Jump to content

Search the Community

Showing results for tags 'File'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/3/21 Scan Time: 9:47 PM Log File: e2c85a90-9500-11eb-b210-000000000000.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1249 Update Package Version: 1.0.39090 License: Premium -System Information- OS: Windows 10 (Build 19042.867) CPU: x64 File System: NTFS User: LAPTOP-2FFNME09\Thetravelingbanna -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 0 min, 1 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  2. Hello everyone I downloaded an ran the malwarebytess support tool for Mac and sent the resulted file MWB_info.zip to my advisor but my question here is what this zip file contains? If it puts my personal information in danger(not baceuse of malwarebytes but if someone else sees it idk maybe if they hack my email or something su I am just curious)
  3. Hey. Im no expert on these things so i thought id ask you guys. Im a musician and i got pmd by a guy who wanted me to master a song for him. But it felt pretty shady. But i did for him. I recived 2 mp3 files of an instrumental and a vocal track. I just need to know if they could contain any virus of some sort? I read that if its a virus it cant be played by a normal media player. I have scanned a full scan with Avast and Malwarebytes. Should it be all good then?
  4. Malwarebytes in good company (https://www.virustotal.com/#/file/035877bf8ca678541a8142e65e7f4bccd8d903642aac93deedf0276561aa57f1/detection )detects and quarantines a commercial cots component from DataAccess corporation. Product info https://www.dataaccess.com/products/dataflex/features-243 Problem statement, The compiled web apps are triggering false positives by MalwareBytes which result in quarantine. The files are believed benign, system is clean room level pristine clean Latest rev of MalwareBytes and signatures and the vendor product DataFlex2017-19.0.33.4.Studio.exe www.malwarebytes.com -Log Details- Scan Date: 11/20/18 Scan Time: 5:55 PM Log File: 6b17659c-ed17-11e8-bfd2-d8cb8aefeb7e.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.482 Update Package Version: 1.0.7943 License: Premium -System Information- OS: Windows 10 (Build 17134.407) CPU: x64 File System: NTFS User: DESKTOP-U0ISPN2\backup -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 5 Threats Quarantined: 0 Time Elapsed: 0 min, 11 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 2 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 Module: 2 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) WebApp.7z
  5. I started a scan 20mins ago and it's still running but it found this weird PUP file... The folder is: HKLM/Software/wow6432node/microsoft/windows/currentversion/uninstall/{and here is bunch of random numbers} should i delete this file? or is it just normal?
  6. so ihave a flash disk and inse of it was a file that i dont know and have much file and the date modified was weird one of the file was the date it modified was in 2109 and back in 1967 please help me clean thi virus or malware
  7. Hello, i've had issues with a trojan reappearing in client32.exe, quarantine doesnt help and it reappears the next time i restart. i've since upgraded to premium to actively block it and other such things, but rescanning after a restart shows it reappearing. i also believe that when i quarantine it , my computer hangs in the restart screen with the circling dots(mouse cant move). i have bitdefender installed also, and it doesnt detect the trojan. i get no pop ups or intrusive virus pop ups or anything noticeable(anything it does in the background i am not aware). MBAM.txt FRST.txt Addition.txt
  8. So, I came to know about this issue yesterday when I returned from school and used my laptop. All the files and folders except C Drive are hidden and there is shortcut of everything. I click on the shortcut and then I can access the file. But when I try to copy anything from lappi to USB, only shortcuts are being copied. Also, an .exe file is being created on the name of the folder and file. Third, when I tried to show all the system protected files and folders, a junk of files and folders came up on the disk. Don't really know what went wrong. Day before yesterday, I inserted my friend's USB into lappi. I think this might be the reason of this. Any help would be highly appreciated as I have to clean my lappi and don't want to loose any file whatsoever. Thanks, Steve.
  9. I have a virus on my computer and it make a loop with a pop up of "how do you want to open this file?" and it always appearing me.I have a print, and i already make the scan.Can you help me please? and here is my Farbar Recovery Scan Farbar Recovery Scan Tool (x64) Version: 26-10-2017 Ran by Ermin (28-10-2017 00:14:42) Running from D:\Downloads Boot Mode: Normal ================== Search Files: "krk.tmp" ============= ====== End of Search ====== PLS HELP
  10. Hello guys hope you all on the net i'm so frustrated since my laptop hibernated and suddenly (tomorrow i turned my pc again) there are MULTIPLE (yes, i mean both of my drive) Windows.old folder for no reason. And it contains unknown file(s) that so MANY (see picture below:( ) and it takes half of my harddisk drive. I tried to delete them, but it came again and again. And now i dunno what should i do:( please help me. I have try adware and other scanners but i confused what to do next hehe XD Sorry for my bad english btw. Cheers !
