Jump to content

Search the Community

Showing results for tags 'Skype'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 21 results

  1. Greetings, I received a shorted google link via Skype like this: goo.gl/letters#manyletters&numbers?id=MYSKYPEID (MYSKYPEID was my actual skype ID) and I unfortunately clicked on it which opened a website. It looked like advertisement so I closed it and didn't think much about it. 2 hours later I wanted to skype someone and noticed my skype application isn't open so I went to my desktop to use the .exe shortcut but it had no icon and clicking it said something along the lines of the location of the exe(or oath) not being found. I searched on Cortana und didn't find my usual skype application, only the windows integrated skype which I never use. I opened it and couldn't log in, my password seems to have changed, so I created a new one. Since, I have updated and ran Avast Full System Scan, Spybot Search and Destroy & Malwarebytes and didn't find anything significant(small cookie and amazon registry issues with very low threat). Now it looks like my system is not infected, but based on the series of events(skype application being deleted and password changed) I am thinking I MUST be infected? I didn't download anything or started any exes and am quite confused as to how whatever it was deleted my entire skype application without a trace. I tried to google the issue but didn't find anything on it. I am using Windows Firewall, Spybot and Avast Virus protection, usually one of these makes an alarm if I visit a suspicious website but this time nothing, I wouldn't even have noticed anything if it wasn't for skype being completely missing from my computer. Does anyone have an idea what's going on? I have had viruses in the past but I have never had anything like this happen and I am not sure how it happened and whether I am now save or not. If I have an undetected worm I feel uncomfortable to log in to various websites with my passwords. Thanks for any input. PS: I used the goo.gl link on virustotal.com URL search and it analyzes forever.
  2. I recently installed Malwarebytes after some suspicions due to slow computer running speed in order to run a scan (which turned up 2 entries), and activated a trial for the enhanced protection services. A few days later, I began to receive repeated notifications that a malicious website was blocked, trying to access Skype and svchost. I promptly closed Skype and disconnected my computer from the internet for a bit as I deleted my stored passwords and cache and ran a scan, which turned up nothing. As of reconnecting my computer to the internet after closing Skype, I have not received any more notifications. Included below is the scan log from the first scan and today's protection log which includes the malicious website attack attempts. Please advise! Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/10/2016 Scan Time: 12:26 PM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.10.10.06 Rootkit Database: v2016.09.26.02 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: bananaman Scan Type: Threat Scan Result: Completed Objects Scanned: 422870 Time Elapsed: 15 min, 12 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.MyStart, HKLM\SOFTWARE\WOW6432NODE\mystarttb, Quarantined, [e2ac6136900a80b63aced6d715eee41c], Registry Values: 0 (No malicious items detected) Registry Data: 1 Broken.OpenCommand, HKCR\regfile\shell\open\command, "regedit.exe" "Good: (regedit.exe "Bad: ("regedit.exe" "%1"),Replaced,[ffffffffffffffffffffffffffffffff]")", %4, %5 Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) ------------------------------------------------------------------- Malwarebytes Anti-Malware www.malwarebytes.org Update, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Scheduler, Malware Database, 2016.10.13.2, 2016.10.13.3, Protection, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Protection, Refresh, Starting, Protection, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Protection, Refresh, Success, Protection, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Starting, Protection, 10/13/2016 1:45 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Started, Protection, 10/13/2016 11:57 AM, SYSTEM, ORLANDO-PC, Protection, Malware Protection, Starting, Protection, 10/13/2016 11:57 AM, SYSTEM, ORLANDO-PC, Protection, Malware Protection, Started, Protection, 10/13/2016 11:57 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Starting, Protection, 10/13/2016 11:57 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Started, Update, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Scheduler, Domain Database, 2016.10.13.1, 2016.10.13.5, Update, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Scheduler, Malware Database, 2016.10.13.3, 2016.10.13.9, Protection, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Protection, Refresh, Starting, Protection, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Protection, Refresh, Success, Protection, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Starting, Protection, 10/13/2016 11:58 AM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Started, Update, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Scheduler, Domain Database, 2016.10.13.5, 2016.10.13.6, Protection, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Protection, Refresh, Starting, Protection, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Stopped, Protection, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Protection, Refresh, Success, Protection, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Starting, Protection, 