Jump to content

dawnmarie

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Posts posted by dawnmarie

    Redirect ad trojans

    in Resolved Malware Removal Logs

    Posted

    Here is the attach...

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume2

    Install Date: 10/20/2010 2:48:06 PM

    System Uptime: 7/3/2012 5:15:38 PM (0 hours ago)

    .

    Motherboard: Sony Corporation | | VAIO

    Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | N/A | 2200/200mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 290 GiB total, 213.828 GiB free.

    D: is Removable

    E: is Removable

    F: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP149: 6/23/2012 10:50:00 PM - Scheduled Checkpoint

    RP150: 6/29/2012 6:34:41 PM - Installed Microsoft Fix it 50267

    .

    ==== Installed Programs ======================

    .

    .

    Update for Microsoft Office 2007 (KB2508958)

    Adobe AIR

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader X (10.1.3)

    Amazon Kindle

    Apple Application Support

    Apple Software Update

    Application Manager for VAIO

    ArcSoft Magic-i Visual Effects 2

    ArcSoft WebCam Companion 3

    Bing Bar

    Borders Desktop

    Click to Disc

    Click to Disc Editor

    Compatibility Pack for the 2007 Office system

    D3DX10

    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

    DivX Setup

    Epson CreativeZone

    Epson Easy Photo Print 2

    EPSON Scan

    Free Studio version 5.0.3

    Google Chrome

    Google Earth

    Google Toolbar for Internet Explorer

    Google Update Helper

    GoToMeeting 5.2.0.952

    Handbrake 0.9.4

    Java Auto Updater

    Java 6 Update 20

    Java 6 Update 29

    Junk Mail filter update

    Malwarebytes Anti-Malware version 1.61.0.1400

    Mesh Runtime

    Messenger Companion

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office 2010 Service Pack 1 (SP1)

    Microsoft Office Access MUI (English) 2010

    Microsoft Office Access Setup Metadata MUI (English) 2010

    Microsoft Office Excel MUI (English) 2007

    Microsoft Office Excel MUI (English) 2010

    Microsoft Office Home and Student 2007

    Microsoft Office OneNote MUI (English) 2007

    Microsoft Office OneNote MUI (English) 2010

    Microsoft Office Outlook MUI (English) 2010

    Microsoft Office PowerPoint MUI (English) 2007

    Microsoft Office PowerPoint MUI (English) 2010

    Microsoft Office PowerPoint Viewer 2007 (English)

    Microsoft Office Professional 2010

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (English) 2010

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (French) 2010

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proof (Spanish) 2010

    Microsoft Office Proofing (English) 2007

    Microsoft Office Proofing (English) 2010

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (English) 2010

    Microsoft Office Shared MUI (English) 2007

    Microsoft Office Shared MUI (English) 2010

    Microsoft Office Shared Setup Metadata MUI (English) 2007

    Microsoft Office Shared Setup Metadata MUI (English) 2010

    Microsoft Office Single Image 2010

    Microsoft Office Word MUI (English) 2007

    Microsoft Office Word MUI (English) 2010

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Works

    Mozilla Firefox 13.0 (x86 en-US)

    Mozilla Maintenance Service

    MSVCRT

    MSVCRT_amd64

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    Music Transfer

    Norton Internet Security

    OpenOffice.org 3.2

    OverDrive Media Console

    Primo

    QuickBooks Financial Center

    QuickTime

    Realtek High Definition Audio Driver

    Roxio Central Audio

    Roxio Central Copy

    Roxio Central Core

    Roxio Central Data

    Roxio Central Tools

    Roxio Easy Media Creator 10 LJ

    Roxio Easy Media Creator Home

    Runtime

    Safari

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553091)

    Security Update for Microsoft Office 2010 (KB2553096)

    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

    Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

    Setting Utility Series

    Skype™ 5.3

    SmartWi Connection Utility

    Sony Home Network Library

    Sony Picture Utility

    Spotify

    Spybot - Search & Destroy

    Uninstall 1.0.0.1

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft Office 2007 Help for Common Features (KB963673)

    Update for Microsoft Office 2010 (KB2494150)

    Update for Microsoft Office 2010 (KB2553065)

    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2566458)

    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

    Update for Microsoft Office Excel 2007 Help (KB963678)

    Update for Microsoft Office OneNote 2007 Help (KB963670)

    Update for Microsoft Office Powerpoint 2007 Help (KB963669)

    Update for Microsoft Office Script Editor Help (KB963671)

    Update for Microsoft Office Word 2007 Help (KB963665)

