1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help with redirects

Discussion in 'Virus & Other Malware Removal' started by JalenTigh, Dec 24, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. JalenTigh

    JalenTigh Thread Starter

    Joined:
    Nov 8, 2009
    Messages:
    11
    Im having browser redirect issues. This comp was lousy with viruses a couple days ago but I have gotten rid of all that bitdefender could find. Additionally I ran malewarebytes and that picked up two additional trojans (DNSChanger) and got rid of those. New problem after that, soon as I deleted those last two, my winsock provider cat got messed up and I couldn't test to see if the redirects were fixed. From there I downloaded a Winsock default restore program I found online, which fixed it, but now I find that the redirects are still happening, but Malewarebytes and Bitdefender both say my system is clean. Here is my MWB log, and Hijack log... thanks in advance for any help or guidance.


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5363

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    12/24/2010 7:07:29 PM
    mbam-log-2010-12-24 (19-07-29).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 203137
    Time elapsed: 1 hour(s), 6 minute(s), 25 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)



    _______________________________________________

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:27:50 PM, on 12/24/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\DLACTRLW.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\BitDefender\BitDefender 2011\downloader.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [TDispVol] "C:\WINDOWS\system32\TDispVol.exe"
    O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"
    O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"
    O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"
    O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"
    O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
    O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] "C:\WINDOWS\AGRSMMSG.exe"
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] "C:\Program Files\Toshiba\Tvs\TvsTray.exe"
    O4 - HKLM\..\Run: [TPSMain] "C:\WINDOWS\system32\TPSMain.exe"
    O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
    O4 - HKLM\..\Run: [dla] "C:\WINDOWS\system32\dla\DLACTRLW.exe"
    O4 - HKLM\..\Run: [Pinger] "c:\toshiba\ivp\ism\pinger.exe" /run
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
    O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
    O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

    --
    End of file - 9059 bytes
     
  2. JalenTigh

    JalenTigh Thread Starter

    Joined:
    Nov 8, 2009
    Messages:
    11
    DDS (Ver_10-12-12.01) - NTFSx86
    Run by Don at 20:50:55.21 on Fri 12/24/2010
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.406 [GMT -5:00]

    AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    FW: BitDefender Firewall *Enabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    svchost.exe
    svchost.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    svchost.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\DLACTRLW.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\BitDefender\BitDefender 2011\downloader.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Don\My Documents\Downloads\dds.pif

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank
    uSearch Bar = hxxp://www.toshiba.com/search
    mStart Page = about:blank
    uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart
    uURLSearchHooks: N/A: {0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
    BHO: Ask Search Assistant BHO: {0579b4b1-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
    TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [TOSCDSPD] "c:\program files\toshiba\toscdspd\toscdspd.exe"
    mRun: [TFncKy] TFncKy.exe
    mRun: [TDispVol] "c:\windows\system32\TDispVol.exe"
    mRun: [igfxtray] "c:\windows\system32\igfxtray.exe"
    mRun: [igfxhkcmd] "c:\windows\system32\hkcmd.exe"
    mRun: [igfxpers] "c:\windows\system32\igfxpers.exe"
    mRun: [ehTray] "c:\windows\ehome\ehtray.exe"
    mRun: [THotkey] "c:\program files\toshiba\toshiba applet\thotkey.exe"
    mRun: [SynTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe"
    mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
    mRun: [AGRSMMSG] "c:\windows\AGRSMMSG.exe"
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [Tvs] "c:\program files\toshiba\tvs\TvsTray.exe"
    mRun: [TPSMain] "c:\windows\system32\TPSMain.exe"
    mRun: [SmoothView] "c:\program files\toshiba\toshiba zooming utility\SmoothView.exe"
    mRun: [dla] "c:\windows\system32\dla\DLACTRLW.exe"
    mRun: [Pinger] "c:\toshiba\ivp\ism\pinger.exe" /run
    mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
    mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    mRun: [CFSServ.exe] CFSServ.exe -NoClient
    mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
    mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\docume~1\don\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\don\applic~1\mozilla\firefox\profiles\bgxut695.default\
    FF - component: c:\program files\bitdefender\bitdefender 2011\bdaphffext\components\bdaphff3.6.dll
    FF - component: c:\program files\bitdefender\bitdefender 2011\bdaphffext\components\bdaphff3.dll
    FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJPI150_04.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

    ============= SERVICES / DRIVERS ===============

    R1 bdrawpr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2010-12-23 12960]
    R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2010-12-6 43424]
    R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 149520]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2010-8-20 111696]
    S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    S3 cpuz132;cpuz132;\??\c:\docume~1\don\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\don\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
    S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-10-11 307544]
    S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-6-28 633424]
    S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-6-28 970320]