10/13/2016 12:01 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, Started, Scan, 10/13/2016 12:12 PM, SYSTEM, ORLANDO-PC, Context, Start:10/13/2016 11:58 AM, Duration:14 min 24 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, Detection, 10/13/2016 2:26 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 182.74.246.226, 52214, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 2:26 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 182.74.246.226, 52214, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 2:26 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 182.74.246.226, 36043, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:21 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:22 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 10/13/2016 3:22 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Detection, 10/13/2016 3:22 PM, SYSTEM, ORLANDO-PC, Protection, Malicious Website Protection, IP, 179.96.17.142, 36043, Inbound, C:\Windows\System32\svchost.exe, Update, 10/13/2016 3:23 PM, SYSTEM, ORLANDO-PC, Manual, Failed, No Internet connection detected, Scan, 10/13/2016 3:37 PM, SYSTEM, ORLANDO-PC, Manual, Start:10/13/2016 3:23 PM, Duration:13 min 21 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, Update, 10/13/2016 3:45 PM, SYSTEM, ORLANDO-PC, Scheduler, Failed, No Internet connection detected, (end)
  3. I was playing a game chatting with friends (i was playing fullscreen borderless) when suddenly Malwarebytes poped up and said it protected my pc (or something along those lines) Here's the log: Detection, 03/09/2016 00:00, SYSTEM, *pcname*, Protection, Malicious Website Protection, IP, 121.54.58.240, 8780, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 03/09/2016 00:00, SYSTEM, *pcname*, Protection, Malicious Website Protection, IP, 121.54.58.240, 8780, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 03/09/2016 02:46, SYSTEM, *pcname*, Protection, Malicious Website Protection, IP, 121.54.58.242, 8780, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 03/09/2016 02:46, SYSTEM, *pcname*, Protection, Malicious Website Protection, IP, 121.54.58.242, 8780, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, My question is why did this happen?
  4. While watching a YouTube video, I noticed Malwarebytes starting to go insane with notifications blocking both inbound and outbound connections from the IP 121.54.58.246 to Skype. I never have any ads in Skype and while Malwarebytes does randomly block IP's inbound to skype at times, its never been anything like this before. A quick google search of this IP address reveals that it is listed in the StopForumSpam database as well as project honeypot who states it is used in dictionary attacks (see attached image). I have attached the Malwarebytes protection log, should I be concerned about this? malwarebytes.txt
  5. As long as my computer is running Skype, I get a popup from Malwarebytes telling me that it's blocked a website and the process in action is ALWAYS Skype. I don't have to be in a Skype call at the time, just as long as Skype is open and running on my PC, the popups will happen. Using the Malwarebytes premium service, I have completed a various number of scans which have all finished with no detections. I am wondering if anybody knows why this is happening and if anyone can assist me. For professional reasons, I rely on Skype daily and I don't want to lose anymore trust in the service. Attached is the latest popup I've received. Thanks in advance. Peach50.
  6. Malwarebytes sends me a warning a few times daily, which is entered in the log as Detection, 04/04/2016 06:17, SYSTEM, JOHN-PC, Protection, Malicious Website Protection, IP, 121.123.135.93, 62974, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 04/04/2016 06:17, SYSTEM, JOHN-PC, Protection, Malicious Website Protection, IP, 121.123.135.93, 53806, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 04/04/2016 06:17, SYSTEM, JOHN-PC, Protection, Malicious Website Protection, IP, 121.123.135.93, 62974, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Is this significant please and should I take any action?
  7. Recently an ip was blocked by malwarebytes from skype I dont know what to do. I want to continue using skype to talk to my friends what should I do? Ip is 151.249.245.86 log.txt
  8. Hello, For a while now I have been getting notfication of Malicious Websites being blocked when I have skype open but not using it. (A picture of the notification is attached) Anyone have any ideas why this keeps happening? (It will do it for about 3 days then it wont for a week) Thank you in advanced.
  9. Hello I'm not the "iskrents". I'm his brother iskrentsbg I have problem with skype.When I talk with anyone my skype stop working like it have no access for 1 minute.And latter it fixes Can you help me
  10. Hey, I don't recall the entire warning message I got from MalwareBytes' pop-up message on my desktop, but I got a warning that Skype was trying to make a call to IP 178.152.7.60 (Quatar I think the IP lookup said). I have read some on this and other forums, and people mentions uninstalling any torrent programs. I have removed all these, and MalwareBytes doesn't seem to find anything causing this. I wouldn't delete Skype, I got friends who only has Skype, and I can't afford to lose contact with them.
