I ran both of the program scans that you requested. The first one "JOTTI" did not find any problems. The second one "VIRUSTOTAL" I have pasted the results here. Thank You.
My laptop seems to be working a lot better. Doesnt appear to be redirecting or giving me "action cancelled" mgs. It also seems to be working faster. Thank You so much. I will check back for further instructions.
PS: I think I have lost the mgs at shut down also:) "AND" Please thank everyone and anyone who has helped me!
C U Later, PopaTom
-------------------------------------------------------------------------------------
File 1235700.dll received on 2009.12.09 22:56:18 (UTC)
Current status: finished
Result: 1/41 (2.44%)
Compact Print results
Antivirus Version Last Update Result
a-squared 4.5.0.43 2009.12.09 -
AhnLab-V3 5.0.0.2 2009.12.09 -
AntiVir 7.9.1.102 2009.12.09 -
Antiy-AVL 2.0.3.7 2009.12.09 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.09 -
AVG 8.5.0.426 2009.12.09 -
BitDefender 7.2 2009.12.09 -
CAT-QuickHeal 10.00 2009.12.09 -
ClamAV 0.94.1 2009.12.09 -
Comodo 3103 2009.12.01 -
DrWeb 5.0.0.12182 2009.12.09 -
eSafe 7.0.17.0 2009.12.09 -
eTrust-Vet 35.1.7167 2009.12.09 -
F-Prot 4.5.1.85 2009.12.09 -
F-Secure 9.0.15370.0 2009.12.07 -
Fortinet 4.0.14.0 2009.12.09 -
GData 19 2009.12.09 -
Ikarus T3.1.1.74.0 2009.12.09 -
Jiangmin 13.0.900 2009.12.02 -
K7AntiVirus 7.10.916 2009.12.09 -
Kaspersky 7.0.0.125 2009.12.09 -
McAfee 5827 2009.12.09 -
McAfee+Artemis 5827 2009.12.09 -
McAfee-GW-Edition 6.8.5 2009.12.09 -
Microsoft 1.5302 2009.12.09 -
NOD32 4674 2009.12.09 -
Norman 6.03.02 2009.12.09 -
nProtect 2009.1.8.0 2009.12.09 -
Panda 10.0.2.2 2009.12.09 -
PCTools 7.0.3.5 2009.12.09 -
Prevx 3.0 2009.12.09 -
Rising 22.25.02.09 2009.12.09 -
Sophos 4.48.0 2009.12.09 -
Sunbelt 3.2.1858.2 2009.12.09 WebWatcher
Symantec 1.4.4.12 2009.12.09 -
TheHacker 6.5.0.2.088 2009.12.07 -
TrendMicro 9.100.0.1001 2009.12.09 -
VBA32 3.12.12.0 2009.12.08 -
ViRobot 2009.12.9.2078 2009.12.09 -
VirusBuster 5.0.21.0 2009.12.09 -
Additional information
File size: 2150939 bytes
MD5 : bc31abf53b86255bee601ed9a7b4746b
SHA1 : d837bd0f6b11c66e26c2378978ab1f50c87ccfb0
SHA256: 85862288290f5dc270c4378a8f314b969849daeffa57adf6ac27cce14c60c019
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xFF9D2
timedatestamp.....: 0x4A946874 (Wed Aug 26 00:40:52 2009)
machinetype.......: 0x14C (Intel I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x120F7B 0x121000 6.71 de9a9e01c1f8c63f80b28ca85a719ad4
.rdata 0x122000 0xC9DDF 0xCA000 5.55 67e398a217e2669ff495b38dd026a992
.data 0x1EC000 0xE39C 0xC000 4.77 3a86b9de2e0dc6600dea1745902bd356
.SSSHARE 0x1FB000 0x15 0x1000 0.01 b7e855e14bec14e637d85f5e6e30ad6b
.rsrc 0x1FC000 0x958 0x1000 4.22 6d192cd61583dc8c34392b7613d81b26
.reloc 0x1FD000 0xF582 0x10000 5.45 54c914682900635acd7cd208cccf40a1
( 12 imports )
> advapi32.dll: GetSecurityDescriptorSacl, CryptDeriveKey, CryptDecrypt, CryptEncrypt, CryptDestroyKey, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptDestroyHash, CryptReleaseContext, RegGetKeySecurity, RegOpenKeyW, RegSetKeySecurity, RegQueryValueExW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetSecurityDescriptorSacl, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, LookupAccountNameW, ConvertSidToStringSidW, RegEnumKeyExW, RegQueryInfoKeyW, RegSetValueExW, RegOpenKeyExW, RegCreateKeyExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW
> gdi32.dll: CreateCompatibleBitmap, SelectObject, BitBlt, GetObjectW, GetDIBits, DeleteDC, DeleteObject, CreateCompatibleDC
> kernel32.dll: LocalFree, GetComputerNameW, HeapFree, GetProcessHeap, GetTickCount, WaitForSingleObject, CreateEventW, HeapAlloc, lstrcmpW, lstrlenA, GetProcAddress, LoadLibraryW, DeleteFileW, GetTempPathW, VirtualProtect, lstrcpynW, lstrcpyW, WaitForMultipleObjects, TerminateThread, Sleep, SetEndOfFile, WriteFile, SetFilePointer, GetFileAttributesExW, GetFileTime, CreateFileW, ReadFile, GetFileSize, GetTempFileNameW, lstrcatW, GetExitCodeThread, GetCurrentProcessId, CompareFileTime, MoveFileW, GetACP, IsValidCodePage, HeapSize, HeapReAlloc, ReleaseMutex, ReleaseSemaphore, InterlockedExchangeAdd, UnmapViewOfFile, MapViewOfFile, GetTimeZoneInformation, FileTimeToLocalFileTime, OpenEventW, GlobalFree, GlobalReAlloc, GlobalUnlock, GlobalLock, CreateSemaphoreW, CreateMutexW, GetCurrentProcess, CreateFileA, CreateFileMappingW, ProcessIdToSessionId, OpenFileMappingW, FindClose, FindNextFileA, FindFirstFileA, lstrcpynA, CreateMutexA, GetCurrentThreadId, CreateDirectoryW, GlobalSize, GetSystemTime, GetSystemTimeAsFileTime, GetStringTypeA, FlushFileBuffers, GetConsoleMode, GetConsoleCP, SetStdHandle, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, SetHandleCount, GetOEMCP, SetLastError, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, GetStdHandle, HeapCreate, VirtualAlloc, VirtualFree, SetEvent, CloseHandle, FindResourceExW, LockResource, WideCharToMultiByte, GetThreadLocale, SetThreadLocale, LoadLibraryExW, GetModuleHandleW, FindResourceW, LoadResource, SizeofResource, MultiByteToWideChar, FreeLibrary, InterlockedDecrement, InterlockedIncrement, InitializeCriticalSectionAndSpinCount, DisableThreadLibraryCalls, GetModuleFileNameW, lstrcmpiW, GetLastError, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, lstrlenW, GetStringTypeW, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, GetLocaleInfoW, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CompareStringA, CompareStringW, SetEnvironmentVariableA, GlobalAlloc, FileTimeToSystemTime, ExitProcess, GetModuleHandleA, GetCPInfo, LCMapStringW, LCMapStringA, GetCommandLineA, CreateThread, ExitThread, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, RtlUnwind, QueryPerformanceFrequency, QueryPerformanceCounter, GetCurrentDirectoryA, GetModuleFileNameA, SetCurrentDirectoryA, LoadLibraryA, HeapDestroy, GetVersionExA, GetLocaleInfoA, InterlockedExchange
> netapi32.dll: NetApiBufferFree, NetWkstaUserEnum
> nspr4.dll: PR_AtomicIncrement, PR_AtomicDecrement
> ole32.dll: GetHGlobalFromStream, CoTaskMemAlloc, CoTaskMemRealloc, CoTaskMemFree, StringFromGUID2, CoCreateInstance, OleRun, CoUninitialize, CreateStreamOnHGlobal, CoInitializeEx
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> rpcrt4.dll: UuidCreate
> shlwapi.dll: PathAppendW, PathFileExistsW, SHCreateStreamOnFileW, StrStrIA, StrStrIW, PathRemoveFileSpecW
> user32.dll: CharNextW, CharLowerW, CharLowerBuffW, CharLowerA, MsgWaitForMultipleObjects, GetDesktopWindow, GetParent, UnregisterClassA, MessageBoxW, IsWindow, ReleaseDC, GetWindowDC, GetSystemMetrics, GetWindowRect, GetForegroundWindow, RegisterWindowMessageW, SendMessageTimeoutW, GetClassNameW
> wtsapi32.dll: WTSFreeMemory, WTSQuerySessionInformationW, WTSOpenServerW, WTSCloseServer
> xpcom.dll: NS_StringGetData, NS_GetComponentManager, NS_GetServiceManager, NS_NewNativeLocalFile, NS_CStringContainerFinish, NS_CStringContainerInit, NS_StringContainerFinish, NS_StringContainerInit2, NS_StringContainerInit, NS_CStringSetData, NS_CStringCopy, NS_CStringGetData, NS_StringCopy, NS_Alloc, NS_Free
( 1 exports )
> DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, NSGetModule
TrID : File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
ssdeep: 24576:6jPTNgA3MeeyDvWEKgVkmjew2e9oLJHv7fCpaepbFNAmTMy8N87TjMqP3KL:6fyA3tTKgVSfLJHzKpa0bFNAgTYZL
PEiD : -
RDS : NSRL Reference Data Set