  11. Hello once again. I haven't really had any problems with malewarebytes since the last the last post about being stuck at a file. However, I once again got stuck at a file for a very long period of time and decided that it would be good to give you guys the info, as I've been keeping on enhanced logs just in case it occurred again. To be clear thought, this time the scan did actually complete on it's own; ironically a few minutes after I started gathering info to add to this post. Thus, this is more of a "here's some stuff that may interest you" post that a "I need a problem solved right now" post. Sorry If I put this in the wrong place or if this is seen as an unnecessary post. In either case, I understand if this gets deleted. In the case you want to see the info I gathered, here is the content of the folder: 1. Enhanced Malewarebyte logs from C:\ProgramData\Malwarebytes\MBAMService\logs a. One set before the scan completed b. one set after the scan completed (I don't know if that matters, but I did it just in case) 2. FRST Scan stuff 3. mbam-check.exe reports 4. A picture of the non-progressing scan Like last time I did not retest this, as it took 4 hours to get to the file that it stopped at. Once more, I am willing to try both a quick scan and custom scan to retest for this if needed (thought it may be a while since I need to do things for a bit). Dropbox link: https://www.dropbox.com/s/k9g6ou1343aor3l/Malwarebytes Help stuff.rar?dl=0 (In case the site's up-loader doesn't work) P.S. Sorry if I forgot anything you guys may have needed Malwarebytes Help stuff.rar
  12. I was doing scan with jrt and the logs it gave me said it couldnt delete some files in the temporary internet files folder. All of the files had a Content.IE5 on them. Could this maybe a sign of infection?
  13. Wondering what file this is Adware.DealPly.Generic | Registry Key | HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\CURRENTVERSION\RUNONCE | PAMEHOC Adware.DealPly.Generic | File | C:\Users\#####\Appdata\Roaming\184A0D246AB9BD6630C52F8A6A6AE7CD\Nitim.dat I have no clue what this has I looked it up and found nothing. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/14/17 Scan Time: 7:35 PM Logfile: Report.txt Administrator: Yes -Software Information- Version: 3.0.6.1469 Components Version: 1.0.50 Update Package Version: 1.0.1264 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: DESKTOP-KPDFFCU\Wicked -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 362772 Time Elapsed: 2 min, 19 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 1 Adware.DealPly.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|PAMEHOC, Quarantined, [3126], [367966],1.0.1264 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Adware.DealPly.Generic, C:\USERS\WICKED\APPDATA\ROAMING\184A0D246AB9BD6630C52F8A6A6AE7CD\NITIM.DAT, Quarantined, [3126], [367966],1.0.1264 Physical Sector: 0 (No malicious items detected) (end)
  14. So recently i got some malware on my MacBook Pro and its become so bad i decided finally to get rid of it fully. I downloaded Malwarebyes and opened it up. When I clicked on the scan button as you would normally do, except about 10 seconds in it stopped updating at "Scanning for : Adware.IronCore" and it would not go past this. Im not sure if I'm missing that particular file or some kind of malware is preventing it from finishing. Im not sure what to do, so if mo one knows how to help me with this Im eventually going to just bring it in to the Apple store.
  15. Hello. I've been a user of malewarebytes for a while now, and am very pleased with the service I have had from it so far. However, I have seemingly run into a problem where my scan has stopped at one of my files for some reason. I'm not the most tech savvy guy, and I admit that my naivete may be making me unable to find a solution that has already been said somewhere, but I just wanted to throw my hat out there and see if this could be fixed. I tired to do my best to follow the proper guidelines and give as much information as possible in a file that I have up on my dropbox (as the file size is over the 30mb limit). In it are: 1. Malewarebyte logs from C:\ProgramData\Malwarebytes\MBAMService\logs 2. Farbar Recovery Scan Tool reports 3. mbam-check.exe reports 4. A picture of the non-progressing scan 5. A dump file of mbam.exe I have not retested this, as it took about 2 hours to get to the file in question, but I can do so if you need me too. Even if this was only a one time thing, I bet you guys would like the info regardless just in case. Hope I did right on my first try here. Link to the Dropbox file: https://www.dropbox.com/s/qk7sl8opixq9d9f/Maleware byte problem stuff.zip?dl=0 P.S. Sorry If I put this in the wrong place
  16. Hello, I just ran a custom scan with rootkit scan on. The scan detected this THXLgcy.dll File and Module as being a Trojan.Injector virus. Is this a false positive? It also detected a potentially unwanted program, although I found no files, just folders being detected for the PUP.Optional.ASK.Gen Please see attached log file and zipped detected file/module for reference. Let me know if any of these are real threats or anything to worry about.Thanks. Best Regards Patrick mbam-log-2015-11-16.txt THXLgcy.zip
  17. Malwarebytes detected a trojan file.fill .tmp file on my desktop. I have done the following: 1. Rebooted into safe mode after detection. 2. Removed trojan via Malwarebytes while in Safe Mode. 4. Scanned again via Malwarebytes, nothing found, BUT there were (2) .tmp files on desktop that i deleted permanently. 5. Rebooted into safe mode with network access. 6. Downloaded Farbar Recovery Scan Tool and ran scan. Attached are: 1. Malwarebytes log file (named: MalwareBytes-Trojan File.Fill.txt) from initial detection. 2. Farbar scan results: FRST.txt and Addition.txt Thank you for your assistance. Please let me know of any additional steps I need to take to ensure complete removal and if you see anything else suspicious. MHP MalwareBytes-Trojan File.Fill.txt FRST.txt Addition.txt
  18. Hello, For about the past 3 or 4 months I haven't been unable to download pretty much any file off of the internet. When I try to download a song off of the internet, the song will download very glitchy as if the song didn't fully download. Another example would be when I try to download a software update for my phone off of the internet it will just give me an error saying it was unable to download. I have downloaded a few anti-malware and anti-virus programs to see if I could find anything wrong, and whatever the scans found I removed from my computer. There were a few programs that kept popping up in the scans as adware that I am pretty sure I removed, but they sometimes reappear in the scans. Anything I have tried has not worked, and my computer still won't download anything off the internet properly. Below I attached the HijackThis log I got from my computer. Thanks, Matt Logfile of Trend Micro HijackThis v2.0.5Scan saved at 6:43:46 AM, on 1/8/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)CHROME: 1.5.1383.0FIREFOX: 32.0.3 (x86 en-US)Boot mode: Normal Running processes:C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exeC:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exeC:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXEC:\Program Files (x86)\Dell\Stage Remote\StageRemote.exeC:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exeC:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exeC:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Matt\AppData\Roaming\PC-Gizmos\PC_136528.en_88.exeC:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exeC:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exeC:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Citrix\ICA Client\concentr.exeC:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXEC:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exeC:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exeC:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exeC:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exeC:\Program Files (x86)\iTunes\iTunes.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Matt\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.comR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dllO2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllO2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dllO2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\bin\IPS\IPSBHO.DLLO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: PCGizmosBHO - {A817C286-3D6B-4ECD-A99C-E44E50DBC523} - C:\Users\Matt\AppData\Roaming\PC-Gizmos\PCGizmosBHO.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllO3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dllO3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startupO4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logonO4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startupO4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exeO4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silentO4 - HKCU\..\Run: [Google Update] "C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"O4 - HKCU\..\Run: [PC_GIZMOS] "C:\Users\Matt\AppData\Roaming\PC-Gizmos\PC_136528.en_88.exe" --updateO4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exeO4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeO4 - HKCU\..\Run: [GoogleChromeAutoLaunch_952AA941B71FA68F2EFC80A225B9EE63] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-windowO4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Dropbox.lnk = C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: *.clonewarsadventures.comO15 - Trusted Zone: *.freerealms.comO15 - Trusted Zone: *.soe.comO15 - Trusted Zone: *.sony.comO16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cabO16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cabO18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dllO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeO23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exeO23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeO23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exeO23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exeO23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exeO23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exeO23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin64\Smc.exeO23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin64\snac64.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: Software Updater Service - Auto-Update.m - C:\Users\Matt\AppData\Roaming\Software Updater\SoftwareUpdate.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe --End of file - 23541 bytes
  19. This is the code from the .bat file. It's suppose to replay a match I've had in a game called "League Of Legends" The website that stores the replay is Lolking.net. I'm pretty sure it doesn't contain malware but just to make sure since I'm skeptical about everything that may contain viruses. @echo off setlocal ENABLEEXTENSIONS setlocal EnableDelayedExpansion set VALUE_NAME=LocalRootFolder set KEY_NAME=HKLM\SOFTWARE\Wow6432Node\Riot Games\RADS FOR /F "tokens=2*" %%A IN ('REG.EXE QUERY "%KEY_NAME%" /v "%VALUE_NAME%" 2^>NUL ^| FIND "REG_SZ"') DO SET RADS=%%B IF NOT "!RADS!"=="" GOTO PLAY set KEY_NAME=HKCU\SOFTWARE\Riot Games\RADS FOR /F "tokens=2*" %%A IN ('REG.EXE QUERY "%KEY_NAME%" /v "%VALUE_NAME%" 2^>NUL ^| FIND "REG_SZ"') DO SET RADS=%%B IF NOT "!RADS!"=="" GOTO PLAY set KEY_NAME=HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Riot Games\RADS FOR /F "tokens=2*" %%A IN ('REG.EXE QUERY "%KEY_NAME%" /v "%VALUE_NAME%" 2^>NUL ^| FIND "REG_SZ"') DO SET RADS=%%B IF NOT "!RADS!"=="" GOTO PLAY set KEY_NAME=HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Riot Games\RADS FOR /F "tokens=2*" %%A IN ('REG.EXE QUERY "%KEY_NAME%" /v "%VALUE_NAME%" 2^>NUL ^| FIND "REG_SZ"') DO SET RADS=%%B IF NOT "!RADS!"=="" GOTO PLAY GOTO NOTFOUND :PLAY cd /D %RADS% cd .\solutions\lol_game_client_sln\releases\ FOR /f %%i in ('dir /a:d /b') do set RELEASE=%%i cd .\%RELEASE%\deploy @start "" "League of Legends.exe" "8394" "LoLLauncher.exe" "" "spectator replays.lolking.net:80 A3L73//f2ZlJUjkfm6Pe502xclqtw0XY 1644089986 NA1" GOTO DONE :NOTFOUND echo Could not find League of Legends installation. @pause :DONE endlocal
  20. I am wondering if .mp3 files could contain any sort of malware in any way? I am not talking about a file that is named music.mp3 but the file type is an .exe being hidden by windows. I am talking about a real .mp3 file. I also would preferably like someone to answer who knows what they are talking about. I've been searching on the internet and many say yes and no... So I am still not sure. Also if an .mp3 file could contain something malicious, would an antivirus or antimalware scanner detect it? Thank you.
  21. I am unable to download anything. Every time I try to download something is says <file> contained a virus and was deleted. I have come across many people having this problem but have not found a solution. Any help would be great.
  22. Hello, My name is Matt I am new to the forum. I obviously use a anti-virus called Malware Bytes, the full, payed version and my problem is that i am using the program supported by the same company, File Assassin that wipes out files that I don't have the permission to do (It essentially protects it's own files so viruses can't delete them) so I deleted a file off my desktop but the problem is, Now, I can't delete ANYTHING on my desktop or rename, etc. for that matter. PLEASE help I cannot even move files onto my desktop it simply gives me a "You Need Administrator Privileges To Perform this Action" when I AM an Admin. Any help on this would be greatly appreciated. Thanks, ~Matt:) Dwm 2013-06-03 17-18-59-14.bmp
  23. When my brother opened Firefox I think he went on EB Games website. It popped up asking to downlaod a file, which is strange because it says the file is from youtube, unless of coures there was an embedded youtube video. Hes ben on there before and this never happened but this is the file: o0U2XXgLJkilnSBis0euuJ_-ZDBRpIYn 3.8 KB From: Youtube.com I was tired at the time and said to leave it for me to look at later, so I clicked on cancel for downloading. So I dont have much detail on what the file is but it shows in Firefoxs download history and what I said about it is what it tells me. Oh and for some reason it doesnt tell me the extension... I clicked on Cancel for the download but it still shows up in Firefox downoad history so Im not sure if it downloaded or not. I updated then ran a full scan with Avast 8 Antivirus, Malwarebytes and SUPERAntiSpyware (All are free versions) and they all come up clean. Windows Vista 32-bit Thankyou (Heres a pic)
  24. I recently purchased full license MBAM for my computer. Several quick scans were clean. Just ran a full scan and results found two files with this "Extension.Mismatch". My brief research shows this scan result has caused questions for users back to 2009 and I was not able to confirm a definite resolution. I don't know how to proceed. The affected files are both ".jpg" files. I would appreciate any guidance or recomendations. Thanks.
  25. Hi!!! So, we ran this program called Hijackthis and we got this logfile thing.... not sure what we are supposed to do with it??? We found this site and saw others were getting help here so, here we are! Here is the log file! TY ahead of time! ~Girls of BeeHivesandBowTies salon~ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:32:13 AM, on 12/14/2012 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\wuauclt.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\karabear\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file) O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\RunOnce: [GrpConv] grpconv.exe -o O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: lxbl_device - - C:\Windows\system32\lxblcoms.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8463 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.