    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

    Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

    Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

    VAIO Care

    VAIO Content Metadata Intelligent Analyzing Manager

    VAIO Content Metadata Intelligent Network Service Manager

    VAIO Content Metadata Manager Settings

    VAIO Content Metadata XML Interface Library

    VAIO Content Monitoring Settings

    VAIO Control Center

    VAIO Data Restore Tool

    VAIO DVD Menu Data Basic

    VAIO Entertainment Platform

    VAIO Event Service

    VAIO Help and Support

    VAIO Media plus

    VAIO Media plus Opening Movie

    VAIO Movie Story

    VAIO Movie Story Template Data

    VAIO OOBE and Startup Assistant

    VAIO Original Function Settings

    VAIO Power Management

    VAIO Presentation Support

    VAIO Quick Web Access

    VAIO Survey

    VAIO Wallpaper Contents

    VC80CRTRedist - 8.0.50727.4053

    Visual Studio 2008 x64 Redistributables

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Installer

    Windows Live Mail

    Windows Live Mesh

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Messenger

    Windows Live Messenger Companion Core

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live Sync

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    Yahoo! BrowserPlus 2.9.8

    Yahoo! Software Update

    .

    ==== Event Viewer Messages From Past Week ========

    .

    7/3/2012 5:16:26 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

    7/3/2012 5:16:26 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

    7/3/2012 5:16:05 PM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.

    7/3/2012 5:16:05 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

    7/3/2012 5:16:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.

    7/3/2012 5:16:04 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

    7/3/2012 5:16:04 PM, Error: Service Control Manager [7000] - The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    7/3/2012 5:16:03 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

    7/2/2012 3:10:39 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    7/2/2012 3:10:39 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

    7/2/2012 11:00:11 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

    7/2/2012 10:57:17 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting.

    7/2/2012 10:54:38 PM, Error: Service Control Manager [7022] - The Background Intelligent Transfer Service service hung on starting.

    7/1/2012 2:49:04 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

    .

    ==== End Of File ===========================

    Redirect ad trojans

    in Resolved Malware Removal Logs

    Posted

    Here is the DDS

    .

    DDS (Ver_2011-08-26.01) - NTFSAMD64

    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

    Run by Dawn at 17:48:52 on 2012-07-03

    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3935.2090 [GMT -6:00]

    .

    AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

    AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

    SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

    FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

    .

    ============== Running Processes ===============

    .

    C:\PROGRA~2\AVG\AVG10\avgchsva.exe

    C:\PROGRA~2\AVG\AVG10\avgrsa.exe

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\spoolsv.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Sony\VAIO Care\VCSpt.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

    C:\Windows\system32\Dwm.exe

    C:\Program Files\Oracle\Information Rights Management\Desktop\OracleIRMServiceHost64.exe

    C:\Windows\Explorer.EXE

    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Windows\system32\WUDFHost.exe

    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

    C:\Program Files (x86)\Oracle\Information Rights Management\Desktop\IrmBackground.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

    C:\Windows\system32\conhost.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Program Files\iPod\bin\iPodService.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files\Java\jre6\bin\jusched.exe

    C:\Program Files\Sony\VAIO Care\VCPerfService.exe

    C:\Program Files\Sony\VAIO Care\listener.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files\Sony\VAIO Care\VCsystray.exe

    C:\Program Files\Java\jre6\bin\jucheck.exe

    "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

    C:\Windows\system32\taskeng.exe

    "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\cscript.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.yahoo.com

    uSearch Bar = Preserve

    mDefault_Page_URL = hxxp://www.yahoo.com

    mStart Page = hxxp://www.yahoo.com

    uInternet Settings,ProxyOverride = *.local

    mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    uWindows: Load=C:\Users\Dawn\LOCALS~1\Temp\mseanzse.scr

    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll

    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL

    BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\Partner.dll

    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll

    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    uRun: [EPSON NX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCA.EXE /FU "C:\Windows\TEMP\E_S8BB0.tmp" /EF "HKCU"

    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

    uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

    uRun: [Google Update] "C:\Users\Dawn\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    mRun: [irmBackground.exe] C:\Program Files (x86)\Oracle\Information Rights Management\Desktop\IrmBackground.exe

    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    StartupFolder: C:\Users\Dawn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

    StartupFolder: C:\Users\Dawn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

    LSP: mswsock.dll

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

    TCP: DhcpNameServer = 192.168.0.1

    TCP: Interfaces\{1FB8B11E-6361-4FD2-AA16-FAACC2C19D44} : DhcpNameServer = 216.237.255.231

    TCP: Interfaces\{2D214EF4-0D9B-4895-88A1-175AE650352D} : DhcpNameServer = 192.168.0.1

    TCP: Interfaces\{2D214EF4-0D9B-4895-88A1-175AE650352D}\341626F6C465 : DhcpNameServer = 192.168.1.1

    TCP: Interfaces\{2D214EF4-0D9B-4895-88A1-175AE650352D}\37861646F677 : DhcpNameServer = 192.168.2.1

    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

    Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    Notify: VESWinlogon - VESWinlogon.dll

    BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO-X64: 0x1 - No File

    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO-X64: AcroIEHelperStub - No File

    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

    BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll

    BHO-X64: Symantec NCO BHO - No File

    BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL

    BHO-X64: Symantec Intrusion Prevention - No File

    BHO-X64: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll

    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    BHO-X64: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

    BHO-X64: URLRedirectionBHO - No File

    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

    BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll

    TB-X64: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    mRun-x64: [irmBackground.exe] C:\Program Files (x86)\Oracle\Information Rights Management\Desktop\IrmBackground.exe

    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lxr60s4c.default\

    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=

    FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?ilc=1

    FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc0cb8d&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=

    FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    FF - plugin: C:\Users\Dawn\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

    FF - plugin: C:\Users\Dawn\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

    .

    ---- FIREFOX POLICIES ----

    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

    ============= SERVICES / DRIVERS ===============

    .

    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928]

    R2 OracleIRMServiceHost64;Oracle IRM Desktop Service Host;C:\Program Files\Oracle\Information Rights Management\Desktop\OracleIRMServiceHost64.exe [2011-4-5 293776]

    R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-4-6 257936]

    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]

    R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]

    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?]

    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 135664]

    S2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]

    S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-6-29 1153368]

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-29 250056]

    S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

    S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]

    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 135664]

    S3 mbamchameleon;mbamchameleon;\??\C:\Windows\system32\drivers\mbamchameleon.sys --> C:\Windows\system32\drivers\mbamchameleon.sys [?]

    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-29 113120]

    S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

    S4 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-21 517448]

    S4 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-9-3 6104144]

    S4 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]

    S4 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [2010-10-20 117640]

    S4 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-10-20 332272]

    S4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]

    S4 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]

    S4 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-11-16 189984]

    S4 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-10-20 120104]

    S4 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-10-20 70952]

    S4 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-20 427304]

    S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-10-20 75048]

    S4 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-10-20 91432]

    S4 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-10-20 104960]

    S4 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-10-20 411496]

    S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-7-22 642920]

    S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-20 468264]

    S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-20 357672]

    S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-20 110888]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

    .

    =============== Created Last 30 ================

    .

    2012-07-03 22:12:42 33096 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

    2012-07-02 21:08:12 -------- d-----w- C:\Windows\System32\MpEngineStore

    2012-07-02 21:08:09 328704 ----a-w- C:\Windows\System32\services.exe.0F3929BE6EC451BD

    2012-07-02 17:17:40 -------- d-----w- C:\Program Files\CCleaner

    2012-06-30 05:18:59 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

    2012-06-30 05:18:59 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

    2012-06-30 05:12:23 -------- d-----w- C:\Users\Dawn\AppData\Local\Macromedia

    2012-06-29 21:26:38 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

    2012-06-29 21:26:20 85472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

    2012-06-29 21:26:20 65536 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll

    2012-06-29 21:26:19 867032 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

    2012-06-29 21:26:19 265184 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe

    2012-06-29 21:26:19 19424 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll

    2012-06-29 21:26:19 15755744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll

    2012-06-29 21:26:19 145376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll

    2012-06-29 21:26:15 155104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll

    2012-06-29 21:26:03 91104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll

    2012-06-29 20:50:04 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

    2012-06-29 20:37:34 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-06-23 23:59:16 -------- d-----w- C:\Users\Dawn\AppData\Local\{AD93A9C3-B39A-483E-B1C3-5A9333560D13}

    2012-06-23 23:55:10 -------- d-----w- C:\Users\Dawn\AppData\Local\{9DC0A9B2-3DF0-49CF-98D4-7CF2C783F05E}

    2012-06-23 23:47:59 -------- d-----w- C:\Users\Dawn\AppData\Local\{E9580979-22C8-4796-838F-889CA1D69D10}

    2012-06-23 22:49:15 -------- d-----w- C:\Users\Dawn\AppData\Local\{6FA034D5-5472-40F4-9D80-C46D56F318F6}

    2012-06-23 22:47:21 -------- d-----w- C:\Users\Dawn\AppData\Local\{54F77D18-E6B1-4AF2-8BC3-0C1CF0D7FF51}

    2012-06-23 22:37:57 -------- d-----w- C:\Users\Dawn\AppData\Local\{A8615736-016F-485D-816E-1203F9352EE0}

    2012-06-23 22:35:42 -------- d-----w- C:\Users\Dawn\AppData\Local\{F2E499EE-4B84-465A-85A5-7C79F7A8B2C7}

    2012-06-23 22:29:25 -------- d-----w- C:\Users\Dawn\AppData\Local\{8676D3E3-4320-414C-84F1-96EBBF714D4D}

    2012-06-22 08:03:12 2622464 ----a-w- C:\Windows\System32\wucltux.dll

    2012-06-22 08:02:20 99840 ----a-w- C:\Windows\System32\wudriver.dll

    2012-06-22 08:01:34 36864 ----a-w- C:\Windows\System32\wuapp.exe

    2012-06-22 08:01:34 186752 ----a-w- C:\Windows\System32\wuwebv.dll

    2012-06-22 03:28:17 -------- d-----w- C:\Users\Dawn\AppData\Local\{F3D88124-A972-4EEC-BE31-396627660E13}

    2012-06-22 03:27:59 -------- d-----w- C:\Users\Dawn\AppData\Local\{5D02CA07-2B36-4FC0-8E71-EB14B943D21D}

    2012-06-20 05:52:14 -------- d-----w- C:\Users\Dawn\AppData\Roaming\Local Windows

    2012-06-17 10:38:17 -------- d-----w- C:\Users\Dawn\AppData\Local\{4E47E74F-D1E7-4FFA-88FE-670EF012C193}

    2012-06-16 22:37:34 -------- d-----w- C:\Users\Dawn\AppData\Local\{62FB98D3-522E-4DAA-8956-6E0A3815EAB6}

    2012-06-15 11:57:56 -------- d-----w- C:\Program Files\iTunes

    2012-06-15 11:57:56 -------- d-----w- C:\Program Files\iPod

    2012-06-15 11:57:56 -------- d-----w- C:\Program Files (x86)\iTunes

    2012-06-14 09:01:59 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll

    2012-06-14 09:01:58 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll

    2012-06-14 09:01:58 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll

    2012-06-14 00:04:08 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

    2012-06-14 00:04:08 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

    2012-06-14 00:04:08 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

    2012-06-14 00:03:40 208896 ----a-w- C:\Windows\System32\profsvc.dll

    2012-06-14 00:03:14 5505392 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2012-06-14 00:03:14 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

    2012-06-14 00:03:13 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

    2012-06-14 00:02:44 3144192 ----a-w- C:\Windows\System32\win32k.sys

    2012-06-14 00:02:17 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

    2012-06-14 00:01:50 3213824 ----a-w- C:\Windows\System32\msi.dll

    2012-06-14 00:01:49 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

    2012-06-14 00:00:58 1460224 ----a-w- C:\Windows\System32\crypt32.dll

    2012-06-14 00:00:57 182272 ----a-w- C:\Windows\System32\cryptsvc.dll

    2012-06-14 00:00:57 140288 ----a-w- C:\Windows\System32\cryptnet.dll

    2012-06-14 00:00:57 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll

    2012-06-14 00:00:56 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

    2012-06-14 00:00:54 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

    2012-06-07 05:28:49 -------- d-----w- C:\Users\Dawn\AppData\Local\Amazon

    .

    ==================== Find3M ====================

    .

    2012-07-03 23:42:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

    2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    .

    ============= FINISH: 17:49:48.54 ===============

    Redirect ad trojans

    in Resolved Malware Removal Logs

    Posted

    I run Malwarebytes and it finds two trojans and says they are fixed, but they aren't and they keep showing up. Any help would be appreciated. Here's the log...

    Malwarebytes Anti-Malware 1.61.0.1400

    www.malwarebytes.org

    Database version: v2012.07.03.07

    Windows 7 x64 NTFS

    Internet Explorer 9.0.8112.16421

    Dawn :: DAWN-VAIO [administrator]

    7/3/2012 4:13:54 PM

    mbam-log-2012-07-03 (16-13-54).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 211504

    Time elapsed: 4 minute(s), 55 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 1

    HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Dawn\LOCALS~1\Temp\mseanzse.scr -> Delete on reboot.

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 1

    C:\Windows\Installer\{38610bf7-0be3-d694-27e7-a73f4bef753f}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

    (end)

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.