Jump to content

jojobon

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Everything posted by jojobon

  1. jojobon
    Thank u Fred..there was a major problem when I got to the combo fix portion..it totally killed my IE and my FF! I had to do a system restore to before I ran it and things appear to be aok now. I don't understand combofix unfortunately so have not a clue what it did or how it did it. I did run the other proggies and have the txt's that were done with them but for now all systems seem to be back in working order and running smoothly. I had no virus's according to malwarebytes and ran Spybot and nothing there and nothing on the anti root scan either. I appreciate your fast help and will see how things go for now. Many Blessings Jojo
  2. jojobon
    Hi!, My laptop started running very sluggish last week after someone else had used it and have been seeing all kind of odd ads showing up in FF and in IE. I did an uninstall and then reinstall of clean FF program after running malwarebytes and Spybot. I still have some of the issues now so reran Malwarebytes and it comes up clean. Ran the DDS and below are it's results. Please help me clean this up..I have kept a clean computer since I got this and just Hate the popups I am getting and how slow eveything is running. Many thanks! jojo ------------------------------------------------------------------------------------------------------------------------- DS LOG: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.25.2 Run by Jolene at 21:58:15 on 2013-06-30 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.1472 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\ASTSRV.EXE C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxpers.exe C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\wkcalrem.exe C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe C:\Windows\system32\nlsInterface.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Windows\SysWOW64\PSIService.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\igfxext.exe C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WksCal.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uProxyOverride = <local> BHO: AutorunsDisabled - <orphaned> BHO: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jolene\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll uRun: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe uRun: [AdobeBridge] <no file> mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent dRun: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe StartupFolder: C:\Users\Jolene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\Users\Jolene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\JUSTCL~1.LNK - C:\Program Files (x86)\JustCloud\JustCloud.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Windows\Installer\{0CD3BB5C-BBCA-11D2-8C20-00C04FBBCFF9}\A94AAB13.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Download All By FlashGet3 - C:\Users\Jolene\AppData\Roaming\FlashGetBHO\GetAllUrl.htm IE: Download By FlashGet3 - C:\Users\Jolene\AppData\Roaming\FlashGetBHO\GetUrl.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Save with Download Manager... - C:\Program Files (x86)\TOTALmusic\DMDownload.htm IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll Trusted Zone: 4shared.com TCP: NameServer = 207.255.0.43 207.255.0.45 TCP: Interfaces\{B47D013B-CB0A-40B6-B94B-25EF2F501AA8} : DHCPNameServer = 207.255.0.43 207.255.0.45 TCP: Interfaces\{B47D013B-CB0A-40B6-B94B-25EF2F501AA8}\2456C6B696E6F5534656535336 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{B47D013B-CB0A-40B6-B94B-25EF2F501AA8}\742716E646563586F627563755E69647 : DHCPNameServer = 10.0.0.1 TCP: Interfaces\{B47D013B-CB0A-40B6-B94B-25EF2F501AA8}\742716E646563586F6275637F4365616E6255637F6274705842323 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{B47D013B-CB0A-40B6-B94B-25EF2F501AA8}\742716E646563586F6275637F4365616E6255637F6274705842333 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{B47D013B-CB0A-40B6-B94B-25EF2F501AA8}\A6F6A6F626F6E6D27657563747 : DHCPNameServer = 207.255.0.43 207.255.0.45 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - www.google.com FF - component: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\components\TmFFExt.dll FF - component: C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-05-13 11:04; facepaste.firefox.addon@azabani.com; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\facepaste.firefox.addon@azabani.com.xpi FF - ExtSQL: 2013-05-28 12:09; ftdownloader4@ftdownloader.com; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\ftdownloader4@ftdownloader.com.xpi FF - ExtSQL: 2013-06-11 06:50; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi FF - ExtSQL: 2013-06-17 14:29; uefwa-7pcu@wyiauydcorfx.co.uk; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\uefwa-7pcu@wyiauydcorfx.co.uk FF - ExtSQL: 2013-06-17 14:29; mtdukrch@euoarvco.com; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\mtdukrch@euoarvco.com FF - ExtSQL: 2013-06-18 00:40; uriloader@pdf.js; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\uriloader@pdf.js.xpi FF - ExtSQL: 2013-06-25 20:47; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-06-25 20:51; feca4b87-3be4-43da-a1b1-137c24220968@jetpack; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi FF - ExtSQL: 2013-06-25 20:57; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi FF - ExtSQL: 2013-06-26 08:37; {aff87fa2-a58e-4edd-b852-0a20203c1e17}; C:\Users\Jolene\AppData\Roaming\Mozilla\Firefox\Profiles\pwlv0oxb.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - c8c5b96c000000000000904ce5965eb3 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15873 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.519:58:19 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=120007 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . . ============= SERVICES / DRIVERS =============== . R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-6-24 14456] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R2 ASTSRV;Nalpeiron Licensing Service;C:\Windows\System32\ASTSRV.EXE --> C:\Windows\System32\ASTSRV.EXE [?] R2 ePowerSvc;Acer ePower Service;C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2009-11-5 844320] R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-8-28 1150496] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-20 13336] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 130008] R2 nlsInterface;Nalpeiron Licensing Service 64-bit;C:\Windows\System32\nlsInterface.exe [2010-9-24 72192] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-11-5 58880] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2010-5-14 271712] S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-5-14 329952] S3 LVUVC64;Logitech Webcam C210(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-5-14 6465760] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-28 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-11-5 225280] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-28 57856] S4 BackupStack;Computer Backup (JustCloud);C:\Program Files (x86)\JustCloud\BackupStack.exe [2013-3-7 32808] S4 CFUACProxy_c2smb;CFUACProxy_c2smb;C:\ProgramData\Clickfree\C2SMB\UACProxy.exe [2011-1-15 83792] S4 CFUACProxy_c2smb_m;CFUACProxy_c2smb_m;C:\ProgramData\Clickfree\C2SMB_M\UACProxy.exe [2012-3-18 83792] S4 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-6-28 17152] S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976] S4 lxee_device;lxee_device;C:\Windows\System32\lxeecoms.exe -service --> C:\Windows\System32\lxeecoms.exe -service [?] S4 lxeeCATSCustConnectService;lxeeCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxeeserv.exe [2011-7-9 45736] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-07-01 01:28:50 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-07-01 01:28:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 01:18:40 -------- d-----w- C:\Users\Jolene\AppData\Local\{3DA1681E-2638-4F3A-A12F-774C60A1ADF8} 2013-06-30 17:22:50 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C0474C5E-5EE1-4030-B333-398138E6C188}\mpengine.dll 2013-06-28 04:02:34 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-28 02:06:04 -------- d-----w- C:\Users\Jolene\AppData\Local\{B4C3E628-D932-4432-B379-A582C223E27A} 2013-06-26 02:21:47 -------- d-----w- C:\Users\Jolene\AppData\Local\{9E3BDBC3-30BA-4CBE-AAF0-E3698D3ABF2E} 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll 2013-06-26 01:25:00 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll 2013-06-26 01:14:20 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-26 01:14:04 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-26 00:06:11 -------- d-----w- C:\Program Files (x86)\Enigma Software Group 2013-06-26 00:01:56 -------- d-----w- C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP 2013-06-25 19:43:55 -------- d-----w- C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP 2013-06-25 19:43:46 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-06-25 18:29:54 -------- d-----w- C:\Users\Jolene\AppData\Local\Programs 2013-06-24 08:06:21 -------- d-----w- C:\Users\Jolene\AppData\Roaming\LavasoftStatistics 2013-06-24 08:04:55 47496 ----a-w- C:\Windows\System32\sbbd.exe 2013-06-24 08:04:55 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys 2013-06-24 08:04:53 -------- d-----w- C:\Users\Jolene\AppData\Roaming\Ad-Aware Antivirus 2013-06-24 07:04:06 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{726E99A8-526C-4FDF-B0D6-F26EA1DD067D}\gapaengine.dll 2013-06-24 02:35:23 -------- d-----w- C:\Users\Jolene\AppData\Local\{F3BE8C44-82B0-4241-B36D-9D2157AD83E8} 2013-06-22 20:50:35 -------- d-----w- C:\Users\Jolene\AppData\Local\{6B595218-497D-4FD2-A82B-62C4A145060C} 2013-06-22 07:50:01 -------- d-----w- C:\Users\Jolene\AppData\Local\{E2B08789-8A88-430D-8CB6-535779F6FEA6} 2013-06-20 02:48:26 -------- d-----w- C:\Users\Jolene\AppData\Local\{58F30B44-EAC8-427C-8B86-78645EBEA12F} 2013-06-19 14:48:00 -------- d-----w- C:\Users\Jolene\AppData\Local\{A044EBA9-342C-4148-847A-C57E9672BBAB} 2013-06-19 02:47:47 -------- d-----w- C:\Users\Jolene\AppData\Local\{752CE787-BE61-44DF-85FC-10D6E210EF6C} 2013-06-18 18:19:16 -------- d-----w- C:\Windows\BBSTORE 2013-06-18 14:47:20 -------- d-----w- C:\Users\Jolene\AppData\Local\{521D68CF-1E8C-4F85-91D2-0E0F899572D1} 2013-06-18 12:59:27 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center 2013-06-18 01:16:58 22016 ----a-r- C:\Users\Jolene\AppData\Roaming\Microsoft\Installer\{8BEB3810-2B1A-11D3-ABD9-00C04FB943A9}\1F965547.exe 2013-06-17 23:53:11 -------- d-----w- C:\Users\Jolene\AppData\Roaming\YourFileDownloader 2013-06-17 18:43:41 -------- d-----w- C:\Users\Jolene\AppData\Local\{766834E7-B786-4F6F-B402-3EF49E7F6EF1} 2013-06-17 18:20:34 -------- d-----w- C:\Users\Jolene\AppData\Local\UnitLayers 2013-06-17 17:44:22 -------- d-----w- C:\ProgramData\StarApp 2013-06-17 17:41:14 -------- d-----w- C:\ProgramData\SearchNewTab 2013-06-17 17:40:52 -------- d-----w- C:\ProgramData\sayfe ssauve 2013-06-17 17:33:08 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll 2013-06-17 17:33:08 1447728 ----a-w- C:\Windows\System32\dmwu.exe 2013-06-17 17:30:46 -------- d-----w- C:\ProgramData\Tarma Installer 2013-06-17 17:30:40 -------- d-----w- C:\Users\Jolene\AppData\Local\PutLockerDownloader 2013-06-17 06:43:30 -------- d-----w- C:\Users\Jolene\AppData\Local\{DCEE4C9F-0D2A-499E-9C4E-CBA133FB436E} 2013-06-15 00:48:13 -------- d-----w- C:\Users\Jolene\AppData\Local\{E8289CB0-170E-40D6-B048-2C2E588E40B9} 2013-06-11 18:27:12 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-06-11 18:27:12 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-06-11 18:27:11 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-11 18:27:05 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-06-11 18:27:05 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-06-11 18:27:00 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-06-11 18:27:00 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-06-11 18:26:53 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-06-11 18:26:53 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-06-11 18:26:52 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-06-11 18:26:51 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-06-11 18:26:51 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-06-11 18:26:51 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-06-11 18:26:46 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-06-11 18:26:46 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-06-11 18:26:45 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-06-11 18:26:45 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-06-11 18:26:35 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-06-11 18:26:35 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-06-07 20:01:47 -------- d-----w- C:\Users\Jolene\AppData\Roaming\DirectoryListPrintPro 2013-06-07 19:34:23 -------- d-----w- C:\Users\Jolene\AppData\Local\SimpleFileLister 2013-06-07 19:21:12 -------- d-----w- C:\Program Files (x86)\File & Folder List Maker 2013-06-07 06:30:43 -------- d-----w- C:\Users\Jolene\AppData\Local\{0119AD60-1D61-4F0F-8C39-32371BC4E111} 2013-06-04 20:56:46 -------- d-----w- C:\Users\Jolene\AppData\Local\{AB21A4EE-DEBF-4241-B0F8-E4BEE0D88C1B} 2013-06-03 21:18:36 -------- d-----w- C:\Users\Jolene\AppData\Local\{0161BFDD-0C77-4720-AF9B-5D711F97019E} 2013-06-03 20:19:23 -------- d-----w- C:\Users\Jolene\AppData\Roaming\PresetViewerBreeze.TumaSoft 2013-06-03 20:19:09 -------- d-----w- C:\Program Files (x86)\TumaSoft LLC 2013-06-03 03:20:03 -------- d-----w- C:\Users\Jolene\AppData\Local\{E3FBCD2D-A521-4AC8-8823-8A73E8FA890A} 2013-06-03 03:18:19 -------- d-----w- C:\Users\Jolene\AppData\Local\{77F28DE5-4C3D-4619-8921-42903F14DBF8} . ==================== Find3M ==================== . 2013-06-26 01:20:01 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-26 01:20:01 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-26 01:13:29 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 19:36:12 828872 ----a-w- C:\Windows\System32\msvcr110.dll 2013-05-13 19:36:12 661448 ----a-w- C:\Windows\System32\msvcp110.dll 2013-05-13 19:36:12 354264 ----a-w- C:\Windows\System32\vccorlib110.dll 2013-05-13 19:36:12 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll 2013-05-13 19:36:10 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll 2013-05-13 19:36:10 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll 2013-05-13 19:36:06 50864 ----a-w- C:\Windows\System32\drivers\point64.sys 2013-05-13 19:36:06 2274480 ----a-w- C:\Windows\System32\coin94.dll 2013-05-10 07:57:38 27208 ----a-w- C:\Windows\System32\AdobePDFUI.dll 2013-05-10 07:57:34 55872 ----a-w- C:\Windows\System32\AdobePDF.dll 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-05-01 07:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2013-05-01 07:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 22:00:23.85 =============== hAVE THE ATTACH LOG SAVED IF IT IS NEEDED.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.