Jump to content

spurs2001

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by spurs2001

  1. RK Report: RogueKiller V8.7.2 [Oct 3 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : TAB [Admin rights] Mode : Scan -- Date : 10/14/2013 16:18:41 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DLL][sUSP PATH] HKLM\[...]\CCSet\[...]\Parameters : ServiceDll (C:\PROGRA~3\frbnemqbnfr.pzz [x]) -> FOUND [HJ DLL][sUSP PATH] HKLM\[...]\CS001\[...]\Parameters : ServiceDll (C:\PROGRA~3\frbnemqbnfr.pzz [x]) -> FOUND [HJ DLL][sUSP PATH] HKLM\[...]\CS002\[...]\Parameters : ServiceDll (C:\PROGRA~3\frbnemqbnfr.pzz [x]) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤ [TAB][Rans.Gendarm] frbnemqbnfr.lnk : C:\Users\TAB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\frbnemqbnfr.lnk @C:\Windows\System32\rundll32.exe C:\PROGRA~3\rfnbqmenbrf.plz,GL300 [-][7][-] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : Rans.Gendarm ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ( @ ) - +++++ --- User --- [MBR] 3c103a1d1ae73ab052f3ee74c44818da [bSP] 329d995dfae54d13ed53511da10c466e : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 592872 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1217275904 | Size: 16107 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_10142013_161841.txt >>
  2. Attach: . ==== Installed Programs ====================== . ActiveX-kontroll för fjärranslutningar för Windows Live Mesh Adobe AIR Adobe Digital Editions 2.0 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.0) MUI Agatha Christie - Death on the Nile Aloha TriPeaks Apple Application Support Apple Mobile Device Support Apple Software Update BBC iPlayer Desktop Bejeweled 3 Bet Angel - Professional Cake Mania CCleaner Chuzzle Deluxe D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Driver Restore Google Chrome Google Update Helper High-Definition Video Playback Insaniquarium Deluxe Intel® Manageability Engine Firmware Recovery Agent Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client iTunes Java Auto Updater Java 6 Update 30 Jewel Quest Solitaire 2 Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 24.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Mystery P.I. - The London Caper Nero 11 Essentials Nero 11 Kwik Themes Basic Nero BackItUp 11 Nero BackItUp 11 Help (CHM) Nero Backup Drivers Nero BurnRights 11 Nero BurnRights 11 Help (CHM) Nero ControlCenter 11 Nero ControlCenter 11 Help (CHM) Nero Core Components 11 Nero Express 11 Nero Express 11 Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero RescueAgent 11 Nero RescueAgent 11 Help (CHM) Nero Update nero.prerequisites.msi Norton 360 Norton PC Checkup Paddy Power Poker Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Polar Bowler Premium Sound HD QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Skype™ 5.10 Spotify Synaptics Pointing Device Driver Torch TOSHIBA Assist TOSHIBA Disc Creator TOSHIBA eco Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Manuals TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA Online Product Information TOSHIBA PC Health Monitor TOSHIBA Places Icon Utility TOSHIBA Recovery Media Creator TOSHIBA Recovery Media Creator Reminder TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA TEMPRO TOSHIBA Value Added Package TOSHIBA Web Camera Application Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition Update Installer for WildTangent Games App VBA (2627.01) Virtual Villagers 4 - The Tree of Life welcome WildTangent Games WildTangent Games App (Toshiba Games) Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalleri Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX Control for Remote Connections Windows Live Meshin etäyhteyksien ActiveX-komponentti Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima . ==== End Of File ===========================
  3. DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 Run by TAB at 16:05:36 on 2013-10-14 . ============== Running Processes ================ . C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{982B27A0-D2CC-4909-A470-CA634DB767CC} : NameServer = 127.0.0.1 TCP: Interfaces\{AB2FBCC4-98F9-43D6-8EF3-35F8A9925D34} : DHCPNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{AB2FBCC4-98F9-43D6-8EF3-35F8A9925D34}\244584F6D656845726D253140334 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{AB2FBCC4-98F9-43D6-8EF3-35F8A9925D34}\35B4950333038353 : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [sRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\TAB\AppData\Roaming\Mozilla\Firefox\Profiles\46dgl0fq.default\ FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll . ============= SERVICES / DRIVERS =============== . R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64 R? GamesAppService;GamesAppService R? McComponentHostService;McAfee Security Scan Component Host Service R? NAUpdate;Nero Update R? SkypeUpdate;Skype Updater R? TDEIO;TDEIO R? TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO) R? TOSHIBA eco Utility Service;TOSHIBA eco Utility Service R? TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service R? TPCHSrv;TPCH Service R? TsUsbFlt;TsUsbFlt R? TsUsbGD;Remote Desktop Generic USB Device R? USBAAPL64;Apple Mobile USB Driver R? WatAdminSvc;Windows Activation Technologies Service R? wlcrasvc;Windows Live Mesh remote connections service S? BHDrvx64;BHDrvx64 S? ccSet_N360;Norton 360 Settings Manager S? EraserUtilRebootDrv;EraserUtilRebootDrv S? GFNEXSrv;GFNEX Service S? IDSVia64;IDSVia64 S? IntcDAud;Intel® Display Audio S? Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface S? Intel® ME Service;Intel® ME Service S? iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver S? iusb3hub;Intel® USB 3.0 Hub Driver S? iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver S? jhi_service;Intel® Dynamic Application Loader Host Interface Service S? MBAMProtector;MBAMProtector S? MBAMScheduler;MBAMScheduler S? MBAMService;MBAMService S? N360;Norton 360 S? NBVol;Nero Backup Volume Filter Driver S? NBVolUp;Nero Backup Volume Upper Filter Driver S? Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher S? PGEffect;Pangu effect driver S? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader S? RTL8167;Realtek 8167 NT Driver S? RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver S? SymDS;Symantec Data Store S? SymEFA;Symantec Extended File Attributes S? SymIRON;Symantec Iron Driver S? SymNetS;Symantec Network Security WFP Driver S? TMachInfo;TMachInfo S? tos_sps64;TOSHIBA tos_sps64 Service S? TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver S? UNS;Intel® Management and Security Application User Notification Service . =============== Created Last 30 ================ . 2013-10-14 13:20:23 -------- d-----w- C:\ProgramData\McAfee Security Scan 2013-10-14 13:20:17 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan 2013-10-14 01:14:38 -------- d-----w- C:\Program Files\CCleaner 2013-10-13 21:10:16 176128 ----a-w- C:\ProgramData\rfnbqmenbrf.plz 2013-10-10 08:07:07 633856 ----a-w- C:\windows\System32\comctl32.dll 2013-10-10 08:07:06 530432 ----a-w- C:\windows\SysWow64\comctl32.dll 2013-10-10 08:07:03 70656 ----a-w- C:\windows\SysWow64\fontsub.dll 2013-10-10 08:07:03 46080 ----a-w- C:\windows\System32\atmlib.dll 2013-10-10 08:07:03 41472 ----a-w- C:\windows\System32\lpk.dll 2013-10-10 08:07:03 368128 ----a-w- C:\windows\System32\atmfd.dll 2013-10-10 08:07:03 295424 ----a-w- C:\windows\SysWow64\atmfd.dll 2013-10-10 08:07:03 25600 ----a-w- C:\windows\SysWow64\lpk.dll 2013-10-10 08:07:03 14336 ----a-w- C:\windows\System32\dciman32.dll 2013-10-10 08:07:03 10240 ----a-w- C:\windows\SysWow64\dciman32.dll 2013-10-10 08:07:03 100864 ----a-w- C:\windows\System32\fontsub.dll 2013-10-10 08:07:02 34304 ----a-w- C:\windows\SysWow64\atmlib.dll 2013-10-10 08:07:00 785624 ----a-w- C:\windows\System32\drivers\Wdf01000.sys 2013-10-10 08:03:32 124112 ----a-w- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 08:03:32 102608 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 08:03:07 983488 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys 2013-10-10 08:01:43 461312 ----a-w- C:\windows\System32\scavengeui.dll 2013-09-18 13:50:56 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-18 13:50:56 -------- d-----w- C:\Program Files\iTunes 2013-09-18 13:50:56 -------- d-----w- C:\Program Files\iPod 2013-09-18 13:50:56 -------- d-----w- C:\Program Files (x86)\iTunes 2013-09-17 12:42:45 -------- d-----w- C:\ProgramData\Browser Manager 2013-09-17 08:52:40 -------- d-----w- C:\Users\TAB\AppData\Local\Bundled software uninstaller 2013-09-17 08:52:13 -------- d-----w- C:\Users\TAB\AppData\Local\WebPlayer 2013-09-17 08:46:51 -------- d-----w- C:\ProgramData\Kingsoft 2013-09-17 08:44:58 -------- d-----w- C:\Program Files (x86)\Kingsoft 2013-09-17 08:44:57 -------- d-----w- C:\Users\TAB\AppData\Roaming\Kingsoft . ==================== Find3M ==================== . 2013-10-14 13:29:33 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-14 13:29:33 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-09-22 23:28:06 1767936 ----a-w- C:\windows\SysWow64\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-09-22 23:27:48 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2013-09-22 23:27:48 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\windows\System32\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\windows\System32\jscript9.dll 2013-09-22 22:54:50 67072 ----a-w- C:\windows\System32\iesetup.dll 2013-09-22 22:54:50 136704 ----a-w- C:\windows\System32\iesysprep.dll 2013-09-21 03:38:39 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2013-09-21 03:30:24 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-09-21 02:48:36 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2013-09-21 02:39:47 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2013-09-14 01:10:19 497152 ----a-w- C:\windows\System32\drivers\afd.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll 2013-08-29 02:17:48 5549504 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\windows\System32\ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\windows\System32\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\windows\System32\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\windows\System32\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\windows\SysWow64\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\windows\SysWow64\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\windows\apppatch\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\windows\SysWow64\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\windows\System32\win32k.sys 2013-08-05 02:25:45 155584 ----a-w- C:\windows\System32\drivers\ataport.sys 2013-08-04 14:10:03 88512 ----a-w- C:\windows\System32\drivers\hola_mon_drv.sys 2013-08-04 14:10:03 87232 ----a-w- C:\windows\System32\drivers\hola_net.sys 2013-08-04 14:10:03 582080 ----a-w- C:\windows\System32\drivers\hola_drv.sys 2013-08-02 02:14:57 215040 ----a-w- C:\windows\System32\winsrv.dll 2013-08-02 02:13:34 424448 ----a-w- C:\windows\System32\KernelBase.dll 2013-08-02 01:50:42 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\windows\System32\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\windows\System32\smss.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL 2013-07-19 01:58:42 2048 ----a-w- C:\windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll . ============= FINISH: 16:07:16.95 ===============
  4. Hi, Thanks in advance for any help you give me!! I'm really impressed and grateful for the products you supply. Your software is working really well, but I have a message that keeps popping up saying:- Malwarebytes successfully blocked access to a potentially malicious website: 37.139.53.244. Type: outgoing Port: 49693, Process: rundll32.exe I've done a full scan with Norton antivirus and malwarebytes as well using CCleaner to delete all internet files, but nothing has been found. I've rebooted the system a couple of times and the message is popping up all the time, not just when an internet browser's open. The website seems to be based in Russia, but I have no idea what it relates to and haven't got any other clues from google. Hope you can help!!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.