    =============== Created Last 30 ================

    2010-12-25 01:49:59 -------- d--h--w- c:\windows\PIF
    2010-12-24 15:48:57 -------- d-----w- c:\docume~1\don\applic~1\Malwarebytes
    2010-12-24 04:03:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-24 04:03:30 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2010-12-24 04:03:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-24 03:40:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-24 01:41:20 -------- d-----w- c:\program files\Trend Micro
    2010-12-24 01:38:22 -------- d-----w- c:\docume~1\don\locals~1\applic~1\BitDefender
    2010-12-24 00:00:30 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
    2010-12-23 18:42:04 -------- d-----w- c:\docume~1\don\applic~1\BitDefender
    2010-12-23 18:41:13 -------- d-----w- c:\program files\BitDefender
    2010-12-23 18:33:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\95180000-e8b3-433a-ad55-bb4e6fdadc89
    2010-12-23 18:29:37 -------- d-----w- c:\docume~1\alluse~1\applic~1\b82a0000-a88a-4f7b-1086-f6edc33d59d
    2010-12-23 18:19:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\d7650000-456f-4cee-1807-2753fcb509a5
    2010-12-23 18:19:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\9a010000-d01d-49db-6d9-c6c4f261d7b4
    2010-12-23 18:15:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\64f90000-bbca-49d1-7900-a941873d7986
    2010-12-23 17:55:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\66d80000-9bb8-4116-ef28-3f3a360f0c8a
    2010-12-23 17:34:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\6f8a0000-32dc-4de9-c596-d0aaf2a5ee91
    2010-12-23 17:24:34 -------- d-----w- c:\docume~1\don\applic~1\QuickScan
    2010-12-23 17:19:01 -------- d-----w- c:\program files\common files\BitDefender
    2010-12-23 17:19:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\BitDefender
    2010-12-23 17:16:29 306104 ----a-w- c:\windows\system32\drivers\Trufos.sys
    2010-12-23 17:16:22 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
    2010-12-23 17:16:20 1972160 ----a-w- c:\docume~1\alluse~1\applic~1\bdinstall.bin
    2010-12-23 15:57:38 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2010-12-23 15:57:38 -------- d-----w- c:\windows\system32\wbem\Repository

    ==================== Find3M ====================

    2010-07-08 14:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe

    =================== ROOTKIT ====================

    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 5.1.2600 Disk: HTS541080G9SA00 rev.MB4OC60R -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86D3FEC5]<<
    _asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x85cea872; SUB DWORD [EBP-0x4], 0x85cea12e; PUSH EDI; CALL 0xffffffffffffdf33; }
    1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x86F86AB8]
    3 CLASSPNP[0xF779EFD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000081[0x86EC5F18]
    5 ACPI[0xF76F5620] -> nt!IofCallDriver[0x804E37D5] -> [0x86FAA030]
    [0x86AD6AB0] -> IRP_MJ_CREATE -> 0x86D3FEC5
    kernel: MBR read successfully
    _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
    detected disk devices:
    \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskHTS541080G9SA00_________________________MB4OC60R#5&35291d97&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    detected hooks:
    \Driver\atapi DriverStartIo -> 0x86D3FAEA
    user & kernel MBR OK
    sectors 156301486 (+255): user != kernel
    Warning: possible TDL3 rootkit infection !

