Windows Easy Supervisor Issue

View previous topic View next topic Go down

Windows Easy Supervisor Issue

Post by Misteretc on 6th July 2011, 2:14 am

Help!

My wife accidentally downloaded the "Windows Easy Supervisor" thinking it was a valid Windows program and then allowed it to run. I can't run RKILL, tdsskiller, Icesword, or anything else because it shuts it down. Even when I go to safe mode, this thing is there and stops me at every attempt.

What should I do?

Yikes

Misteretc
Intermediate
Intermediate

Posts Posts : 113
Joined Joined : 2010-03-14
Gender Gender : Male
OS OS : Microsoft Windows XP
Points Points : 26412
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows Easy Supervisor Issue

Post by Dr Jay on 6th July 2011, 4:26 pm

Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Windows Easy Supervisor Issue

Post by Misteretc on 8th July 2011, 11:10 pm

I've tried it twice and it locks up both times. I was able to get RKILL to run finally and ran MBAM.

Misteretc
Intermediate
Intermediate

Posts Posts : 113
Joined Joined : 2010-03-14
Gender Gender : Male
OS OS : Microsoft Windows XP
Points Points : 26412
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows Easy Supervisor Issue

Post by Misteretc on 9th July 2011, 10:00 am

Malwarebytes' Anti-Malware 1.51.0.1200
[You must be registered and logged in to see this link.]

Database version: 7030

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/6/2011 4:47:46 AM
mbam-log-2011-07-06 (04-47-46).txt

Scan type: Full scan (C:\|)
Objects scanned: 174755
Time elapsed: 23 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\dell\application data\microsoft\jsxxqk.exe (Rogue.FakeMSE) -> Quarantined and deleted successfully.
c:\documents and settings\dell\application data\microsoft\yjogkd.exe (Rogue.FakeMSE) -> Quarantined and deleted successfully.
c:\documents and settings\dell\local settings\temporary internet files\Content.IE5\6MD4AKVC\flash_player_installer[3].exe (Rogue.FakeMSE) -> Quarantined and deleted successfully.
c:\documents and settings\dell\local settings\temporary internet files\Content.IE5\FWPRX4AA\flash_player_installer[1].exe (Rogue.FakeMSE) -> Quarantined and deleted successfully.
c:\system volume information\_restore{31df536c-a8fe-412e-8b6d-543a86796048}\RP54\A0008251.exe (Rogue.FakeMSE) -> Quarantined and deleted successfully.
c:\system volume information\_restore{31df536c-a8fe-412e-8b6d-543a86796048}\RP54\A0008266.exe (Rogue.FakeMSE) -> Quarantined and deleted successfully.
c:\documents and settings\dell\Desktop\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
c:\documents and settings\dell\Desktop\uSeRiNiT.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
c:\documents and settings\dell\Desktop\WiNlOgOn.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Misteretc
Intermediate
Intermediate

Posts Posts : 113
Joined Joined : 2010-03-14
Gender Gender : Male
OS OS : Microsoft Windows XP
Points Points : 26412
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows Easy Supervisor Issue

Post by Dr Jay on 11th July 2011, 1:16 am

Please run the [You must be registered and logged in to see this link.], and once done, press the View Report link. Post that log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Windows Easy Supervisor Issue

Post by Misteretc on 11th July 2011, 12:46 pm

Okay thanks, I ran it and here is the report...


QuickScan Beta 32-bit v0.9.9.96
-------------------------------
Scan date: Mon Jul 11 08:45:50 2011
Machine ID: 7C6897EE



No infection found.
-------------------



Processes
---------
Alps Pointing-device Driver 2456 C:\Program Files\Apoint\Apoint.exe
Alps Pointing-device Driver 3024 C:\Program Files\Apoint\hidfind.exe
Alps Pointing-device Driver for Windows 3088 C:\Program Files\Apoint\ApntEx.exe
Broadcom ASF IP monitoring service 224 C:\WINDOWS\system32\BAsfIpM.exe
Dell Wireless WLAN Card Wireless Networ 1892 C:\WINDOWS\system32\BCMWLTRY.EXE
Dell Wireless WLAN Card Wireless Networ 2412 C:\WINDOWS\system32\WLTRAY.EXE
InstallIQ Updater 2636 C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
Intel(R) Common User Interface 2504 C:\WINDOWS\system32\hkcmd.exe
Intel(R) Common User Interface 2512 C:\WINDOWS\system32\igfxpers.exe
Intel(R) PROSet/Wireless 2444 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
Intel(R) PROSet/Wireless 500 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
Intel(R) PROSet/Wireless 256 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Intel(R) PROSet/Wireless 1264 C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
Intel(R) PROSet/Wireless 636 C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
Intel(R) PROSet/Wireless 2432 C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
Java(TM) Platform SE 6 U26 420 C:\Program Files\Java\jre6\bin\jqs.exe
Java(TM) Platform SE Auto Updater 2 0 2584 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Microsoft® Windows® Operating System 2008 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 1648 C:\WINDOWS\system32\wbem\unsecapp.exe
PowerDVD RC Service 2528 C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
SUPERAntiSpyware 2592 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
ToolbarUpdaterService.exe 564 C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
WinZip 2680 C:\Program Files\WinZip\WZQKPICK.EXE
WLTRYSVC.EXE 1852 C:\WINDOWS\system32\WLTRYSVC.EXE
(verified) GoogleToolbarNotifier 2620 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft® Windows® Operating System 1776 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 2176 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 876 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 2600 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 960 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 948 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 804 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 1452 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1536 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 196 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1120 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1188 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1224 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 3624 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2892 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 524 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 904 C:\WINDOWS\system32\winlogon.exe
(verified) Windows® Internet Explorer 2692 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 3824 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Yahoo! AutoUpdater 684 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


Network activity
----------------
Process iexplore.exe (2692) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (2692) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (2692) connected on port 80 (HTTP) --> 74.86.145.73
Process iexplore.exe (2692) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (2692) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 65.222.174.81
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 65.222.174.81
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 65.222.174.73
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 75.126.48.186
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 75.126.48.186
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 184.25.188.74
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 63.84.59.80
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 63.131.144.201
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 72.14.204.148
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 63.116.166.35
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 69.171.228.14
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 65.222.174.81
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 75.126.48.186
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 184.25.188.74
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 94.23.243.211
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 72.14.204.102
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 69.175.35.66
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 75.126.48.186
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 94.23.243.211
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 94.23.243.211
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 65.222.174.81
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 65.222.174.81
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 75.126.48.186
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 75.126.48.186
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 94.23.243.211
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 94.23.243.211
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 94.23.243.211
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 173.193.21.234
Process iexplore.exe (3824) connected on port 80 (HTTP) --> 173.193.21.234

Process svchost.exe (1188) listens on ports: 135 (RPC)
Process svchost.exe (1536) listens on ports: 2869 (SSDP event notification, UPNP)


Autoruns and critical files
---------------------------
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Alps Pointing-device Driver C:\Program Files\Apoint\Apoint.exe
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Bitberry Software Update Checker C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
Dell Wireless WLAN Card Wireless Networ C:\WINDOWS\system32\WLTRAY.EXE
InstallIQ Updater C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
Intel(R) Common User Interface C:\WINDOWS\system32\hkcmd.exe
Intel(R) Common User Interface C:\WINDOWS\system32\igfxdev.dll
Intel(R) Common User Interface C:\WINDOWS\system32\igfxpers.exe
Intel(R) Common User Interface C:\WINDOWS\system32\igfxtray.exe
Intel(R) PROSet/Wireless C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
Intel(R) PROSet/Wireless C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\ssstars.scr
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
PowerDVD Language Application C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe
PowerDVD RC Service C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
QuickTime C:\Program Files\QuickTime\qttask.exe
Reimage. Making PCs work like new. Ever C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
SuperAntiSpyware C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
WinZip C:\Program Files\WinZip\WZQKPICK.EXE
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Google Toolbar for Internet Explorer C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
Google Update C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
Java(TM) Platform SE 6 U26 C:\Program Files\Java\jre6\bin\jp2ssv.dll
Java(TM) Platform SE 6 U26 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Java(TM) Platform SE 6 U26 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
Superfish IE extention. C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll
Toolbar c:\program files\startnow toolbar\toolbar32.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Yahoo! Single Instance for Mail c:\program files\yahoo!\companion\installs\cpn0\ytsingleinstance.dll
Yahoo! Toolbar c:\program files\yahoo!\companion\installs\cpn0\yt.dll
Yahoo! Toolbar Nav Assistant plugin c:\program files\yahoo!\companion\installs\cpn0\ytnavassist.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Scan
----
MD5: 031ccdff85a57172f3402cb99b3e9d46 C:\Documents and Settings\dell\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MD5: 2786afc6ab1f04d7600228e39df2e186 C:\Documents and Settings\dell\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MD5: db4b28b8f25b3a2548b947a42b2df3b3 C:\Documents and Settings\dell\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MD5: 11ab72d5d603db401c190b454fb935a7 C:\Documents and Settings\dell\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MD5: 0bd343c45b4eccf8d6af94d6c3adc310 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 4c737fe32049af0547827c3eb49ac3c0 C:\Program Files\Apoint\ApntEx.exe
MD5: a600b0ba73c17aa7f7d97e3523017ed2 C:\Program Files\Apoint\Apoint.DLL
MD5: bdf765b33972a95ae8b5c5262d5e1325 C:\Program Files\Apoint\Apoint.exe
MD5: 0efd126aa2a4f17489ef30f8d1cafb53 C:\Program Files\Apoint\EzAuto.dll
MD5: 4de4154af5ba5939fa46b1736e129656 C:\Program Files\Apoint\EzLaunch.DLL
MD5: dfcb0a7bcbc97922f2ee24fe11318c6c C:\Program Files\Apoint\hidfind.exe
MD5: 34ebd4ff6a24d86bb4716d6afcc1a89b C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: 42d248c8b9460f908e9d11475bad534c C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: d2ada8af0ee98f3f76536015d74ee4bf C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 5d411a4892ab7ea845231d665a858e8d C:\Program Files\Common Files\CyberLink\PowerDVD9\deskband32.dll
MD5: eba5a99ce5d25eeb9ad88af367d47b4d C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\ConnMgr.dll
MD5: 0cd9f5c092e218600ff761f05921b180 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
MD5: d21b30a0a07ebb5ad6d5750735d90555 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
MD5: 11add8816d61a6025844eb5123ec92d3 C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
MD5: 41c03a40a2038f3ae5046f7a9d2bae57 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
MD5: c96980cccf84329824623b0b50383703 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
MD5: 2da4b9e658702b414a9dbe701a8b230e C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
MD5: 13e7cfe8e269ed15e7fc9c3ebbcb7e2b C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: 26687d8e9feed2ebab77670c72007b48 C:\Program Files\Common Files\System\ado\msado15.dll
MD5: 142cedecae89e372ee347681c3fbb257 C:\Program Files\Common Files\System\msadc\msadce.dll
MD5: 81e9041dac0983aace5c8920af73d64e C:\Program Files\Common Files\System\msadc\msadcer.dll
MD5: 1ed4c96ec76c3ddfcabd7644da23f4b6 C:\Program Files\Common Files\System\Ole DB\msdasql.dll
MD5: 8985fcece06a74017e23ddd093e34d4e C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL
MD5: 73baffa0b02320690cdc606241078ce4 C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll
MD5: 652b4e6919ab957e202057fd60d1b42a C:\Program Files\CyberLink\PowerDVD9\CLRCEngine3.dll
MD5: 38dd8c528516755c37619db364826055 C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe
MD5: 1020c0c4bac624daf56712ea6d5865ce C:\Program Files\CyberLink\PowerDVD9\MSVCR71.dll
MD5: f5fba8724de219e96d9abaf4772d31a3 C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
MD5: a84d06de3d644327706d7b1a879f44db C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
MD5: 621a9728f52645c3e1b859e642aed1e3 C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_D1B8F90352BD52A9.dll
MD5: 5ff2f46be1d8be01b5c304ee4703478a C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll
MD5: 815a3cfde5abe0ce53d7a3b33f0dba6b C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
MD5: 872e0242259f0cdda05354dd1a5f3b89 C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\gtn.dll
MD5: a953e104137df406b70477d60bc29008 C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
MD5: b226054bfa3d3a1920f7b95e54f3e87d C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
MD5: 2788ffd617d6fbe7f6407f1f5a6f18b5 C:\Program Files\Intel\WiFi\bin\DbEngine.dll
MD5: c37b83b51cdf10e5bb6f78a7e4fed11a C:\Program Files\Intel\WiFi\bin\EvtEng.exe
MD5: 6d436018286f6889cd0bb6abe99da0a5 C:\Program Files\Intel\WiFi\bin\IntStngs.dll
MD5: 1ca64e4edea94fda75212c4bd150658f C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
MD5: db7f68f6bc8a940a0df9899c45ea9eef C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\SupplicantPlugin.dll
MD5: 7a68201b1f1dcedbcd998fcc3136ec96 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\WSCPlugin.dll
MD5: af0a9d65d0c38447fc5499316705ef35 C:\Program Files\Intel\WiFi\bin\MurocApi.dll
MD5: fda5b90363233297d7f68b03fd472f16 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
MD5: 2e47a3a393595161a21969fb5821404b C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
MD5: 0fcb7eeb0e81a777735a5af185f56c2b C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
MD5: 7c0f8b4103945fa2cb695004804d65bb C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
MD5: b64224e2f1555c85a20f0370aa0c1fc4 C:\Program Files\Intel\WiFi\bin\supplicant.dll
MD5: c9b9942eeca0b82e35d60627e365510a C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
MD5: 4f5562f8c92eeda83761244ac3655ada C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
MD5: a9d7153b413dd0a43aac72190473eeaf C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: 5dd552e15419354fcd8ee92ae2660814 C:\Program Files\Internet Explorer\xpshims.dll
MD5: e7d55e121ff1951cb86c7e0dc6a33877 C:\Program Files\Java\jre6\bin\jp2ssv.dll
MD5: 9dba73c2f1e76ec4cb837e67c5743596 C:\Program Files\Java\jre6\bin\jqs.exe
MD5: 1040bd9bf3ddab7cda2346f8375480a2 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 2c003d049cd5e45bb88b6f8583561035 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\QuickTime\qttask.exe
MD5: 1e1d09ecc071de64844bc8cd4376c85a C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
MD5: b6a66165347254f8958641a75473dee7 c:\program files\startnow toolbar\toolbar32.dll
MD5: 222d07b010af51888098da869bd9c173 C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MD5: 31a7aa2dedefbd3927b0cade051aac2c C:\Program Files\SUPERAntiSpyware\deupx.dll
MD5: ecd5517a6633826057d4f050927ddf56 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MD5: 760c4453663248c596e80df34fb8cc85 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
MD5: e67519b6f8d918abea150bb3b7f5885d C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll
MD5: 4b12d3cf9c3d2df2c11741c79f57b7f4 C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
MD5: 54a9f1e18aab48579ab70a32d60d780a C:\Program Files\Windows Media Player\wmpband.dll
MD5: c5ac7e5ba6063086a439b5fd30b6aade C:\Program Files\WinZip\WZQKPICK.EXE
MD5: 28698e66b0bb6cfa6b683da68592610e c:\program files\yahoo!\companion\installs\cpn0\yt.dll
MD5: 59ec3ecd89447fb97d0d4128f4aab2be c:\program files\yahoo!\companion\installs\cpn0\ytnavassist.dll
MD5: 10468e3ea0986dafb61522beefab769a c:\program files\yahoo!\companion\installs\cpn0\ytsingleinstance.dll
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 23dc75d158d484177ffe99e23264f89f C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: e1a1206a4fb19b675e947b29ccd25fba C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
MD5: bdd5538b859dbeb3ecaf09b3d027553a C:\WINDOWS\system32\BAsfIpM.exe
MD5: 4e8964a5564d27be3f336aad47d5d6e8 C:\WINDOWS\System32\bcm1xsup.dll
MD5: f49dabe4b824b9bf35e5f541a6caaf26 C:\WINDOWS\System32\BCMLogon.dll
MD5: 4df537a09034434ea9481b88ab1d3c25 C:\WINDOWS\System32\bcmwlpkt.dll
MD5: 7c19764a2ec7ac4ae8db4bbf0b7f20c5 C:\WINDOWS\system32\BCMWLTRY.EXE
MD5: 45642e407d8980ff2c874ebbd3eff565 C:\WINDOWS\system32\BMAPI.DLL
MD5: 49c3dd09bd9fc7efe89b5c2f2de88313 C:\WINDOWS\system32\BROWSEUI.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
MD5: bdaaf79dd63f194434d31a74b9bb8b77 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll
MD5: 6100d350770a5595fbf4c96f3510badc C:\WINDOWS\system32\CSRSRV.dll
MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 355556d9e580915118cd7ef736653a89 C:\WINDOWS\System32\drivers\afd.sys
MD5: 090880e9bf20f928bc341f96d27c019e C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
MD5: 2acf06176b9d011567d7f25b83ddd066 C:\WINDOWS\system32\DRIVERS\b57xp32.sys
MD5: 3d87b0484be1093c6614062701f375c5 C:\WINDOWS\system32\Drivers\BASFND.sys
MD5: 643162fbc619e35d3f1a90a095a5bb42 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
MD5: efaaa0695eed5deeeb01ba4698e85792 C:\WINDOWS\system32\drivers\klmd.sys
MD5: 0dc719e9b15e902346e87e9dcd5751fa C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 091a1284aa583288b64dcd370d1b421e C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
MD5: 96b4494d4734970f47c566e098c4f527 C:\WINDOWS\system32\DRIVERS\s24trans.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 305cc42945a713347f978d78566113f3 C:\WINDOWS\system32\drivers\STAC97.sys
MD5: f0608f3b5b6d16f4870e867f9d069b6b C:\WINDOWS\system32\DRIVERS\w29n51.sys
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: f03b09722ac8d54e1c890700c83a5eae C:\WINDOWS\system32\hccutils.DLL
MD5: 6c47474924ecd9b6f849d3b533ca3fff C:\WINDOWS\system32\hkcmd.exe
MD5: af61826b82de7b95d5db8ee075a172d2 C:\WINDOWS\system32\ieframe.dll
MD5: c0b6195f1afda4a3061915501eb75d4a C:\WINDOWS\system32\iepeers.dll
MD5: ba356bd33397936d2e292cb00f80c164 C:\WINDOWS\system32\iertutil.dll
MD5: 1e797728cefc6d4df72e10912f48dab3 C:\WINDOWS\system32\igfxdev.dll
MD5: f6bb88a352bb58ea7d51ee2606f9414c C:\WINDOWS\system32\igfxpers.exe
MD5: 212f9e0be9ed9d6bf422263db8727ce8 C:\WINDOWS\system32\igfxres.dll
MD5: 18841028b47f2e0ef0a258db0a96c329 C:\WINDOWS\system32\igfxsrvc.dll
MD5: 0184d806f9ad3b8f389336fe736d82da C:\WINDOWS\system32\igfxtray.exe
MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: efbef826c183cf8edab324ce514d69b7 C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\System32\MFC71.DLL
MD5: 14da23d2b9310c694aba9dcae14dc059 C:\WINDOWS\system32\msfeeds.dll
MD5: 22ba5235ea846eda87f68a1dcc2bfcf9 C:\WINDOWS\system32\mshtml.dll
MD5: d3f72d50de53f9f1f55240115af4d42e c:\windows\system32\msi.dll
MD5: 9e70016c950b1f8fdeaa6f067e2e25a8 C:\WINDOWS\system32\msjet40.dll
MD5: 7e2b58ce8c4013287371667880b1080d C:\WINDOWS\system32\MSJINT40.DLL
MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll
MD5: afdc647d16b285b9ae6140335b3b3255 C:\WINDOWS\system32\mswstr10.dll
MD5: 55e7b39d4fe95a0716e1c3e290c8c919 C:\WINDOWS\system32\netprovcredman.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 C:\WINDOWS\System32\netshell.dll
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll
MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll
MD5: 5ce275cdc5ffb77b1ec29dbdfe4b6689 C:\WINDOWS\system32\odbcji32.dll
MD5: 1b05dcc75fbb903a17e3e0ddaea8d508 C:\WINDOWS\system32\odbcjt32.dll
MD5: 7a6a7900b5e322763430ba6fd9a31224 C:\WINDOWS\system32\ole32.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: abeedd547e939ad827b2e29dec754206 C:\WINDOWS\system32\schannel.dll
MD5: 807a60a2ddc40299ef8cf5f4fe6462cc C:\WINDOWS\system32\SHDOCVW.dll
MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 86984e591641191236033d2a4d80ed56 C:\WINDOWS\system32\ssstars.scr
MD5: 053582991ffde38fc470d6ed7133a297 C:\WINDOWS\system32\udhisapi.dll
MD5: 78bb1e601edab917094b0260a5a57c85 C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: 31cf51dcda1424b813cc97b20f71b431 C:\WINDOWS\system32\vbscript.dll
MD5: ad956827ae891da374674e49307ab1a6 C:\WINDOWS\system32\VXDIF.DLL
MD5: c7000f2db2a5515c64c257478769a481 C:\WINDOWS\system32\wbem\unsecapp.exe
MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: cc951c2212a200475a587a440e0aa804 C:\WINDOWS\system32\WININET.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 42b5427fac23bf6f1f31e466b7feb084 C:\WINDOWS\system32\winsrv.dll
MD5: 9eefe69139fdbb4a3c327630f8eb993a C:\WINDOWS\system32\wlanapi.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 17cec1cb41c5580dbe20984fc73bc4f4 C:\WINDOWS\system32\WLTRAY.EXE
MD5: 5f755a48d09444cee0a1a7e74ac54d85 C:\WINDOWS\System32\wltrynt.dll
MD5: 60714b1c15f815f55798c0b3d4819beb C:\WINDOWS\system32\WLTRYSVC.EXE
MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\System32\XPOB2RES.DLL
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 0.71 KB recvd
Scanned 574 files and modules - 35 seconds

==============================================================================


Misteretc
Intermediate
Intermediate

Posts Posts : 113
Joined Joined : 2010-03-14
Gender Gender : Male
OS OS : Microsoft Windows XP
Points Points : 26412
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Windows Easy Supervisor Issue

Post by Dr Jay on 12th July 2011, 10:40 am

Now, please try ComboFix once more...


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum