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 267.24 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "nvata" "NVIDIA® nForce™ IDE Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvata.sys"
+ "NVENETFD" "NVIDIA Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvenetfd.sys"
+ "nvnetbus" "NVIDIA Networking Bus Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvnetbus.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PCLEPCI" "PCLEPCI" "Pinnacle Systems GmbH" "c:\windows\system32\drivers\pclepci.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Pnp680r" "DMA capable ATA RAID miniport driver " "Silicon Image, Inc" "c:\windows\system32\drivers\pnp680r.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "SASKUTIL" "" "" "File not found: C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS"
+ "SBKUPNT" "" "" "c:\windows\system32\drivers\sbkupnt.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SKYNET" "B2C2, Inc. DVB4PC NDIS 5.0 driver" "B2C2, Inc." "c:\windows\system32\drivers\skynet.sys"
+ "ssadbus" "SAMSUNG Android USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\ssadbus.sys"
+ "ssadmdfl" "SAMSUNG Android USB Modem (Filter)" "MCCI Corporation" "c:\windows\system32\drivers\ssadmdfl.sys"
+ "ssadmdm" "SAMSUNG Android USB Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\ssadmdm.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "tmactmon" "Trend Micro Activity Monitor Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm" "Trend Micro Common Engine Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmcomm.sys"
+ "tmeext" "Trend Micro Network Hook Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmeext.sys"
+ "tmevtmgr" "Trend Micro Event Manager Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmevtmgr.sys"
+ "tmnciesc" "Trend Micro NCIE scanner of EagleEye hook" "Trend Micro Inc." "c:\windows\system32\drivers\tmnciesc.sys"
+ "tmtdi" "Trend Micro TDI Driver (i386-fre)" "Trend Micro Inc." "c:\windows\system32\drivers\tmtdi.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "ZD1201U" "ZD1201 802.11b USB MP-Driver(XP)" "ZyDAS Technology Corporation" "c:\windows\system32\drivers\zd1201u.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "VIDC.JDCT" "" "" "File not found: jl_jdct.drv"
+ "VIDC.MJPG" "PICVideo Motion JPEG Compressor" "Pegasus Imaging Corporation" "c:\windows\system32\pvmjpg21.dll"
+ "VIDC.PIM1" "PCLEPIM1 32-bit AVI Codec" "Pinnacle Systems" "c:\windows\system32\pclepim1.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "TrueMotion 2.0 Decompressor" "TrueMotion 2.0 Decompressor" "The Duck Corporation" "c:\windows\system32\tm20dec.ax"
+ "TrueMotion 2.0 Decompressor" "TrueMotion 2.0 Decompressor" "The Duck Corporation" "c:\windows\system32\tm20dec.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3Filter" "ac3filter" "" "c:\program files\ac3filter\ac3filter.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Acorn Source" "USB-DVR2 Source (DVC120)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc120\usbdvr2src.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AudioGrab" "Audio Level Monitor Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\audiograb.ax"
+ "AudioResampler" "AudioResampler" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\audioresampler.ax"
+ "Avi Source" "Avi Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\avisplitter.ax"
+ "Avi Splitter" "Avi Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\avisplitter.ax"
+ "AVI_PASS" "AVI-MPEG Decapsulation Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\avi_pass.ax"
+ "AVSynChronizer Filter" "AVSynChronizer - AVSynChronizer" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\avsynchronizer.ax"
+ "AXMPEGAV" "MPEG Multiplex Filter" "PRIVAT" "c:\program files\pinnacle\shared files\filter\axmpeg_av.ax"
+ "AXWavRender" "Text Renderer (Sample)" "Microsoft Corporation" "c:\program files\pinnacle\shared files\filter\axwavrender.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "BS DV-Decoder" "MPEG Video Decoder" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\bsdvdec.ax"
+ "CDDA Reader" "CDDA Reader Filter" "Gabest" "c:\program files\cd audio reader filter\cddareader.ax"
+ "Cirrus Logic USB-DVR2 Sink" "USB-DVR2 Sink (DVC150)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2snk.ax"
+ "Cirrus Logic USB-DVR2 Sink" "USB-DVR2 Sink (MovieBox USB)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\movieboxusb\usbdvr2snk.ax"
+ "CoreAAC Audio Decoder" "CoreAAC" "" "c:\windows\system32\coreaac.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\bass audio decoder\dcbasssource.ax"
+ "DC-Image Source" "" "" "c:\program files\dcoder image source\dcimagesource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\avi2dvd\programs\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\avi2dvd\programs\filters\vsfilter.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\divxdech264.ax"
+ "Dump" "File Dump Filter (Sample)" "MyCompanyName" "c:\program files\avi2dvd\programs\filters\dump.ax"
+ "DVC 150 XFormDEADCAFE" "DVC150 Audio Video Transformation Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dvc150xformdeadcafe.ax"
+ "DVC150 Muxer" "DVC 150 Muxer Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dvc150muxer.ax"
+ "DVC150 Source" "USB-DVR2 Source (DVC150)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2src.ax"
+ "Emuzed Flow Control" "Pinnacle Flow Control filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\flowctrl.ax"
+ "ESink" "ESink Filter " "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\esink.ax"
+ "ESinkAudio" "File Dump Filter (Sample)" "MyCompanyName" "c:\program files\pinnacle\shared files\filter\esinkaudio.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\haali\matroskasplitter\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\haali\matroskasplitter\splitter.ax"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MediaSampleGrab" "FrameGrab" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\framegrab.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\monogram amr splitterdecoder\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\monogram amr splitterdecoder\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\monogram amr splitterdecoder\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\monogram amr splitterdecoder\mmamr.ax"
+ "MovieBox USB Source" "USB-DVR2 Source (MovieBox USB)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\movieboxusb\usbdvr2src.ax"
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "Gabest" "c:\program files\opensource dtsac3dd+ source filter\dtsac3source.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files\gabest mpeg splitter\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files\gabest mpeg splitter\mpegsplitter.ax"
+ "MPEG GOPRenumber" "MPEG GOPRenumber" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\mpeggoprenumber.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\program files\avi2dvd\programs\filters\l3codecx.ax"
+ "MPEG-2 PSI Reader Filter" "Mpeg2PsiReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2psireader.ax"
+ "MPEG-2 Stream Reader Filter" "Mpeg2StreamReader" "Nero AG" "c:\program files\common files\ahead\dsfilter\mpeg2streamreader.ax"
+ "MpegAudio Filter" "MpegAudio Module" "DScaler Team" "c:\program files\dscaler5\mpegaudio.dll"
+ "MPEGStreamEdit (P)" "MPEGStreamEdit Filter" "Pinnacle Systems Inc" "c:\program files\pinnacle\shared files\filter\mpegstreameditpixie.ax"
+ "MpegVideo Filter" "MpegVideo Module" "DScaler Team" "c:\program files\avi2dvd\programs\filters\dscaler\mpegvideo.dll"
+ "MSRepair" "MediaSample Repair Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\msrepair.ax"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudio2.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neflvsplitter.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "Ogg Multiplexer" "Ogg DirectShow™ Filter Collection" "" "c:\program files\avi2dvd\programs\filters\ogm splitter\oggds.dll"
+ "Ogg Source" "Ogg Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\oggsplitter.ax"
+ "Ogg Splitter" "Ogg Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\oggsplitter.ax"
+ "Ogg Splitter" "Ogg DirectShow™ Filter Collection" "" "c:\program files\avi2dvd\programs\filters\ogm splitter\oggds.dll"
+ "PCLE_CONVERSION" "No Pins Filter (Sample)" "MyCompanyName" "c:\program files\pinnacle\shared files\filter\colorconvert.ax"
+ "PICVideo MJPEG Compressor" "PICVideo Motion JPEG Compressor" "Pegasus Imaging Corporation" "c:\windows\system32\pvmjpg21.dll"
+ "PICVideo MJPEG Decompressor" "PICVideo Motion JPEG Compressor" "Pegasus Imaging Corporation" "c:\windows\system32\pvmjpg21.dll"
+ "PIM1Compress" "PIM1Compressor" "PRIVAT" "c:\program files\pinnacle\shared files\filter\pim1compress.ax"
+ "Pinnacle AC3 Decoder" "Pinnacle AC3 Decoder - AC3 Decoder Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3decoder.ax"
+ "Pinnacle AC3 Encoder (2 Channels)" "AC3 Consumer Encoder - 2 Channels only" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3enc2ch.ax"
+ "Pinnacle AC3 Encoder (5.1 Channels)" "AC3 Consumer Encoder - 5.1 Channels" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3enc5_1ch.ax"
+ "Pinnacle Alpha Transform" "Pinnacle video resampler filter" "Microsoft Corporation" "c:\program files\pinnacle\shared files\filter\dwalphatransform.ax"
+ "Pinnacle Audio / Video synchronisation filter" "Pinnacle Audio / Video synchronisation filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesync.ax"
+ "Pinnacle Audio Codec" "AudioCodec - AudioCodec" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleaudiocodec.ax"
+ "Pinnacle Audio Noise Reduction" "Audio Noise Reduction Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwaudionoisereduction.ax"
+ "Pinnacle Audio Render Filter" "" "" "c:\program files\pinnacle\shared files\filter\audiorenderer.ax"
+ "Pinnacle Audio Scene Analyzer" "ASA DirectShow Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwaudiosceneanalyzer.ax"
+ "Pinnacle Audio Varispeed" "AudioVariSpeed Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dwaudiovarispeed.ax"
+ "Pinnacle AVI Audio Source" "Pinnacle AVI Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleavimediasource.ax"
+ "Pinnacle AVI Video Source" "Pinnacle AVI Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleavimediasource.ax"
+ "Pinnacle Bender AudioPrefilter2" "Audio preprocessing filter for AV/DV2 outpt" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclebenderaudioprefilter2.ax"
+ "Pinnacle Colorspace Converter" "Color Space Converter Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwcolorspaceconverter.ax"
+ "Pinnacle CSC" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Cutlist Audio Source" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclecutlistsource2.ax"
+ "Pinnacle Cutlist Source (P)" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\cutlistsourcepixie.ax"
+ "Pinnacle Cutlist Video Source" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclecutlistsource2.ax"
+ "Pinnacle DCxx MJPEG Compressor" "MJPEG compress filter for Pinnacle Systems DC10,30,50" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\mjpgcompress.ax"
+ "Pinnacle DCxx MJPEG Decompressor" "Pinnacle MJPEG decompress filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\mjpgdecompress.ax"
+ "Pinnacle DV Decoder" "Pinnacle DV Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcledvbox.ax"
+ "Pinnacle DV Encoder" "Pinnacle DV Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcledvbox.ax"
+ "Pinnacle DVDSample Sink" "DVDSampleSink" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dvdsamplesink.ax"
+ "Pinnacle Field Reverser Filter" "FieldReverserTransform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwfieldreverser.ax"
+ "Pinnacle file sink 2" "DirectShow file writer filter based on RAL" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwsink2.ax"
+ "Pinnacle file source 4" "Pinnacle file reader filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwsource4.ax"
+ "Pinnacle File Writer" "Media File Renderer" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\mpegrender.ax"
+ "Pinnacle Float2PCM" "Float2PCM Dynamic Link Library" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\float2pcm.ax"
+ "Pinnacle Image Scaler" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Infinite Pin Tee" "Infinite Tee Filter (Sample)" "Microsoft Corporation" "c:\program files\pinnacle\shared files\filter\pinftee.ax"
+ "Pinnacle LPCM PCM Transform Filter" "Pinnacle LPCM PCM Transformation Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclelpcmtransform.ax"
+ "Pinnacle MCE Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MP3 Encoder" "Pinnacle MP3 compressor" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclemp3encoder.ax"
+ "Pinnacle MPEG 2 Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Splicer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Audio Source" "Pinnacle MPEG Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempegmediasource.ax"
+ "Pinnacle MPEG Demuxer" "MPEG Demuxer Filter - Program stream demuxer" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempgdemux.ax"
+ "Pinnacle MPEG Layer-1/2 Audio Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Source 2" "MPEGSource Filter" "" "c:\program files\pinnacle\shared files\filter\pclempegsource2.ax"
+ "Pinnacle MPEG Video Source" "Pinnacle MPEG Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempegmediasource.ax"
+ "Pinnacle MPEG2 Demux II" "pcledemux2" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcledemux2.ax"
+ "Pinnacle MPEG2 Demux II (MovieBox USB version)" "PcleDemux2MBox" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcledemux2mbox.ax"
+ "Pinnacle NEOVideoRepair" "MPEG GOPRenumber" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcleneovideorepair.ax"
+ "Pinnacle PCM2FloatReblocker Reblocker" "PCM2Float Reblocker Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcm2floatreblockerfilter.ax"
+ "Pinnacle pipe" "Studio IQualityControl dispatcher" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwqualitycontrol.ax"
+ "Pinnacle Sample Sink" "Pinnacle Sample Sink Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesamplesink.ax"
+ "Pinnacle Scene Detect Filter" "Scene Detect Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwscenedetect2.ax"
+ "Pinnacle Slicer" "Pinnacle Capture Slicer" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwslicer.ax"
+ "Pinnacle Stream Source Filter" "Pinnacle VideoInfo Changer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\streamsource.ax"
+ "Pinnacle SurroundEncode" "SurroundEncode Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\surroundencode.ax"
+ "Pinnacle Time Fixer Filter" "Pinnacle Time Fixer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\timefixer2.ax"
+ "Pinnacle time restamper" "Pinnacle video resampler filter" "Microsoft Corporation" "c:\program files\pinnacle\shared files\filter\dwvideoresampler.ax"
+ "Pinnacle Transport Stream Remux" "Program2Transport Stream Remux for MICROMV" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcle_tsmux.ax"
+ "Pinnacle VariSpeed Filter" "Variable Speed Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwvarispeed.ax"
+ "Pinnacle Video AntiJitter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Block Filter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Deinterlacer" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Renderer" "Pinnacle DirectShow Video Renderer -" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcle_ovr.ax"
+ "Pinnacle VideoInfo Changer Filter" "Pinnacle VideoInfo Changer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\videoinfochanger2.ax"
+ "Pinnacle wave source" "Pinnacle Wave Capture Filter" "" "c:\program files\pinnacle\shared files\filter\dwwavecapture.ax"
+ "Pinnacle Wave Transform" "DirectShow transform filter for writing wave files" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwwavetransform.ax"
+ "Pinnacle Windows Media Renderer2" "Windows Media Format file renderer" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\wmrenderer2.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Decoder" "dsmpeg4auddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4auddec.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Encoder" "dsmpeg4audenc" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4audenc.ax"
+ "Pinnacle(dicas) MPEG-4 File Reader" "dsmp4filereader" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filereader.ax"
+ "Pinnacle(dicas) MPEG-4 File Writer" "dsmp4filewriter" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filewriter.ax"
+ "Pinnacle(dicas) MPEG-4 Multiplexer" "dsmpeg4mux" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4mux.ax"
+ "Program Stream Desplit" "USB-DVR2 Splitter (DVC150)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2splt.ax"
+ "Program Stream Desplit" "USB-DVR2 Splitter (MovieBox USB)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\movieboxusb\usbdvr2splt.ax"
+ "Program Stream Desplit" "USB-DVR2 Splitter (DVC120)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc120\usbdvr2splt.ax"
+ "QTSrc" "CLQTSrc" "Cyberlink" "c:\windows\system32\quicktime.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\realmediasplitter.ax"
+ "RealMediaRenderer" "RMRenderer" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\realvideo\rmrenderer.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files\avi2dvd\programs\filters\realmediasplitter.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SHN to PCM Filter" "" "" "c:\program files\directshow .shn filter\shntrans.ax"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShoutcastSource" "Shoutcast Source Filter" "Gabest" "c:\program files\shoutcast source\shoutcastsource.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Vorbis Decoder" "Ogg DirectShow™ Filter Collection" "" "c:\program files\avi2dvd\programs\filters\ogm splitter\oggds.dll"
+ "Vorbis Encoder" "Ogg DirectShow™ Filter Collection" "" "c:\program files\avi2dvd\programs\filters\ogm splitter\oggds.dll"
+ "WAV Dest" "" "" "c:\program files\avi2dvd\programs\filters\wavdest.ax"
+ "WaveFormatEx Detective" "WaveFormatEx Detective" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\wfxdetective.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
+ "ZJSoft RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files\winavi video converter 9.0\filter\realmediasplitter.ax"
+ "ZJSoft RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files\winavi video converter 9.0\filter\realmediasplitter.ax"
+ "ZJSoft RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files\winavi video converter 9.0\filter\realmediasplitter.ax"
+ "ZJSoft RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files\winavi video converter 9.0\filter\realmediasplitter.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Bluetooth Printer Port" "bthcrp DLL" "Broadcom Corporation." "c:\windows\system32\bthcrp.dll"
+ "EPSON WorkForce 320 Series 32MonitorBA" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_flbgja.dll"

#12 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 23 August 2012 - 03:37 PM

Hi,

The Autoruns log doesn't show evidences of two Trend Micro installations seems fine.

Lets try a scan with Eset On-line Scanner

Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, an check the options:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology are ticked.
Click Scan and then wait for the scan to finish (it will take some time).

When the scan ends press the button LIST OF THREATS FOUND, click Export to Text File open the text file and Copy & Paste the contents to your reply.
Press the BACK button.
Press Finish

This scan will take long time, if possible connect the PC to the router and disable Trend Micro temporary wile the scan is running.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#13 friendlybear

friendlybear
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 PM

Posted 23 August 2012 - 07:38 PM

Ok, finally done.

2 entries


C:\Documents and Settings\Randy\My Documents\Downloads\Programs\Symantec Norton Ghost 15 Multi and English Boot CD ISO\NGH15_MULTI+SRD_EN.iso a variant of Win32/Keygen.AC application
C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application

edit: I just noticed that my NIC MAC and IP was published in posts 6 and 7, can we get that edited, please?

Edited by friendlybear, 23 August 2012 - 07:41 PM.


#14 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 24 August 2012 - 04:48 AM

Ok, ESET didn't find something serious, only some Warez be careful with that...

Maybe the computer its more slow because of the new Antivirus, many times new software versions have higher system requirements maybe its the case...

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#15 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 PM

Posted 24 August 2012 - 06:22 AM

edit: I just noticed that my NIC MAC and IP was published in posts 6 and 7, can we get that edited, please?


I asked an Admin to remove the information, its now gone. Thanks Elise for that.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users