    ============= FINISH: 20:55:04.92 ===============




    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2010-12-24 21:09:44
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 HTS541080G9SA00 rev.MB4OC60R
    Running: 8ufj47gd.exe; Driver: C:\DOCUME~1\Don\LOCALS~1\Temp\pwriyfob.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwAllocateVirtualMemory [0xA9BE879C]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwAssignProcessToJobObject [0xA9BE8C6C]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwConnectPort [0xA9BE95E2]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwCreateFile [0xA9BE924A]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwCreateKey [0xA9BE99AE]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwCreateProcess [0xA9BE8E1A]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwCreateProcessEx [0xA9BE8EC6]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwCreateSection [0xA9BE905E]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwCreateThread [0xA9BE82AA]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwDeviceIoControlFile [0xA9BE9AE6]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwDuplicateObject [0xA9BECB96]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwFsControlFile [0xA9BE9D80]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwLoadDriver [0xA9BEA6D4]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwOpenFile [0xA9BE9154]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwOpenProcess [0xA9BEC81A]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwOpenSection [0xA9BE8F74]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwOpenThread [0xA9BEC99E]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwProtectVirtualMemory [0xA9BE8670]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwQueueApcThread [0xA9BE8D40]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwReplaceKey [0xA9BEA33E]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwRequestPort [0xA9BE9694]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwRequestWaitReplyPort [0xA9BE9354]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwRestoreKey [0xA9BEA3AE]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSecureConnectPort [0xA9BE98F8]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSetContextThread [0xA9BE83C8]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSetSecurityObject [0xA9BEA2B8]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSetSystemInformation [0xA9BE88CC]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSuspendProcess [0xA9BE859E]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSuspendThread [0xA9BE84CC]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwSystemDebugControl [0xA9BE8BCA]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwTerminateProcess [0xA9BEC770]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwTerminateThread [0xA9BECD1C]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender LLC) ZwWriteVirtualMemory [0xA9BE817E]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!_abnormal_termination + 440 804E2AAC 12 Bytes [9E, 85, BE, A9, CC, 84, BE, ...] {SAHF ; TEST [ESI-0x417b3357], EDI; TEST EAX, 0xa9be8bca}
    .rsrc C:\WINDOWS\system32\DRIVERS\intelppm.sys entry point in ".rsrc" section [0xF78F4494]
    init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF6C5FEBF]
    ? C:\DOCUME~1\Don\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtClose + 5 7C90CFF3 5 Bytes JMP 60037FA0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateEvent + 5 7C90D093 5 Bytes JMP 600380B8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateFile + 5 7C90D0B3 5 Bytes JMP 60037FD2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateKey + 5 7C90D0F3 5 Bytes JMP 600381DA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateMutant + 5 7C90D113 5 Bytes JMP 600380C2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateProcess + 5 7C90D153 5 Bytes JMP 600381C6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateProcessEx + 5 7C90D163 5 Bytes JMP 60037FFA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateSection + 5 7C90D183 5 Bytes JMP 60037FAA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtCreateThread + 5 7C90D1B3 5 Bytes JMP 60038194 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtDeleteKey + 5 7C90D253 5 Bytes JMP 60038180 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtDeleteValueKey + 5 7C90D273 5 Bytes JMP 60038176 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtDuplicateObject + 5 7C90D2A3 5 Bytes JMP 60038130 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtLoadDriver + 5 7C90D473 5 Bytes JMP 600380AE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtMapViewOfSection + 5 7C90D523 5 Bytes JMP 60037FBE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtOpenFile + 5 7C90D5A3 5 Bytes JMP 6003818A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtOpenKey + 5 7C90D5D3 5 Bytes JMP 600381E4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtOpenProcess + 5 7C90D603 5 Bytes JMP 600381BC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtOpenSection + 5 7C90D633 5 Bytes JMP 60037FB4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtQueueApcThread + 5 7C90D9A3 5 Bytes JMP 600381D0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtSetInformationFile + 5 7C90DC63 5 Bytes JMP 60038162 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtSetInformationProcess + 5 7C90DCA3 5 Bytes JMP 600380E0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtSetValueKey + 5 7C90DDD3 5 Bytes JMP 60038004 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtTerminateProcess + 5 7C90DE73 5 Bytes JMP 60038158 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtUnmapViewOfSection + 5 7C90DF13 5 Bytes JMP 60037FC8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtVdmControl + 5 7C90DF23 5 Bytes JMP 6003816C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtWriteFile + 5 7C90DF83 5 Bytes JMP 60038126 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!NtWriteVirtualMemory + 5 7C90DFB3 5 Bytes JMP 600381A8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ntdll.dll!RtlCreateProcessParameters 7C922E99 5 Bytes JMP 6003804A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!GetSystemTimeAsFileTime 7C8017E9 5 Bytes JMP 60038022 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateFileA 7C801A28 5 Bytes JMP 60038090 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 6003811C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6003807C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 60038040 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 60038036 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 600381EE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!SleepEx 7C8023A0 5 Bytes JMP 60038054 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!Sleep 7C802446 5 Bytes JMP 60038068 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CloseHandle 7C809BE7 5 Bytes JMP 60037FDC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!QueryPerformanceCounter 7C80A4C7 5 Bytes JMP 6003802C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 60038202 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 60038072 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 6003800E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 60038018 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 6003819E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 600381F8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateFileW 7C810800 5 Bytes JMP 600380A4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 600380D6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6003805E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 60037FF0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CopyFileExW 7C827B32 5 Bytes JMP 60037FE6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!PulseEvent 7C82C06E 5 Bytes JMP 6003820C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!SetFileAttributesW 7C8314DD 5 Bytes JMP 60038112 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!DeleteFileW 7C831F63 5 Bytes JMP 6003813A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateDirectoryW 7C832402 5 Bytes JMP 60038144 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CheckRemoteDebuggerPresent 7C85AAF2 5 Bytes JMP 600380CC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateDirectoryExW 7C85B5CA 5 Bytes JMP 6003814E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 6003809A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 600381B2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!CreateToolhelp32Snapshot 7C865C7F 5 Bytes JMP 60038086 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ReadConsoleA 7C872B5D 2 Bytes JMP 600380FE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ReadConsoleA + 3 7C872B60 2 Bytes [7C, E3] {JL 0xffffffffffffffe5}
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ReadConsoleW 7C872BAC 2 Bytes JMP 60038108 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ReadConsoleW + 3 7C872BAF 2 Bytes [7C, E3] {JL 0xffffffffffffffe5}
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ReadConsoleInputA 7C874613 5 Bytes JMP 600380EA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] KERNEL32.dll!ReadConsoleInputW 7C874636 5 Bytes JMP 600380F4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!RegQueryValueExW + 10C 77DD710B 5 Bytes JMP 60038216 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!OpenServiceW 77DE6FFD 5 Bytes JMP 60038252 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!ControlService 77DF4A09 5 Bytes JMP 60038270 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!OpenServiceA 77DF4C66 5 Bytes JMP 6003825C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 60038284 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 6003827A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 6003823E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 60038248 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 60038266 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!GetMessageW 7E4191C6 5 Bytes JMP 60038298 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 600382AC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!UserClientDllInitialize 7E41B217 5 Bytes JMP 60038220 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!GetMessageA 7E42772B 5 Bytes JMP 6003828E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 600382B6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!PeekMessageA 7E42A340 5 Bytes JMP 600382A2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 600382C0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] msvcrt.dll!__p__environ 77C1F1C5 5 Bytes JMP 600382CA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] msvcrt.dll!__p__fmode 77C1F1DB 5 Bytes JMP 600382D4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] msvcrt.dll!__p__winver + B 77C1F2A1 5 Bytes JMP 6003822A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] SHELL32.dll!StrStrW + FFE4A6E1 7C9E74D6 5 Bytes JMP 60038234 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] SHELL32.dll!Shell_NotifyIconW 7CA2A587 5 Bytes JMP 600382DE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] wininet.dll!InternetConfirmZoneCrossing + FFF66AD2 3D931748 5 Bytes JMP 60038306 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] wininet.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 60038338 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] wininet.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 6003832E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\svchost.exe[188] wininet.dll!InternetOpenA 3D95D690 5 Bytes JMP 60038324 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtClose + 5 7C90CFF3 5 Bytes JMP 60037FA0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateEvent + 5 7C90D093 5 Bytes JMP 600380B8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateFile + 5 7C90D0B3 5 Bytes JMP 60037FD2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateKey + 5 7C90D0F3 5 Bytes JMP 600381E4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateMutant + 5 7C90D113 5 Bytes JMP 600380C2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateProcess + 5 7C90D153 5 Bytes JMP 600381D0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateProcessEx + 5 7C90D163 5 Bytes JMP 60037FFA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateSection + 5 7C90D183 5 Bytes JMP 60037FAA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtCreateThread + 5 7C90D1B3 5 Bytes JMP 6003819E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtDeleteKey + 5 7C90D253 5 Bytes JMP 6003818A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtDeleteValueKey + 5 7C90D273 5 Bytes JMP 60038180 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtDuplicateObject + 5 7C90D2A3 5 Bytes JMP 60038130 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtLoadDriver + 5 7C90D473 5 Bytes JMP 600380AE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtMapViewOfSection + 5 7C90D523 5 Bytes JMP 60037FBE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtOpenFile + 5 7C90D5A3 5 Bytes JMP 60038194 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtOpenKey + 5 7C90D5D3 5 Bytes JMP 600381EE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtOpenProcess + 5 7C90D603 5 Bytes JMP 600381C6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtOpenSection + 5 7C90D633 5 Bytes JMP 60037FB4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtQueueApcThread + 5 7C90D9A3 5 Bytes JMP 600381DA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtReadFile + 5 7C90D9D3 5 Bytes JMP 60038176 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtSetInformationFile + 5 7C90DC63 5 Bytes JMP 60038162 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtSetInformationProcess + 5 7C90DCA3 5 Bytes JMP 600380E0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtSetValueKey + 5 7C90DDD3 5 Bytes JMP 60038004 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtTerminateProcess + 5 7C90DE73 5 Bytes JMP 60038158 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtUnmapViewOfSection + 5 7C90DF13 5 Bytes JMP 60037FC8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtVdmControl + 5 7C90DF23 5 Bytes JMP 6003816C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtWriteFile + 5 7C90DF83 5 Bytes JMP 60038126 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!NtWriteVirtualMemory + 5 7C90DFB3 5 Bytes JMP 600381B2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ntdll.dll!RtlCreateProcessParameters 7C922E99 5 Bytes JMP 6003804A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!GetSystemTimeAsFileTime 7C8017E9 5 Bytes JMP 60038022 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateFileA 7C801A28 5 Bytes JMP 60038090 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 6003811C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6003807C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 60038040 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 60038036 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 600381F8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!SleepEx 7C8023A0 5 Bytes JMP 60038054 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!Sleep 7C802446 5 Bytes JMP 60038068 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CloseHandle 7C809BE7 5 Bytes JMP 60037FDC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!QueryPerformanceCounter 7C80A4C7 5 Bytes JMP 6003802C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 6003820C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 60038072 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 6003800E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 60038018 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 600381A8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 60038202 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateFileW 7C810800 5 Bytes JMP 600380A4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 600380D6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6003805E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 60037FF0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CopyFileExW 7C827B32 5 Bytes JMP 60037FE6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!PulseEvent 7C82C06E 5 Bytes JMP 60038216 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!SetFileAttributesW 7C8314DD 5 Bytes JMP 60038112 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!DeleteFileW 7C831F63 5 Bytes JMP 6003813A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateDirectoryW 7C832402 5 Bytes JMP 60038144 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CheckRemoteDebuggerPresent 7C85AAF2 5 Bytes JMP 600380CC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateDirectoryExW 7C85B5CA 5 Bytes JMP 6003814E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 6003809A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 600381BC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!CreateToolhelp32Snapshot 7C865C7F 5 Bytes JMP 60038086 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ReadConsoleA 7C872B5D 2 Bytes JMP 600380FE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ReadConsoleA + 3 7C872B60 2 Bytes [7C, E3] {JL 0xffffffffffffffe5}
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ReadConsoleW 7C872BAC 2 Bytes JMP 60038108 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ReadConsoleW + 3 7C872BAF 2 Bytes [7C, E3] {JL 0xffffffffffffffe5}
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ReadConsoleInputA 7C874613 5 Bytes JMP 600380EA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] KERNEL32.dll!ReadConsoleInputW 7C874636 5 Bytes JMP 600380F4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!GetMessageW 7E4191C6 5 Bytes JMP 6003828E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!PeekMessageW 7E41929B 5 Bytes JMP 600382A2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!UserClientDllInitialize 7E41B217 5 Bytes JMP 60038220 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!GetMessageA 7E42772B 5 Bytes JMP 60038284 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 600382AC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!PeekMessageA 7E42A340 5 Bytes JMP 60038298 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] user32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 600382B6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!RegQueryValueExW + 10C 77DD710B 5 Bytes JMP 6003822A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!OpenServiceW 77DE6FFD 5 Bytes JMP 60038248 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!ControlService 77DF4A09 5 Bytes JMP 60038266 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!OpenServiceA 77DF4C66 5 Bytes JMP 60038252 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 6003827A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 60038270 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 60038234 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 6003823E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 6003825C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] msvcrt.dll!__p__environ 77C1F1C5 5 Bytes JMP 600382D4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] msvcrt.dll!__p__fmode 77C1F1DB 5 Bytes JMP 600382DE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] msvcrt.dll!__p__winver + B 77C1F2A1 5 Bytes JMP 600382CA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] wininet.dll!InternetConfirmZoneCrossing + FFF66AD2 3D931748 5 Bytes JMP 600382FC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] wininet.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 6003832E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] wininet.