  11. Okay so I have a brand new computer with Malwarebytes Premium and Norton 360 installed on it. I also have Skype. This is an error message which I keep getting, any one any ideas? Could it be an IP thing? Any help is appreciated. http://gyazo.com/bb15596dc1ba4a17e4d6798d1d85947f Kieran
  12. Malware Bytes has been blocking a lot more than usual. First it kept blocking an IP address. Then every time I clicked iTunes it would block a trojan. It blocked something from Skype. I recently removed Pure Leads. And my computer is still slower than normal. Downloaded the Farbar Recovery Scan Tool and attached the logs since it won't let me enter it in this post as its too long. FRST.txt Addition.txt
  13. Hi, I'm new to MB and have been using it for maybe a month? So, my concern is that for some reason there's this Skype IP that keeps getting blocked. I usually see different ones from time to time but today there was this one in particular that keeps getting blocked continuously every second. I logged out of my skype (with the skype sign in page is still on) and they seemed to have stopped, I then logged back on. After a couple minutes of peace, the same exact IP is blocked again and when I checked the log, it's been blocked 6 times for the first time before I logged out and then another 6 times before I logged out yet again... I'm logged out at the moment and it stopped completely.... I don't know what this means at all, I tried to read some other threads about Skype IP blocking and they seem to say that it's nothing to worry over but what about a continuous block on the same IP? I'm not sure if I could log on again without having the same issue..... it seems to only happen when I'm logged on..... The log also states that it's inbound? and I do not know what that means.....
  14. I've been getting random IP-Blocks from Skype a few times now, it is always the same IP-Adress could it be malware? Log: Malwarebytes Anti-Malwarewww.malwarebytes.org Update, 2014-06-17 11:03:07, SYSTEM, TAURUS-UBERKILL, Manual, Malware Database, 2014.6.16.7, 2014.6.17.2, Protection, 2014-06-17 11:03:09, SYSTEM, TAURUS-UBERKILL, Protection, Refresh, Starting, Protection, 2014-06-17 11:03:09, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, Stopping, Protection, 2014-06-17 11:03:09, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, Stopped, Protection, 2014-06-17 11:03:12, SYSTEM, TAURUS-UBERKILL, Protection, Refresh, Success, Protection, 2014-06-17 11:03:12, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, Starting, Protection, 2014-06-17 11:03:13, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, Started, Detection, 2014-06-17 11:28:44, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, IP, 46.252.131.82, 22178, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 2014-06-17 11:28:44, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, IP, 46.252.131.82, 22178, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 2014-06-17 11:28:45, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, IP, 46.252.131.82, 22178, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 2014-06-17 11:28:47, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, IP, 46.252.131.82, 22178, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 2014-06-17 11:28:48, SYSTEM, TAURUS-UBERKILL, Protection, Malicious Website Protection, IP, 46.252.131.82, 22178, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, (end)
  15. every once in a while skype's website is detected as a malicious site even tho im not even on it...its probably just skype communicating with its website or something... i have a few IPs im pretty sure they are all skype related. its skype/phone or something....very weird! someone else experienced this issue? please tell me next time it shows me the actual site ill tell post a screenshoit
  16. Hello, i got a lot of help from malwarebytes software but i guess that my computer is still infected. I can see a lot of hard disk activity and also got warnings that skype access or get accesed from malicius ip i can found things like this Detection, 01/04/2014 14:55:50, SYSTEM, PEPE-PC, Protection, Malicious Website Protection, IP, 89.28.87.46, 44176, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 01/04/2014 14:55:50, SYSTEM, PEPE-PC, Protection, Malicious Website Protection, IP, 89.28.87.46, 44176, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 2 times in a week more or less i did scanned with the tool and this is the first (FRST.txt) and (Addition.txt) files... i'm attaching them since i got a message saying "your post was too long"FRST.txtAddition.txt thanks for the help in advance!
  17. Hi guys, I have encountered some issues with probable malware after I encountered a random pop up at a website titled "rwindowsdefender.nl". The site appears to be associated with the malware that is being served up in Skype's ads. Here are my DDS log files: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.51.2 Run by Administrator at 17:44:15 on 2014-02-05 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.7854.5424 [GMT -6:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\Dwm.exe C:\Program Files\Sony\VAIO Care\VCSpt.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Explorer.EXE C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Apoint\Apvfb.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\perfmon.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\notepad.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [best Buy pc app] C:\Users\Administrator.OPTIMUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: SoftwareSASGeneration = dword:3 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\14355535 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\3456E647572797C496E6B623035353 : DHCPNameServer = 192.168.0.1 205.171.2.25 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\35162656270313 : DHCPNameServer = 192.168.254.5 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\35162656270313F52374548545 : DHCPNameServer = 192.168.254.5 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\642494355727675696C6C616E636566516E60223E243 : DHCPNameServer = 192.168.10.1 TCP: Interfaces\{E986785D-4352-45A9-875A-C114E23ED807} : DHCPNameServer = 172.20.10.1 Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Administrator.OPTIMUS\AppData\Roaming\Mozilla\Firefox\Profiles\kz5whinr.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npatgpc.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\npMSDM.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-18 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-18 204880] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-18 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-18 378944] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-18 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-18 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-5 46808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-12 13336] R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-7-12 94208] R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-7-12 78848] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-28 2320920] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872] R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104] R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-3 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-12 158976] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-12 271872] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032] R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-4-16 39832] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-7-12 402720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040] S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2010-11-8 19456] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 uvnc_service;uvnc_service;C:\Program Files (x86)\UltraVNC\winvnc.exe [2012-2-14 1830856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-4 1255736] S4 CFUACProxy_officeguardianv2;CFUACProxy_officeguardianv2;C:\ProgramData\OfficeGuardianV2\UACProxy.exe [2011-1-3 83792] S4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576] S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240] S4 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456] S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-7-28 252416] S4 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400] S4 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280] S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952] S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-6 304496] S4 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-7-28 575856] S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824] S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456] S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880] S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232] S4 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-7-28 836608] S4 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-7-28 1250160] . =============== Created Last 30 ================ . 2014-02-04 20:59:16 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0D8C654-2F4E-4875-9149-59F968B2D437}\mpengine.dll 2014-02-04 05:12:32 -------- d-----w- C:\Users\Administrator.OPTIMUS\AppData\Roaming\SUPERAntiSpyware.com 2014-02-04 05:11:28 -------- d-----w- C:\Users\Administrator.OPTIMUS\AppData\Roaming\Malwarebytes 2014-01-22 02:32:59 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll . ==================== Find3M ==================== . 2014-01-22 02:38:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-22 02:38:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-12-18 12:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 17:44:56.15 =============== ATTACH FILE . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 1/3/2011 9:50:51 AM System Uptime: 2/4/2014 1:36:35 PM (28 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i5 CPU M 460 @ 2.53GHz | N/A | 2534/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 361 GiB total, 188.762 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP456: 1/16/2014 3:00:18 AM - Windows Update RP457: 1/21/2014 8:25:10 PM - Windows Update RP458: 1/21/2014 8:31:52 PM - Installed Java 7 Update 51 RP459: 1/28/2014 7:25:00 PM - Windows Update RP460: 2/3/2014 6:19:05 PM - Removed Skype™ 6.11 RP461: 2/3/2014 6:35:19 PM - Removed Java 7 Update 25 (64-bit) RP462: 2/4/2014 1:42:47 PM - Removed Skype™ 6.11 RP463: 2/4/2014 1:45:07 PM - Removed Skype Click to Call RP464: 2/4/2014 2:58:33 PM - Windows Update . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 12 Plugin Adobe Reader XI (11.0.03) Adobe Shockwave Player 12.0 Alps Pointing-device for VAIO Apple Application Support Apple Mobile Device Support Apple Software Update Application Manager for VAIO ArcSoft WebCam Companion 3 Audacity 2.0.2 avast! Free Antivirus Baldur's Gate Baldur's Gate II Belarc Advisor 8.2 Best Buy pc app Bonjour BufferChm C4700 CCleaner Cisco WebEx Meetings Compatibility Pack for the 2007 Office system Counter-Strike: Global Offensive Counter-Strike: Source Coupon Printer for Windows D3DX10 Destinations DeviceDiscovery Diablo II Diablo III Dungeon Siege 2 Dungeon Siege 2 Broken World GOG.com Downloader version 3.5.8 Google Talk Plugin GPBaseService2 Hero Editor V0.96 HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Officejet Pro 8600 Basic Device Software HP Photo Creations HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply IIS 7.5 Express Intel PROSet Wireless Intel WiMAX Tutorial Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Processor ID Utility Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver Intel® Wireless Display Intel® PROSet/Wireless WiMAX Software iTunes Java 7 Update 25 (64-bit) Java 7 Update 51 Java Auto Updater Java SE Development Kit 7 Update 4 (64-bit) JavaFX 2.1.0 (64-bit) JavaFX 2.1.0 SDK (64-bit) Junk Mail filter update League of Legends Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch Media Gallery Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Download Manager Microsoft Halo Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Sync Framework 2.0 Core Components (x64) ENU Microsoft Sync Framework 2.0 Provider Services (x64) ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Network64 Notepad++ Oasis2Service OOBE Oracle VM VirtualBox 4.2.6 Pando Media Booster Planescape Torment PlayReady PC Runtime amd64 PMB PMB VAIO Edition Guide PMB VAIO Edition plug-in (Click to Disc) PMB VAIO Edition plug-in (VAIO Image Optimizer) PMB VAIO Edition plug-in (VAIO Movie Story) PS_AIO_06_C4700_SW_Min QuickTime QuickTransfer Realtek High Definition Audio Driver Remote Play with PlayStation 3 Remote Play with PlayStation®3 Respondus LockDown Browser Scan Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Shop for HP Supplies SmartWebPrinting SolutionCenter StarCraft II Status Steam SUPERAntiSpyware swMSM SyncToy 2.1 (x64) Team Fortress 2 Toolbox TrayApp UltraVNC 1.0.6.4 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) VAIO - Media Gallery VAIO - PMB VAIO Edition Guide VAIO - PMB VAIO Edition plug-in (Click to Disc) VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) VAIO Care VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Help and Support VAIO Manual VAIO Media plus VAIO Media plus Opening Movie VAIO Movie Story Template Data VAIO Quick Web Access VAIO Sample Contents VAIO Smart Network VAIO Survey VAIO Transfer Support VAIO Update VAIO Wireless Wizard Ventrilo Client for Windows x64 VirtualCloneDrive WebReg Windows 7 USB/DVD Download Tool Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 2/4/2014 1:42:37 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004 2/4/2014 1:38:27 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
  18. I was advised to post here, these are the 2 logs as requested. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by Ray at 18:18:20 on 2014-01-10Microsoft Windows 7 Ultimate 6.1.7601.1.1252.2.1033.18.4094.1951 [GMT -5:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Microsoft LifeCam\MSCamS64.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Logitech Gaming Software\LCore.exeC:\Windows\vVX3000.exeC:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exeC:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exeC:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Ray\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: KeyBar 1.29 Toolbar: {8a184644-a171-4b05-bc9a-28d75ffc9505} - C:\Program Files (x86)\KeyBar_1.29\prxtbKeyB.dllmURLSearchHooks: KeyBar 1.29 Toolbar: {8a184644-a171-4b05-bc9a-28d75ffc9505} - C:\Program Files (x86)\KeyBar_1.29\prxtbKeyB.dllmWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [Google Update] "C:\Users\Ray\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [AdobeBridge] <no file>mRun: [TaskTray] <no file>dRunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect"StartupFolder: C:\Users\Ray\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ray\AppData\Roaming\Dropbox\bin\Dropbox.exeuPolicies-Explorer: NoResolveTrack = dword:1uPolicies-Explorer: HideSCAHealth = dword:1uPolicies-Explorer: NoDriveTypeAutoRun = dword:181mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableSecureUIAPaths = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: EnableVirtualization = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-System: SynchronousMachineGroupPolicy = dword:1mPolicies-System: SynchronousUserGroupPolicy = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:181Trusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: Interfaces\{712EA71D-5EA0-4DCC-B254-E06D21529645} : DHCPNameServer = 204.197.191.194 38.117.85.2Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dllSSODL: WebCheck - <orphaned>IFEO: notepad.exe - "C:\Program Files\Notepad2\Notepad2.exe" /zx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimizedx64-Run: [VX3000] C:\Windows\vVX3000.exex64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrunx64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressbootx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-IFEO: notepad.exe - "C:\Program Files\Notepad2\Notepad2.exe" /z.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\thzl08n6.default\FF - prefs.js: browser.search.selectedEngine - KeyBar 1.29 Customized Web SearchFF - prefs.js: network.proxy.type - 0FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dllFF - plugin: C:\Users\Ray\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\thzl08n6.default\extensions\{8a184644-a171-4b05-bc9a-28d75ffc9505}\plugins\np-mswmp.dllFF - plugin: C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\thzl08n6.default\extensions\{8a184644-a171-4b05-bc9a-28d75ffc9505}\plugins\npConduitFirefoxPlugin.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll.---- FIREFOX POLICIES ----FF - user.js: network.http.max-persistent-connections-per-server - 4FF - user.js: nglayout.initialpaint.delay - 600FF - user.js: content.notify.interval - 600000FF - user.js: content.max.tokenizing.time - 1800000FF - user.js: content.switch.threshold - 600000FF - user.js: extensions.autoDisableScopes - 0FF - user.js: extensions.shownSelectionUI - true.============= SERVICES / DRIVERS ===============.R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-8 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-8 701512]R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2007-1-14 239176]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2007-1-12 96256]R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-5-10 66728]R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-4-11 410184]R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-4-11 341832]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-8 25928]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-2-12 49152]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-14 111616]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-5-7 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-3 1255736].=============== Created Last 30 ================.2014-01-10 21:26:16 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B475364-D97B-4667-94DD-04299335CC5A}\mpengine.dll2014-01-08 21:36:36 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-01-08 21:36:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-02 20:28:03 -------- d-----w- C:\Users\Ray\AppData\Local\Wajam2014-01-02 19:33:30 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-01-02 19:33:30 -------- d-----w- C:\Program Files\iTunes2014-01-02 19:33:30 -------- d-----w- C:\Program Files\iPod2014-01-02 19:33:30 -------- d-----w- C:\Program Files (x86)\iTunes2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin7.dll2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin6.dll2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll2014-01-02 19:24:35 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll2014-01-02 05:01:07 -------- d-----w- C:\Users\Ray\AppData\Roaming\LockHunter2014-01-02 02:42:16 -------- d-----w- C:\Users\Ray\AppData\Roaming\Malwarebytes2014-01-02 02:42:09 -------- d-----w- C:\ProgramData\Malwarebytes2014-01-02 02:34:30 -------- d-----w- C:\Users\Ray\AppData\Local\Mozilla2013-12-29 00:35:31 -------- d-----w- C:\ProgramData\Western Digital2013-12-24 23:32:06 -------- d-----w- C:\Windows\SysWow64\SearchProtect2013-12-24 00:51:46 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-12-24 00:51:46 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-12-24 00:51:46 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-12-24 00:51:46 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-12-24 00:51:46 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-12-24 00:51:46 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-12-24 00:51:46 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-12-15 01:08:56 -------- d-----w- C:\Users\Ray\AppData\Local\LogMeIn Hamachi2013-12-15 01:08:55 -------- d-----w- C:\Users\Ray\AppData\Local\LogMeIn2013-12-15 01:08:55 -------- d-----w- C:\ProgramData\LogMeIn2013-12-15 01:07:25 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi2013-12-12 03:06:37 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe2013-12-12 03:06:37 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe2013-12-12 03:06:36 12625920 ----a-w- C:\Windows\System32\wmploc.DLL2013-12-12 03:06:35 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL.==================== Find3M ====================.2013-12-11 02:48:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 02:48:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-11-28 20:32:54 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-19 08:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll2013-10-30 01:50:10 3159040 ----a-w- C:\Windows\System32\win32k.sys2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll.============= FINISH: 18:19:07.75 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1Install Date: 30/09/2012 12:47:05 AMSystem Uptime: 10/01/2014 4:19:27 PM (2 hours ago).Motherboard: ECS | | Nettle3Processor: AMD Phenom 8450 Triple-Core Processor | Socket AM2 | 2100/201mhz.==== Disk Partitions =========================..==== Installed Programs ======================.Adobe AIRAdobe Download AssistantAdobe Flash Player 11 PluginAdobe Help ManagerAdobe Reader XI (11.0.05)Adobe Shockwave Player 12.0AMD Accelerated Video TranscodingAMD APP SDK RuntimeAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD FuelAMD Media Foundation DecodersAMD VISION Engine Control CenterApple Application SupportApple Mobile Device SupportApple Software UpdateARMA 2ARMA 2: Operation ArrowheadAttribute Changer 6.20Audacity 2.0.3AudiosurfAuto Clicker v1.3Axife Mouse Recorder DEMO 5.01BattlEye for OA UninstallBattlEye UninstallBonjourBundled software uninstallerCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCheat Engine 6.2Chivalry: Medieval WarfareClipNameCounter-Strike: Global OffensiveCounter-Strike: SourceDayZ CommanderDisney Toontown OnlineDriver Genius Professional EditionDropboxDwarfs F2PExecParm Context MenuGarry's ModGoogle ChromeGrand Theft Auto IVGrand Theft Auto: Episodes from Liberty CityGTA2Half-Life 2: DeathmatchHashTab 4.0.0.2iTunesJava 7 Update 45Java Auto UpdaterJava 6 Update 29K-Lite Codec Pack (64-bit) v4.6.8K-Lite Mega Codec Pack 7.1.8Killing FloorLammer Context Menu v1.0.3.6Left 4 Dead 2LockHunter version 1.0 beta 3, 64 bit editionLogitech Gaming SoftwareLogitech Gaming Software 8.40LogMeIn HamachiMalwarebytes Anti-Malware version 1.75.0.1300McPixelMicroangelo On Display (x64)Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft CorporationMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft LifeCamMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Xbox 360 Accessories 1.2Microsoft XNA Framework Redistributable 3.1Mozilla Firefox 7.0.1 (x86 en-US)MP3 Skype RecorderNotepad2 (Notepad Replacement)NVIDIA 3D Vision Controller Driver 306.97NVIDIA Control Panel 306.97NVIDIA Graphics Driver 306.97NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.12.0604NVIDIA Update 1.10.8NVIDIA Update ComponentsPlanetSide 2QuickTimeRAR Password CrackerRealtek High Definition Audio DriverRestorator 2007 Trial Update 2RollScribblenauts UnlimitedSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)SFXMakerSketchpadSkype™ 6.11StarboundSteamswMSMSystem Requirements Lab CYRITeam Fortress 2Toontown Keep-AliveToontown Multi-ControlUltraISO Premium V9.36Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Virtual Audio Cable 4.10VTFEdit 1.2.5WinampWinamp Detector Plug-inWinamp Essentials PackWindows 7 ManagerWindows Live ID Sign-in AssistantWindows Media Player Plus! 1.1Windows Registry Shell ExtensionWindows Style Builder 1.5WinPatrolWinRAR 4.01 (64-bit)WMPx64PluginFixXChat 2 (remove only)xDark™ Firefox Killer 7.0.1 (x86 en-GB)xDark™ VLC Player 1.1.11.==== End Of File ===========================
  19. Hi, I'm not too sure if I'm posting in the right place but Skype does not work at all when I try and sign in. I used MBAM to clean up my computer, but after when I tried to use Skype within the next day it keeps signing in forever or if it does sign in it keeps refreshing the messages forever, so I cannot receive or send messages or calls. It's been like this for days now.
  20. So heres what happened. Someone on my skype friends list sent me a link and a message saying "When was the last time you saw this picture? [Link] :D" So when I asked him what it was since hes an idiot and doesn't realize that its a pretty big deal he told me to click it and download it. So (I know its mostly my fault) I clicked it like an idiot that I am because I didnt realize that this kind of stuff happened on skype. So basically I asked my other friend who's really good with computer and he said it was a botnet (I dont really know much about this stuff). And he told me to download Malwarebytes. Malwarebytes keeps telling me its blocking a potentially malicious website and the site is 94.76.244.133 and this message pops up like every 2 minutes. Anyone know how to fix this? Thanks in advanced.
  21. Hi, A couple of months back i was befriended by a stranger on Skype. McAfee Antivirus software was running on my Windows 7 pc. While chatting with this person my Antivirus software alerted me that my pc was being probed through various ports. I immediately closed all contact with this person, but the damage had already been done. Various ports on my pc get probed from all over the net on a daily basis. +50/daily Recently i installed Malwarebytes and scanned all my files. It found PUP:Datamangr in the registry and i promptly removed the registry entry and rebooted the pc. i thought i had finally beaten the zombies knocking on my pc ports. McAfee security history files showed no probing for quite a few hours, until it reported that 192.168.1.1 was probing port 49726 and then port 2869. Soon after that the zombies started probing my pcports again. Mind you nothing has happened, but it can be just a matter of time until somehow they get through. Now, 192.168.1.1 is the ip address of my local FIOS router, right? It seems that there is an undetected beacon program on my pc? All the incoming ip addresses used in the port probing seem to be legit business, so i image the true ip addresses are being spoofed? Can you please help? DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2 Run by Miguel at 16:33:01 on 2013-02-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4004.2343 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\System32\svchost.exe -k NetworkService C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\SearchIndexer.exe C:\windows\System32\rundll32.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Windows\System32\igfxtray.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe C:\Users\Miguel\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe C:\Program Files\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uURLSearchHooks: {2421d847-721c-404f-87b4-bbd2b95d1087} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: SelectionLinksBHO Class: {300BEC06-B743-4D19-86B9-11DC711D7FFB} - BHO: UnfriendApp: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\UnfriendApp\IE\common.dll BHO: SDHelper: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20121005034905.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Miguel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Miguel\AppData\Roaming\Dropbox\bin\Dropbox.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll LSP: C:\windows\System32\EasyRedirect.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {B1D21FC5-A742-4261-86F2-C7B7F1A31C5D} - hxxp://localhost:8888/jde/axctls/jdewebctlsU.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vpn.autopartintl.com/dana-cached/sc/JuniperSetupClient.cab TCP: NameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{042674BB-204D-48A7-83D4-401F348215B0} : DHCPNameServer = 172.6.1.161 TCP: Interfaces\{D3D5CE1E-CD11-4F92-BA67-740500E78CB1} : DHCPNameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{D3D5CE1E-CD11-4F92-BA67-740500E78CB1}\94E6E616475623 : DHCPNameServer = 192.168.1.1 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: SDWinLogon - SDWinLogon.dll AppInit_DLLs= c:\progra~3\browse~1\261123~1.78\{61d8b~1\browse~1.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20121005034904.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} - hxxp://javadl-esd.oracle.com/update/1.6.0/jinstall-6u21-windows-i586.cab x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2011-3-13 771096] R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2011-3-13 339776] R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-7-13 55856] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-7-13 89600] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-9 173568] R2 EasyRedirect;EasyRedirect;C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe [2012-12-22 3575120] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-13 13336] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-5 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-5 682344] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-5 201304] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-5 201304] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-5 201304] R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-7-13 241016] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-7-13 218320] R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2012-7-13 182312] R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2011-3-13 69672] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-7-13 176000] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-7-13 317440] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-2-5 24176] R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2011-3-13 309400] R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2011-3-13 515528] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-7-13 533096] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2012-10-5 196440] S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-7-13 224704] S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\drivers\mferkdet.sys [2011-3-13 106112] S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-9-4 25584] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-7-13 250984] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-5 201304] . =============== Created Last 30 ================ . 2013-02-08 23:25:27 -------- d-----r- C:\Program Files (x86)\Skype 2013-02-08 19:28:41 -------- d-----w- C:\Users\Miguel\AppData\Roaming\PhrozenSoft 2013-02-08 19:27:08 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-07 22:21:17 98 ----a-w- C:\windows\DeleteOnReboot.bat 2013-02-05 18:44:39 -------- d-----w- C:\Users\Miguel\AppData\Roaming\Malwarebytes 2013-02-05 18:44:18 -------- d-----w- C:\ProgramData\Malwarebytes 2013-02-05 18:44:16 24176 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-02-05 18:44:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-01-18 16:47:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-01-18 16:47:00 17272 ----a-w- C:\windows\System32\sdnclean64.exe 2013-01-18 16:46:53 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-01-18 16:46:24 -------- d-----w- C:\Users\Miguel\AppData\Local\Programs . ==================== Find3M ==================== . 2013-02-08 19:27:00 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll 2013-02-08 19:27:00 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll 2013-02-08 17:39:55 74096 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-08 17:39:55 697712 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-01-17 23:40:23 102248 ----a-w- C:\Users\Miguel\GoToAssistDownloadHelper.exe 2012-12-26 14:55:26 69672 ----a-w- C:\windows\System32\drivers\cfwids.sys 2012-12-26 14:52:44 339776 ----a-w- C:\windows\System32\drivers\mfewfpk.sys 2012-12-26 14:52:34 182312 ----a-w- C:\windows\System32\mfevtps.exe 2012-12-26 14:51:34 10288 ----a-w- C:\windows\System32\drivers\mfeclnk.sys 2012-12-26 14:51:24 106112 ----a-w- C:\windows\System32\drivers\mferkdet.sys 2012-12-26 14:50:48 771096 ----a-w- C:\windows\System32\drivers\mfehidk.sys 2012-12-26 14:49:42 515528 ----a-w- C:\windows\System32\drivers\mfefirek.sys 2012-12-26 14:49:00 309400 ----a-w- C:\windows\System32\drivers\mfeavfk.sys 2012-12-26 14:48:30 178840 ----a-w- C:\windows\System32\drivers\mfeapfk.sys 2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\windows\System32\KernelBase.dll 2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-23 03:26:31 3149824 ----a-w- C:\windows\System32\win32k.sys 2012-11-23 03:13:57 68608 ----a-w- C:\windows\System32\taskhost.exe 2012-11-22 20:10:42 539984 ----a-w- C:\windows\System32\EasyRedirect64.dll 2012-11-22 20:10:40 380240 ------w- C:\windows\SysWow64\EasyRedirect.dll 2012-11-22 05:44:23 800768 ----a-w- C:\windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll 2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb . ============= FINISH: 16:34:13.77 =============== attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.