Jump to content

8DollarBill

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

1 Neutral
  1. I have entered my info to disable auto renewal. Thanks
  2. I tried going to "Manage Accounts" but could not connect. Is there an email where I can reach someone?
  3. I have read that ASC has pirated some of your scripts. Sorry about this. But PLEASE get out of this pissing contest as Malwarebytes is continually harassing me that ASC is a PUP.. Even when I update ASC, MB kills the program. Popups, right now are asking me to quarantine ASC. Yeah, there is a workaround or stop MBAM from ignoring ASC or even stopping MBAM flagging ALL PUPs, but, come on fellows. Get your differences settled so that we customers are caught in the middle. I am a Premium Member, and thinking about canceling Malwarebytes going straight to Zeman or someone else. I don't really like ASC Malware Fighter, but ..... GET the Picture!!
  4. Disabled popup notifications in Malwarebytes, but still concerned in that uTorrents is still trying to upload to possibly malicious sites. Can not make the combofix.exe work. Followed instructions. Disabled anti-virus (MSE) and Windows firewall. Ran combofix from desktop. A DOS window flashed for about 1/2 second and showed a folder (numbers and letters) at my root C: drive. Nothing else. When I went to that folder, it was empty. Taskmanager does not show combofix running. What did I do wrong? Here is dds log.PLEASE NOTE PROTECTION LOG FROM MBAM at end of this log. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Bill Marsh at 9:38:09 on 2011-11-16 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.891 [GMT -5:00] . AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Mamutu\a2service.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\CISVC.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Synology Data Replicator 3\SynoDrService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Chameleon Manager\monitor.exe C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Program Files\Process Lasso\processlasso.exe C:\Windows\Explorer.EXE C:\Program Files\Process Lasso\processgovernor.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Mamutu\mamutu.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE C:\Program Files\Aston2\Aston2.exe C:\Users\Bill Marsh\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Program Files\AnVir Task Manager\AnVir.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Bill Marsh\Local Settings\Apps\F.lux\flux.exe C:\Users\Bill Marsh\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Microsoft Office\Office14\EXCEL.EXE C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Windows\system32\rundll32.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\explorer.exe C:\Users\Bill Marsh\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2207613 uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = 192.168.*.*;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: H - No File uURLSearchHooks: H - No File BHO: Disabled:{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll TB: CaptureSaver: {5148ab7d-8868-4490-b6da-f98368488582} - c:\program files\capturesaver\CaptureSaverIE.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [GrooveMonitor] c:\program files\microsoft office\office14\GROOVEMN.EXE uRun: [Google Update] "c:\users\bill marsh\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Aston2] "c:\program files\aston2\Aston2.exe" uRun: [AnVir Task Manager] "c:\program files\anvir task manager\AnVir.exe" Minimized uRun: [1BBD3F16F126965EF1DD45662C6C31343DB3F257._service_run] "c:\users\bill marsh\appdata\local\google\chrome\application\chrome.exe" --type=service uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED uRun: [F.lux] "c:\users\bill marsh\local settings\apps\f.lux\flux.exe" /noshow mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Mamutu Guard] "c:\program files\mamutu\mamutu.exe" /silent mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [Everything] "c:\program files\everything\Everything.exe" -startup mRun: [<NO NAME>] mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe" mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun StartupFolder: c:\users\billma~1\appdata\roaming\micros~1\windows\startm~1\programs\utilit~1\startup\dropbox.lnk - c:\users\bill marsh\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\users\billma~1\appdata\roaming\micros~1\windows\startm~1\programs\utilit~1\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to CaptureSaver - c:\program files\capturesaver\\AddFromIE.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Open Client to monitor &1 IE: Open Client to monitor &2 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - {5148AB7D-8868-4490-B6DA-F98368488582} - c:\program files\capturesaver\CaptureSaverIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/da2/PCPitStop2.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{EDFA2DBF-5A46-4AF2-A7AA-2D9937111EE8} : DhcpNameServer = 192.168.2.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll AppInit_DLLs: c:\progra~1\google\gobca7~1\GO36F4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2207613&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Softonic English FF Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2207613&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/mb59/?loc=ff_address_bar&u=92541620347806409&search= FF - component: c:\program files\adobe\acrobat 10.0\acrobat\browser\wcfirefoxextn\components\WCFirefoxExtn.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko19.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko5.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko6.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko7.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\users\bill marsh\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\users\bill marsh\appdata\roaming\facebook\npfbplugin_1_0_0.dll FF - plugin: c:\users\bill marsh\appdata\roaming\facebook\npfbplugin_1_0_1.dll FF - plugin: c:\users\bill marsh\appdata\roaming\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\users\bill marsh\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\bill marsh\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com FF - Ext: Gmail Manager: {582195F5-92E7-40a0-A127-DB71295901D7} - %profile%\extensions\{582195F5-92E7-40a0-A127-DB71295901D7} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} FF - Ext: <![CDATA[1-ClickWeather]]>: {DCBD1271-D228-4082-9FBC-36D9B7660B03} - %profile%\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03} FF - Ext: NetVideoHunter: netvideohunter@netvideohunter.com - %profile%\extensions\netvideohunter@netvideohunter.com FF - Ext: SimilarWeb: FirefoxAddon@similarWeb.com - %profile%\extensions\FirefoxAddon@similarWeb.com FF - Ext: BabelFish: {ca0849e8-2c76-42ae-9abe-34e14d337acf} - %profile%\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: gTranslate: {aff87fa2-a58e-4edd-b852-0a20203c1e17} - %profile%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com FF - Ext: Softonic English FF Community Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - %profile%\extensions\{ffa0793e-3980-4be4-8234-048fa665f700} FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\real\realplayer\browserrecordplugin\firefox\Ext FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files\adobe\acrobat 10.0\acrobat\browser\WCFirefoxExtn FF - Ext: CaptureSaver: CaptureSaver@goldgingko.com - c:\program files\capturesaver\Firefox . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - 802e6f29-9b82-4a96-a402-1881d0c58d51 . ============= SERVICES / DRIVERS =============== . R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-5-5 31112] R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-5-5 37256] R0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys [2011-5-5 21896] R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2010-2-3 56208] R1 a2injectiondriver;a2injectiondriver;c:\program files\mamutu\a2dix86.sys [2011-7-14 34768] R1 a2util;a-squared Malware-IDS utility driver;c:\program files\mamutu\a2util32.sys [2011-7-14 11776] R1 AntiLog32;AntiLog32;c:\program files\antilogger\AntiLog32.sys [2011-7-21 121560] R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-5-5 15240] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648] R1 MpKsl6eb836c9;MpKsl6eb836c9;c:\programdata\microsoft\microsoft antimalware\definition updates\{3826bf66-f3ab-4461-8c06-408bbf45d708}\MpKsl6eb836c9.sys [2011-11-15 28752] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-12 176128] R2 Mamutu;Mamutu Service;c:\program files\mamutu\a2service.exe [2011-7-14 2978720] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-2 366152] R2 SITomcat;SI Tomcat;c:\program files\gm spo\esi\apache group\tomcat 4.1\bin\tomcat.exe [2003-10-27 65536] R2 SynoDrService;SynoDrService;c:\program files\synology data replicator 3\SynoDrService.exe [2010-4-29 245760] R3 a2acc;a2acc;c:\program files\mamutu\a2accx86.sys [2011-7-14 51632] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-10-12 8598528] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-10-12 257024] R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2011-7-14 16640] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-11-8 211984] R3 EUDISK;EASEUS Disk Enumerator;c:\windows\system32\drivers\eudisk.sys [2011-5-5 188808] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2011-4-30 42648] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2011-4-30 12184] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-2 22216] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2011-3-14 31848] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-5-6 133104] S2 SITransbase;SI Transbase;c:\program files\gm spo\esi\transbase\tbmux32.exe [2001-11-20 165376] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-2-2 14216] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-2-2 8456] S3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\FarMntIo.sys [2011-7-20 20824] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-5-24 30192] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-5-6 133104] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-12-3 20352] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-1-29 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2010-4-1 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2010-1-25 9472] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] S3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\drivers\Razerlow.sys [2005-4-24 13225] S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2011-3-14 31848] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-5 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-28 1343400] S4 EASEUS Agent;EASEUS Agent;c:\program files\easeus\todo backup\bin\Agent.exe [2011-5-5 56200] S4 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-1-27 226624] S4 Paragon System Backup Service;Paragon System Backup Service;c:\program files\paragon software\system backup 9.5\program\dbhservice.exe [2010-5-6 150096] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2011-11-15 20:38:18 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3826bf66-f3ab-4461-8c06-408bbf45d708}\MpKsl6eb836c9.sys 2011-11-15 20:38:15 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3826bf66-f3ab-4461-8c06-408bbf45d708}\offreg.dll 2011-11-15 13:34:30 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3826bf66-f3ab-4461-8c06-408bbf45d708}\mpengine.dll 2011-11-13 02:36:21 -------- d-----w- c:\programdata\Aviosoft 2011-11-13 02:36:21 -------- d-----w- c:\program files\Aviosoft 2011-11-11 08:06:41 -------- d-----w- c:\programdata\Cisco Systems 2011-11-10 14:08:05 -------- d-----w- c:\program files\uTorrent 2011-11-10 14:07:21 -------- d-----w- c:\users\bill marsh\appdata\local\uTorrent 2011-11-09 23:45:08 -------- d-----w- c:\programdata\Mirolit 2011-11-09 23:45:05 -------- d-----w- c:\program files\Mirolit 2011-11-09 05:51:04 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 05:51:02 708608 ----a-w- c:\program files\common files\system\wab32.dll 2011-11-09 05:51:01 2341888 ----a-w- c:\windows\system32\win32k.sys 2011-11-09 03:18:42 0 ----a-w- c:\windows\ativpsrm.bin 2011-11-09 01:39:03 -------- d-----w- c:\program files\AMD APP 2011-11-09 01:34:29 -------- dc----w- C:\ATI 2011-11-09 01:24:20 -------- d-----w- c:\users\bill marsh\appdata\local\ATI 2011-11-09 01:18:49 -------- d-----w- c:\program files\common files\ATI Technologies 2011-11-09 01:18:39 211984 ----a-w- c:\windows\system32\drivers\AtihdW73.sys 2011-11-09 01:18:09 52736 ----a-w- c:\windows\system32\coinst.dll 2011-11-08 22:14:48 -------- d-----w- c:\windows\B4F3A360E1E2479DADE79BE3B07F4539.TMP 2011-11-08 21:23:28 -------- d-----w- c:\program files\ATI Technologies 2011-11-08 21:23:27 -------- d-----w- c:\program files\ATI 2011-11-02 23:40:30 -------- d-----w- c:\users\bill marsh\appdata\roaming\Malwarebytes 2011-11-02 23:40:16 -------- d-----w- c:\programdata\Malwarebytes 2011-11-02 23:40:09 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-02 23:40:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-30 16:27:56 -------- dc----w- C:\- 0 Since Gracie and Gunther 2011-10-28 11:52:24 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-10-19 14:08:48 -------- d-----w- c:\program files\Belarc 2011-10-19 01:56:40 -------- dc----w- C:\Torrent Downloads . ==================== Find3M ==================== . 2011-10-12 21:16:30 56832 ----a-w- c:\windows\system32\OpenVideo.dll 2011-10-12 21:15:40 13753856 ----a-w- c:\windows\system32\amdocl.dll 2011-10-12 20:55:06 8598528 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2011-10-12 20:14:36 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2011-10-12 20:14:26 736768 ----a-w- c:\windows\system32\aticfx32.dll 2011-10-12 20:10:28 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-10-12 20:10:00 397312 ----a-w- c:\windows\system32\atieclxx.exe 2011-10-12 20:09:32 176128 ----a-w- c:\windows\system32\atiesrxx.exe 2011-10-12 20:08:24 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2011-10-12 20:08:10 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2011-10-12 20:07:52 20992 ----a-w- c:\windows\system32\atimuixx.dll 2011-10-12 20:07:44 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2011-10-12 20:04:42 4231680 ----a-w- c:\windows\system32\atidxx32.dll 2011-10-12 20:04:14 18630656 ----a-w- c:\windows\system32\atioglxx.dll 2011-10-12 19:46:18 46080 ----a-w- c:\windows\system32\aticalrt.dll 2011-10-12 19:46:08 44032 ----a-w- c:\windows\system32\aticalcl.dll 2011-10-12 19:44:28 4289024 ----a-w- c:\windows\system32\atiumdag.dll 2011-10-12 19:44:20 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2011-10-12 19:42:56 8391680 ----a-w- c:\windows\system32\aticaldd.dll 2011-10-12 19:33:10 4174848 ----a-w- c:\windows\system32\atiumdva.dll 2011-10-12 19:31:20 335872 ----a-w- c:\windows\system32\atiadlxx.dll 2011-10-12 19:31:02 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2011-10-12 19:30:50 32768 ----a-w- c:\windows\system32\atigktxx.dll 2011-10-12 19:30:18 257024 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2011-10-12 19:29:42 31744 ----a-w- c:\windows\system32\atiuxpag.dll 2011-10-12 19:29:26 29184 ----a-w- c:\windows\system32\atiu9pag.dll 2011-10-12 19:28:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2011-10-12 19:16:42 53760 ----a-w- c:\windows\system32\atimpc32.dll 2011-10-12 19:16:42 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2011-10-09 09:19:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-01 12:41:05 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-09-22 01:09:03 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-08-27 04:26:27 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 04:26:27 233472 ----a-w- c:\windows\system32\oleacc.dll 2009-10-08 21:36:12 37074432 ------w- c:\program files\P2V_VManager_Pers_ea_x32.msi 2009-08-11 20:30:20 125136896 ------w- c:\program files\Paragon-PM95-PRE_WinInstallSNx32_9.0.99.10022_001.msi 2008-08-11 23:08:34 262144 ------w- c:\program files\Uninstall Spy Blocker.dll 2006-05-03 16:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll 2007-02-21 17:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll 2008-03-16 19:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll . ============= FINISH: 9:39:37.14 =============== MBAM PROTECTION LOG 11-16-2011 Please note that I replaced my name with MYUSERNAME in this log, but noticed it is still in my earlier logs, so I guess it doesn't really matter
  5. Thanks, MBAM Sentinel Updated and here is log for Quickscan Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8175 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 11/16/2011 7:59:44 AM mbam-log-2011-11-16 (07-59-44).txt Scan type: Quick scan Objects scanned: 192116 Time elapsed: 7 minute(s), 58 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Will now rub combofix and DDS.scr
  6. Running latest version MB Pro. Keep getting pop-up notifications "Successfully Blocked access to a potentially malicious website IP 194.54.80.150.Type outgoing. Process: uTorrents About every two seconds. It is driving me CRAZY! I have tried closing uTorrents, but still happening. Only when the browser is open. Attached DDS File. I also have attach.txt and will wait 'til/if you request it If there is not a simple fix, can I turn off the Notification? Google Chrome Win 7, Professional 32bit Quad core Intel 4gb DDR Hello. Anyone have an idea??? . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Bill Marsh at 11:27:31 on 2011-11-10 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1748 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Mamutu\a2service.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\CISVC.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Synology Data Replicator 3\SynoDrService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Program Files\Common Files\Chameleon Manager\monitor.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Program Files\Process Lasso\processlasso.exe C:\Program Files\Process Lasso\processgovernor.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Mamutu\mamutu.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Aston2\Aston2.exe C:\Users\Bill Marsh\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Program Files\AnVir Task Manager\AnVir.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Bill Marsh\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\taskhost.exe C:\Windows\explorer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2207613 uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = 192.168.*.*;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - c:\program files\softonic_english_ff\prxtbSoft.dll uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll mURLSearchHooks: myBabylon EnglishBB Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\prxtbmyB0.dll mURLSearchHooks: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - c:\program files\softonic_english_ff\prxtbSoft.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll BHO: Disabled:{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - c:\program files\softonic_english_ff\prxtbSoft.dll TB: myBabylon EnglishBB Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\mybabylon_english\prxtbmyB0.dll TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll TB: CaptureSaver: {5148ab7d-8868-4490-b6da-f98368488582} - c:\program files\capturesaver\CaptureSaverIE.dll TB: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - c:\program files\softonic_english_ff\prxtbSoft.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [GrooveMonitor] c:\program files\microsoft office\office14\GROOVEMN.EXE uRun: [Google Update] "c:\users\bill marsh\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Aston2] "c:\program files\aston2\Aston2.exe" uRun: [AnVir Task Manager] "c:\program files\anvir task manager\AnVir.exe" Minimized uRun: [1BBD3F16F126965EF1DD45662C6C31343DB3F257._service_run] "c:\users\bill marsh\appdata\local\google\chrome\application\chrome.exe" --type=service uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Mamutu Guard] "c:\program files\mamutu\mamutu.exe" /silent mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [Everything] "c:\program files\everything\Everything.exe" -startup mRun: [<NO NAME>] mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe" mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun StartupFolder: c:\users\billma~1\appdata\roaming\micros~1\windows\startm~1\programs\utilit~1\startup\dropbox.lnk - c:\users\bill marsh\appdata\roaming\dropbox\bin\Dropbox.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to CaptureSaver - c:\program files\capturesaver\\AddFromIE.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Open Client to monitor &1 - c:\windows\web\AOpenClient.htm IE: Open Client to monitor &2 - c:\windows\web\AOpenClient.htm IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - {5148AB7D-8868-4490-B6DA-F98368488582} - c:\program files\capturesaver\CaptureSaverIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/da2/PCPitStop2.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{EDFA2DBF-5A46-4AF2-A7AA-2D9937111EE8} : DhcpNameServer = 192.168.2.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll AppInit_DLLs: c:\progra~1\google\gobca7~1\GO36F4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2207613&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Softonic English FF Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2207613&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/mb59/?loc=ff_address_bar&u=92541620347806409&search= FF - component: c:\program files\adobe\acrobat 10.0\acrobat\browser\wcfirefoxextn\components\WCFirefoxExtn.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko19.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko5.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko6.dll FF - component: c:\users\bill marsh\appdata\roaming\mozilla\firefox\profiles\z41h6tx5.default\extensions\{ffa0793e-3980-4be4-8234-048fa665f700}\components\RadioWMPCoreGecko7.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\users\bill marsh\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\users\bill marsh\appdata\roaming\facebook\npfbplugin_1_0_0.dll FF - plugin: c:\users\bill marsh\appdata\roaming\facebook\npfbplugin_1_0_1.dll FF - plugin: c:\users\bill marsh\appdata\roaming\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\users\bill marsh\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\bill marsh\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox 3.6 beta 1\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com FF - Ext: Gmail Manager: {582195F5-92E7-40a0-A127-DB71295901D7} - %profile%\extensions\{582195F5-92E7-40a0-A127-DB71295901D7} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} FF - Ext: <![CDATA[1-ClickWeather]]>: {DCBD1271-D228-4082-9FBC-36D9B7660B03} - %profile%\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03} FF - Ext: NetVideoHunter: netvideohunter@netvideohunter.com - %profile%\extensions\netvideohunter@netvideohunter.com FF - Ext: SimilarWeb: FirefoxAddon@similarWeb.com - %profile%\extensions\FirefoxAddon@similarWeb.com FF - Ext: BabelFish: {ca0849e8-2c76-42ae-9abe-34e14d337acf} - %profile%\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: gTranslate: {aff87fa2-a58e-4edd-b852-0a20203c1e17} - %profile%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com FF - Ext: Softonic English FF Community Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - %profile%\extensions\{ffa0793e-3980-4be4-8234-048fa665f700} FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\real\realplayer\browserrecordplugin\firefox\Ext FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files\adobe\acrobat 10.0\acrobat\browser\WCFirefoxExtn FF - Ext: CaptureSaver: CaptureSaver@goldgingko.com - c:\program files\capturesaver\Firefox . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - 802e6f29-9b82-4a96-a402-1881d0c58d51 . ============= SERVICES / DRIVERS =============== . R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-5-5 31112] R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-5-5 37256] R0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys [2011-5-5 21896] R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2010-2-3 56208] R1 a2injectiondriver;a2injectiondriver;c:\program files\mamutu\a2dix86.sys [2011-7-14 34768] R1 a2util;a-squared Malware-IDS utility driver;c:\program files\mamutu\a2util32.sys [2011-7-14 11776] R1 AntiLog32;AntiLog32;c:\program files\antilogger\AntiLog32.sys [2011-7-21 121560] R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-5-5 15240] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648] R3 a2acc;a2acc;c:\program files\mamutu\a2accx86.sys [2011-7-14 51632] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-10-12 8598528] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-10-12 257024] R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2011-7-14 16640] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-11-8 211984] R3 EUDISK;EASEUS Disk Enumerator;c:\windows\system32\drivers\eudisk.sys [2011-5-5 188808] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2011-4-30 42648] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2011-4-30 12184] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-2 22216] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024] R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2011-3-14 31848] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-2-2 14216] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-2-2 8456] S3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\FarMntIo.sys [2011-7-20 20824] S3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-12-3 20352] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-1-29 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2010-4-1 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2010-1-25 9472] S3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\drivers\Razerlow.sys [2005-4-24 13225] S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2011-3-14 31848] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-5 52224] . =============== Created Last 30 ================ . 2011-11-10 14:27:05 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5b13d659-4bbe-46a7-aeb5-717f3b1302e6}\MpKsl39392429.sys 2011-11-10 14:27:02 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5b13d659-4bbe-46a7-aeb5-717f3b1302e6}\offreg.dll 2011-11-10 14:08:25 -------- d-----w- c:\program files\uTorrentBar 2011-11-10 14:08:05 -------- d-----w- c:\program files\uTorrent 2011-11-10 14:07:21 -------- d-----w- c:\users\bill marsh\appdata\local\uTorrent 2011-11-10 03:26:07 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5b13d659-4bbe-46a7-aeb5-717f3b1302e6}\mpengine.dll 2011-11-09 23:45:08 -------- d-----w- c:\programdata\Mirolit 2011-11-09 23:45:05 -------- d-----w- c:\program files\Mirolit 2011-11-09 03:18:42 0 ----a-w- c:\windows\ativpsrm.bin 2011-11-09 01:39:03 -------- d-----w- c:\program files\AMD APP 2011-11-09 01:34:29 -------- dc----w- C:\ATI 2011-11-09 01:24:20 -------- d-----w- c:\users\bill marsh\appdata\local\ATI 2011-11-09 01:18:49 -------- d-----w- c:\program files\common files\ATI Technologies 2011-11-09 01:18:39 211984 ----a-w- c:\windows\system32\drivers\AtihdW73.sys 2011-11-09 01:18:09 52736 ----a-w- c:\windows\system32\coinst.dll 2011-11-08 22:14:48 -------- d-----w- c:\windows\B4F3A360E1E2479DADE79BE3B07F4539.TMP 2011-11-08 21:23:28 -------- d-----w- c:\program files\ATI Technologies 2011-11-08 21:23:27 -------- d-----w- c:\program files\ATI 2011-11-02 23:40:30 -------- d-----w- c:\users\bill marsh\appdata\roaming\Malwarebytes 2011-11-02 23:40:16 -------- d-----w- c:\programdata\Malwarebytes 2011-11-02 23:40:09 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-02 23:40:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-10-30 16:27:56 -------- dc----w- C:\- 0 Since Gracie and Gunther 2011-10-28 11:52:24 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-10-19 14:08:48 -------- d-----w- c:\program files\Belarc 2011-10-19 01:56:40 -------- dc----w- C:\Torrent Downloads 2011-10-17 09:14:25 -------- d-----w- c:\program files\McAfee Security Scan 2011-10-12 21:53:30 75776 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-12 21:53:30 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-12 21:53:29 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-12 21:53:29 233472 ----a-w- c:\windows\system32\oleacc.dll 2011-10-12 21:53:23 2334720 ----a-w- c:\windows\system32\win32k.sys 2011-10-12 21:16:30 56832 ----a-w- c:\windows\system32\OpenVideo.dll 2011-10-12 21:15:40 13753856 ----a-w- c:\windows\system32\amdocl.dll 2011-10-12 21:14:50 43520 ----a-w- c:\windows\system32\OpenCL.dll 2011-10-12 20:55:06 8598528 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2011-10-12 20:14:36 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2011-10-12 20:14:26 736768 ----a-w- c:\windows\system32\aticfx32.dll 2011-10-12 20:10:28 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll 2011-10-12 20:10:00 397312 ----a-w- c:\windows\system32\atieclxx.exe 2011-10-12 20:09:32 176128 ----a-w- c:\windows\system32\atiesrxx.exe 2011-10-12 20:08:24 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2011-10-12 20:08:10 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2011-10-12 20:07:58 278528 ----a-w- c:\windows\system32\Oemdspif.dll 2011-10-12 20:07:52 20992 ----a-w- c:\windows\system32\atimuixx.dll 2011-10-12 20:07:44 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2011-10-12 20:04:42 4231680 ----a-w- c:\windows\system32\atidxx32.dll 2011-10-12 20:04:14 18630656 ----a-w- c:\windows\system32\atioglxx.dll 2011-10-12 19:46:18 46080 ----a-w- c:\windows\system32\aticalrt.dll 2011-10-12 19:46:08 44032 ----a-w- c:\windows\system32\aticalcl.dll 2011-10-12 19:44:28 4289024 ----a-w- c:\windows\system32\atiumdag.dll 2011-10-12 19:44:20 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2011-10-12 19:42:56 8391680 ----a-w- c:\windows\system32\aticaldd.dll 2011-10-12 19:33:10 4174848 ----a-w- c:\windows\system32\atiumdva.dll 2011-10-12 19:31:20 335872 ----a-w- c:\windows\system32\atiadlxx.dll 2011-10-12 19:31:02 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2011-10-12 19:30:50 32768 ----a-w- c:\windows\system32\atigktxx.dll 2011-10-12 19:30:18 257024 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2011-10-12 19:29:42 31744 ----a-w- c:\windows\system32\atiuxpag.dll 2011-10-12 19:29:26 29184 ----a-w- c:\windows\system32\atiu9pag.dll 2011-10-12 19:28:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2011-10-12 19:16:42 53760 ----a-w- c:\windows\system32\atimpc32.dll 2011-10-12 19:16:42 53760 ----a-w- c:\windows\system32\amdpcom32.dll . ==================== Find3M ==================== . 2011-10-09 09:19:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-01 12:41:05 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-09-22 01:09:03 152576 ----a-w- c:\windows\system32\msclmd.dll 2009-10-08 21:36:12 37074432 ------w- c:\program files\P2V_VManager_Pers_ea_x32.msi 2009-08-11 20:30:20 125136896 ------w- c:\program files\Paragon-PM95-PRE_WinInstallSNx32_9.0.99.10022_001.msi 2008-08-11 23:08:34 262144 ------w- c:\program files\Uninstall Spy Blocker.dll 2006-05-03 16:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll 2007-02-21 17:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll 2008-03-16 19:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll . ============= FINISH: 11:30:15.38 =============== DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.