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 60038324 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] wininet.dll!InternetOpenA 3D95D690 5 Bytes JMP 6003831A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!WEP + FFFEF156 71AB1273 5 Bytes JMP 60038338 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!GetAddrInfoW 71AB2899 5 Bytes JMP 60038356 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 60038374 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!WSASocketW 71AB404E 5 Bytes JMP 6003836A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 6003837E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!send 71AB4C27 5 Bytes JMP 60038342 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 60038360 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 6003834C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] SHELL32.dll!StrStrW + FFE4A6E1 7C9E74D6 5 Bytes JMP 6003839C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\Documents and Settings\Don\My Documents\Downloads\8ufj47gd.exe[1024] SHELL32.dll!Shell_NotifyIconW 7CA2A587 5 Bytes JMP 600383A6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00073_002\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtClose + 5 7C90CFF3 5 Bytes JMP 60037FA0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateEvent + 5 7C90D093 5 Bytes JMP 600380B8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateFile + 5 7C90D0B3 5 Bytes JMP 60037FD2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateKey + 5 7C90D0F3 5 Bytes JMP 600381DA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateMutant + 5 7C90D113 5 Bytes JMP 600380C2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateProcess + 5 7C90D153 5 Bytes JMP 600381C6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateProcessEx + 5 7C90D163 5 Bytes JMP 60037FFA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateSection + 5 7C90D183 5 Bytes JMP 60037FAA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtCreateThread + 5 7C90D1B3 5 Bytes JMP 60038194 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtDeleteKey + 5 7C90D253 5 Bytes JMP 60038180 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtDeleteValueKey + 5 7C90D273 5 Bytes JMP 60038176 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtDuplicateObject + 5 7C90D2A3 5 Bytes JMP 60038130 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtLoadDriver + 5 7C90D473 5 Bytes JMP 600380AE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtMapViewOfSection + 5 7C90D523 5 Bytes JMP 60037FBE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtOpenFile + 5 7C90D5A3 5 Bytes JMP 6003818A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtOpenKey + 5 7C90D5D3 5 Bytes JMP 600381E4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtOpenProcess + 5 7C90D603 5 Bytes JMP 600381BC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtOpenSection + 5 7C90D633 5 Bytes JMP 60037FB4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtQueueApcThread + 5 7C90D9A3 5 Bytes JMP 600381D0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtSetInformationFile + 5 7C90DC63 5 Bytes JMP 60038162 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtSetInformationProcess + 5 7C90DCA3 5 Bytes JMP 600380E0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtSetValueKey + 5 7C90DDD3 5 Bytes JMP 60038004 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtTerminateProcess + 5 7C90DE73 5 Bytes JMP 60038158 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtUnmapViewOfSection + 5 7C90DF13 5 Bytes JMP 60037FC8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtVdmControl + 5 7C90DF23 5 Bytes JMP 6003816C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtWriteFile + 5 7C90DF83 5 Bytes JMP 60038126 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!NtWriteVirtualMemory + 5 7C90DFB3 5 Bytes JMP 600381A8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ntdll.dll!RtlCreateProcessParameters 7C922E99 5 Bytes JMP 6003804A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!GetSystemTimeAsFileTime 7C8017E9 5 Bytes JMP 60038022 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateFileA 7C801A28 5 Bytes JMP 60038090 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 6003811C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 6003807C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 60038040 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 60038036 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 600381EE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!SleepEx 7C8023A0 5 Bytes JMP 60038054 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!Sleep 7C802446 5 Bytes JMP 60038068 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CloseHandle 7C809BE7 5 Bytes JMP 60037FDC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!QueryPerformanceCounter 7C80A4C7 5 Bytes JMP 6003802C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!FreeLibrary 7C80AC7E 5 Bytes JMP 60038202 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 60038072 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 6003800E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 60038018 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 6003819E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 600381F8 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateFileW 7C810800 5 Bytes JMP 600380A4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 600380D6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ExitProcess 7C81CB12 5 Bytes JMP 6003805E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 60037FF0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CopyFileExW 7C827B32 5 Bytes JMP 60037FE6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!PulseEvent 7C82C06E 5 Bytes JMP 6003820C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!SetFileAttributesW 7C8314DD 5 Bytes JMP 60038112 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!DeleteFileW 7C831F63 5 Bytes JMP 6003813A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateDirectoryW 7C832402 5 Bytes JMP 60038144 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CheckRemoteDebuggerPresent 7C85AAF2 5 Bytes JMP 600380CC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateDirectoryExW 7C85B5CA 5 Bytes JMP 6003814E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 6003809A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 600381B2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!CreateToolhelp32Snapshot 7C865C7F 5 Bytes JMP 60038086 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ReadConsoleA 7C872B5D 2 Bytes JMP 600380FE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ReadConsoleA + 3 7C872B60 2 Bytes [7C, E3] {JL 0xffffffffffffffe5}
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ReadConsoleW 7C872BAC 2 Bytes JMP 60038108 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ReadConsoleW + 3 7C872BAF 2 Bytes [7C, E3] {JL 0xffffffffffffffe5}
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ReadConsoleInputA 7C874613 5 Bytes JMP 600380EA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] KERNEL32.dll!ReadConsoleInputW 7C874636 5 Bytes JMP 600380F4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] msvcrt.dll!__p__environ 77C1F1C5 5 Bytes JMP 6003823E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] msvcrt.dll!__p__fmode 77C1F1DB 5 Bytes JMP 60038248 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] msvcrt.dll!__p__winver + B 77C1F2A1 5 Bytes JMP 60038216 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!RegQueryValueExW + 10C 77DD710B 5 Bytes JMP 60038220 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!OpenServiceW 77DE6FFD 5 Bytes JMP 60038266 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!ControlService 77DF4A09 5 Bytes JMP 60038284 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!OpenServiceA 77DF4C66 5 Bytes JMP 60038270 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 60038298 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 6003828E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 60038252 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 6003825C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 6003827A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!GetMessageW 7E4191C6 5 Bytes JMP 600382AC C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 600382C0 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!UserClientDllInitialize 7E41B217 5 Bytes JMP 6003822A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!GetMessageA 7E42772B 5 Bytes JMP 600382A2 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 600382CA C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!PeekMessageA 7E42A340 5 Bytes JMP 600382B6 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 600382D4 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] SHELL32.dll!StrStrW + FFE4A6E1 7C9E74D6 5 Bytes JMP 60038234 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] SHELL32.dll!Shell_NotifyIconW 7CA2A587 5 Bytes JMP 600382DE C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] wininet.dll!InternetConfirmZoneCrossing + FFF66AD2 3D931748 5 Bytes JMP 60038306 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] wininet.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 60038338 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] wininet.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 6003832E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] wininet.dll!InternetOpenA 3D95D690 5 Bytes JMP 60038324 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!WEP + FFFEF156 71AB1273 5 Bytes JMP 60038342 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!GetAddrInfoW 71AB2899 5 Bytes JMP 60038360 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 6003837E C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!WSASocketW 71AB404E 5 Bytes JMP 60038374 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 60038388 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!send 71AB4C27 5 Bytes JMP 6003834C C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 6003836A C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)
    .text C:\WINDOWS\system32\wuauclt.exe[2992] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 60038356 C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_000_001\midas32.dll (BitDefender Active Virus Control Filtering Library/BitDefender S.R.L. Bucharest, ROMANIA)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

    AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

    Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 86D3FAEA
    Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 86D3FAEA
    Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e 86D3FAEA

    AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
    AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

    Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskHTS541080G9SA00_________________________MB4OC60R#5&35291d97&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session [email protected] ??? ?????0??????????????? ????????????????????????????????Co???????????0?&???0???B?B?C?C?C????????????????????????????D??0?????????h????%SystemRoot%\System32\mswsock.dll???? V??0??????????g???? ???#???1?????5-D ??????????0???0??Modem Device on High Definition Audio Bus?????X??0???d????????????t??0??Unknown Device on High Definition Audio Bus??c????F??0???????????D??Internal High Definition Audio Bus?te ??hdaudbus.inf?+??? ???0???e??????????HDAudio_Device?ort???????????????????'?-?-?-?-?0?0?0?0?0 (?????0?&???2?2?o??????????????????????????? ???????l???????????0?E??????"??????????????????????1??????????????????? ???????l???????????0?E??????"?????????????ws???????1??? ??????????????? ???????l???????????0?E??????"?????????????ce???????1?????????????????????????????????s????mbr??0???2?2?????????????.???????.????D??0?????????h?????????????????????y???????6???0??????????????????????????????? ?????????????0??????? ????????????????D???????????????????????????????????????C:???2?2????????????????????????25??? ?????????

    ---- Disk sectors - GMER 1.0.15 ----

    Disk \Device\Harddisk0\DR0 sectors 156301232 (+254): rootkit-like behavior;

    ---- Files - GMER 1.0.15 ----

    File C:\WINDOWS\system32\DRIVERS\intelppm.sys suspicious modification; TDL3 <-- ROOTKIT !!!

    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
  4. JalenTigh

    JalenTigh Thread Starter

    Joined:
    Nov 8, 2009
    Messages:
    11
    Ran the file you recommended, it found the file and cured it... but now I can not load any webpage with that computer. Connection is fine, just nothing with load. Here is the log from after the cure.

    2010/12/25 10:24:50.0546 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
    2010/12/25 10:24:50.0546 ================================================================================
    2010/12/25 10:24:50.0546 SystemInfo:
    2010/12/25 10:24:50.0546
    2010/12/25 10:24:50.0546 OS Version: 5.1.2600 ServicePack: 3.0
    2010/12/25 10:24:50.0546 Product type: Workstation
    2010/12/25 10:24:50.0546 ComputerName: TOSHIBA-USER
    2010/12/25 10:24:50.0546 UserName: Don
    2010/12/25 10:24:50.0546 Windows directory: C:\WINDOWS
    2010/12/25 10:24:50.0546 System windows directory: C:\WINDOWS
    2010/12/25 10:24:50.0546 Processor architecture: Intel x86
    2010/12/25 10:24:50.0546 Number of processors: 1
    2010/12/25 10:24:50.0546 Page size: 0x1000
    2010/12/25 10:24:50.0546 Boot type: Normal boot
    2010/12/25 10:24:50.0546 ================================================================================
    2010/12/25 10:24:50.0812 Initialize success
    2010/12/25 10:24:52.0750 ================================================================================
    2010/12/25 10:24:52.0750 Scan started
    2010/12/25 10:24:52.0750 Mode: Manual;
    2010/12/25 10:24:52.0750 ================================================================================
    2010/12/25 10:24:53.0968 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2010/12/25 10:24:54.0031 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    2010/12/25 10:24:54.0109 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2010/12/25 10:24:54.0171 AegisP (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
    2010/12/25 10:24:54.0250 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    2010/12/25 10:24:54.0328 AgereSoftModem (b3192376c7a3814b5341efc2202022f8) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    2010/12/25 10:24:54.0703 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2010/12/25 10:24:54.0828 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2010/12/25 10:24:54.0859 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2010/12/25 10:24:54.0937 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2010/12/25 10:24:54.0984 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2010/12/25 10:24:55.0109 avc3 (c6cf76384dfc739b0be55abb79ad4dc0) C:\WINDOWS\system32\drivers\avc3.sys
    2010/12/25 10:24:55.0234 avckf (b758a219e95c085405b1e356a8267610) C:\WINDOWS\system32\drivers\avckf.sys
    2010/12/25 10:24:55.0531 BDFM (8d4efc5c378bffe34c298c92f37d3b14) C:\WINDOWS\system32\DRIVERS\bdfm.sys
    2010/12/25 10:24:55.0859 Bdfndisf (3b3ad83054c650cf7cdeb0d5ecbd54e1) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys
    2010/12/25 10:24:56.0203 bdfsfltr (4c44d82e372a87b3cb439a7f14cfef03) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys
    2010/12/25 10:24:56.0390 Bdftdif (c23a8547d5ea6d0c3589961bfb7ff6d3) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
    2010/12/25 10:24:56.0609 bdrawpr (d077f523538c9fb83b3c3fae13861579) C:\WINDOWS\system32\drivers\bdrawpr.sys
    2010/12/25 10:24:56.0781 bdselfpr (c30617d603f54b87944e46573a27d53b) C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys
    2010/12/25 10:24:56.0828 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2010/12/25 10:24:56.0875 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2010/12/25 10:24:56.0921 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2010/12/25 10:24:56.0984 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2010/12/25 10:24:57.0015 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2010/12/25 10:24:57.0093 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    2010/12/25 10:24:57.0296 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    2010/12/25 10:24:57.0578 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2010/12/25 10:24:57.0640 DLABOIOM (ee4325becef51b8c32b4329097e4f301) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
    2010/12/25 10:24:57.0703 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
    2010/12/25 10:24:57.0765 DLADResN (1e6c6597833a04c2157be7b39ea92ce1) C:\WINDOWS\system32\DLA\DLADResN.SYS
    2010/12/25 10:24:57.0796 DLAIFS_M (752376e109a090970bfa9722f0f40b03) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
    2010/12/25 10:24:57.0812 DLAOPIOM (62ee7902e74b90bf1ccc4643fc6c07a7) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
    2010/12/25 10:24:57.0843 DLAPoolM (5c220124c5afeaee84a9bb89d685c17b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
    2010/12/25 10:24:57.0875 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
    2010/12/25 10:24:57.0906 DLAUDFAM (4ebb78d9bbf072119363b35b9b3e518f) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
    2010/12/25 10:24:57.0921 DLAUDF_M (333b770e52d2cea7bd86391120466e43) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
    2010/12/25 10:24:58.0000 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    2010/12/25 10:24:58.0218 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    2010/12/25 10:24:58.0234 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2010/12/25 10:24:58.0281 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2010/12/25 10:24:58.0359 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2010/12/25 10:24:58.0375 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
    2010/12/25 10:24:58.0406 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
    2010/12/25 10:24:58.0484 E100B (2646883e6dd867cd872d5b51b6036710) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    2010/12/25 10:24:58.0546 e1express (e1fa10ed8f9f700c1be1eae05a80ef57) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
    2010/12/25 10:24:58.0640 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2010/12/25 10:24:58.0703 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    2010/12/25 10:24:58.0765 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    2010/12/25 10:24:58.0796 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    2010/12/25 10:24:58.0875 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2010/12/25 10:24:58.0906 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2010/12/25 10:24:58.0937 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2010/12/25 10:24:59.0125 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2010/12/25 10:24:59.0171 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    2010/12/25 10:24:59.0218 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2010/12/25 10:24:59.0343 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2010/12/25 10:24:59.0437 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2010/12/25 10:24:59.0562 ialm (bc1f1ff8d5800398937966cdb0a97fdc) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    2010/12/25 10:24:59.0875 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2010/12/25 10:25:00.0250 IntcAzAudAddService (b12a9fc49cd2765a43829d834f518aed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    2010/12/25 10:25:00.0531 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2010/12/25 10:25:00.0578 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2010/12/25 10:25:00.0625 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2010/12/25 10:25:00.0671 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2010/12/25 10:25:00.0750 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2010/12/25 10:25:00.0812 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2010/12/25 10:25:00.0843 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2010/12/25 10:25:00.0906 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2010/12/25 10:25:00.0937 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
    2010/12/25 10:25:00.0968 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2010/12/25 10:25:01.0015 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2010/12/25 10:25:01.0046 KR10N (00c1ea8decf810b8eccb5c5a8186a96e) C:\WINDOWS\system32\drivers\KR10N.sys
    2010/12/25 10:25:01.0125 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2010/12/25 10:25:01.0375 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys
    2010/12/25 10:25:01.0453 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    2010/12/25 10:25:01.0468 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2010/12/25 10:25:01.0531 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    2010/12/25 10:25:01.0562 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2010/12/25 10:25:01.0625 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2010/12/25 10:25:01.0656 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2010/12/25 10:25:01.0765 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2010/12/25 10:25:01.0843 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2010/12/25 10:25:01.0968 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2010/12/25 10:25:02.0000 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2010/12/25 10:25:02.0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2010/12/25 10:25:02.0171 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2010/12/25 10:25:02.0218 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2010/12/25 10:25:02.0250 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2010/12/25 10:25:02.0281 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2010/12/25 10:25:02.0312 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2010/12/25 10:25:02.0343 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2010/12/25 10:25:02.0375 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2010/12/25 10:25:02.0437 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    2010/12/25 10:25:02.0468 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2010/12/25 10:25:02.0515 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2010/12/25 10:25:02.0593 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
    2010/12/25 10:25:02.0656 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2010/12/25 10:25:02.0703 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2010/12/25 10:25:02.0968 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2010/12/25 10:25:03.0046 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
    2010/12/25 10:25:03.0078 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2010/12/25 10:25:03.0109 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2010/12/25 10:25:03.0156 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2010/12/25 10:25:03.0187 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2010/12/25 10:25:03.0234 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
    2010/12/25 10:25:03.0250 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2010/12/25 10:25:03.0281 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    2010/12/25 10:25:03.0328 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    2010/12/25 10:25:03.0390 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2010/12/25 10:25:03.0406 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    2010/12/25 10:25:03.0609 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    2010/12/25 10:25:03.0656 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2010/12/25 10:25:03.0687 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2010/12/25 10:25:03.0703 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2010/12/25 10:25:03.0750 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2010/12/25 10:25:03.0875 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2010/12/25 10:25:03.0937 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2010/12/25 10:25:04.0140 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2010/12/25 10:25:04.0171 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2010/12/25 10:25:04.0218 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2010/12/25 10:25:04.0250 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2010/12/25 10:25:04.0296 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    2010/12/25 10:25:04.0359 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2010/12/25 10:25:04.0390 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2010/12/25 10:25:04.0484 s24trans (1cc074e0d48383d4e9bffc6a26c2a58a) C:\WINDOWS\system32\DRIVERS\s24trans.sys
    2010/12/25 10:25:04.0546 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    2010/12/25 10:25:04.0593 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2010/12/25 10:25:04.0640 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
    2010/12/25 10:25:04.0703 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    2010/12/25 10:25:04.0734 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    2010/12/25 10:25:04.0781 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    2010/12/25 10:25:04.0875 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2010/12/25 10:25:05.0171 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    2010/12/25 10:25:05.0250 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
    2010/12/25 10:25:05.0343 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2010/12/25 10:25:05.0375 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2010/12/25 10:25:05.0546 SynTP (e295fffff3aaf9a6a40b29497901908f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
    2010/12/25 10:25:05.0578 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2010/12/25 10:25:05.0640 tbiosdrv (7147b0575bcc93a6ab7d5c90f47c0b9f) C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
    2010/12/25 10:25:05.0734 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2010/12/25 10:25:05.0921 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2010/12/25 10:25:05.0984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2010/12/25 10:25:06.0015 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2010/12/25 10:25:06.0078 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
    2010/12/25 10:25:06.0171 tosrfec (cc069342ee0eae55b32a0ae99cf6185c) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
    2010/12/25 10:25:06.0250 Trufos (6d4bc090afc77f3fd3cbc32817096a01) C:\WINDOWS\system32\DRIVERS\Trufos.sys
    2010/12/25 10:25:06.0296 TVALD (676db15ddf2e0ff6ec03068dea428b8b) C:\WINDOWS\system32\DRIVERS\NBSMI.sys
    2010/12/25 10:25:06.0343 Tvs (cc6763889198ef975b143d49789bcfa9) C:\WINDOWS\system32\DRIVERS\Tvs.sys
    2010/12/25 10:25:06.0375 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2010/12/25 10:25:06.0453 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2010/12/25 10:25:06.0625 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2010/12/25 10:25:06.0687 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2010/12/25 10:25:06.0750 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2010/12/25 10:25:06.0796 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    2010/12/25 10:25:06.0843 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2010/12/25 10:25:06.0890 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    2010/12/25 10:25:07.0046 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
    2010/12/25 10:25:07.0250 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2010/12/25 10:25:07.0312 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
    2010/12/25 10:25:07.0421 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    2010/12/25 10:25:07.0500 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2010/12/25 10:25:07.0640 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2010/12/25 10:25:07.0687 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2010/12/25 10:25:08.0062 ================================================================================
    2010/12/25 10:25:08.0062 Scan finished
    2010/12/25 10:25:08.0062 ================================================================================
     
  5. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    reboot see if this will run
    Delete any existing version of ComboFix you have sitting on your desktop
    Please read and follow all these instructions very carefully

    Download ComboFix from Here or Hereto your Desktop.
    As you download it rename it to username123.exe


    **Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
    --------------------------------------------------------------------
    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
    • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re enable the protection again after combofix has finished
    --------------------------------------------------------------------
    2. Close any open browsers and any other programs you might have running
    Double click on combofix.exe & follow the prompts.​
    If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
    Please select yes & let it download the files it needs to do this
    When finished, it will produce a report for you.
    Please post the "C:\ComboFix.txt" for further review


    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

    Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

    Please tell us if it has cured the problems or if there are any outstanding issues
     
  6. JalenTigh

    JalenTigh Thread Starter

    Joined:
    Nov 8, 2009
    Messages:
    11
    That appears to have fixed it. Pages loading now, no redirects so far. Thanks so much for your help... Happy Holidays.
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    post the combofix report then please so we can see if any other malware still needs fixing
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/970478

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice