Jump to content

Search the Community

Showing results for tags 'coin-miner'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 2 results

  1. Hi team, thanks in advance for your help! I've been trying to remove this coin-miner, but I have so far not succeeded. Please see the attached txt files from the dds script. I am an IT guy, so don't hesitate to ask me to do some advanced things if needed... attach.txt dds.txt
  2. My sister is having a trouble and I try to solve her problem through teamviewer. And here is the log from dds. This is attach log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 17/11/2009 17:04:22 System Uptime: 30/01/2013 23:58:04 (1 hours ago) . Motherboard: Acer, Inc. | | Grasmoor Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-70 | Socket M2/S1G1 | 500/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 59 GiB total, 7.521 GiB free. D: is FIXED (NTFS) - 90 GiB total, 27.912 GiB free. E: is CDROM () F: is CDROM () H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: Device ID: ROOT\ESET_EPFWNDISMP\0011 Manufacturer: Name: PNP Device ID: ROOT\ESET_EPFWNDISMP\0011 Service: . Class GUID: Description: Device ID: ROOT\ESET_EPFWNDISMP\0012 Manufacturer: Name: PNP Device ID: ROOT\ESET_EPFWNDISMP\0012 Service: . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer 7-Zip 9.20 Acer Crystal Eye Webcam Adobe AIR Adobe Color Common Settings Adobe Community Help Adobe ExtendScript Toolkit 2 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Photoshop Lightroom 3.3 Adobe Reader 8.3.1 Adobe Setup Adobe Shockwave Player 11.6 Advertising Center Apple Application Support Apple Mobile Device Support Apple Software Update AVS Update Manager 1.0 AVS Video Converter 7 AVS4YOU Software Navigator 1.4 BitComet 1.29 BitComet Accelerator 3.2 BlackBerry Desktop Software 7.0 Bloom Bonjour calibre Canon MP110 Canon ScanGear Starter CBR Reader CCleaner Concise Oxford Dictionary (Tenth Edition) CSL 3.5G Connect version 2.0 CursorFX DAEMON Tools Lite DirectVobSub 2.41.5322 DolbyFiles Fences GIF Viewer 3.1 GOM Player Google Chrome Google Update Helper HSDPA USB Modem version 4.882 iCloud IIS Advanced Logging 1.0 IIS Database Manager IIS Search Engine Optimization Toolkit 1.0 IIS URL Rewrite Module 2 ImagXpress Internet Download Manager Internet Information Services (IIS) 7 Manager iTunes Java 7 Update 9 Java Auto Updater JavaFX 2.1.1 Junk Mail filter update K-Lite Codec Pack 9.0.2 (Basic) Malwarebytes Anti-Malware version 1.70.0.1100 Menu Templates - Starter Kit Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Application Request Routing Version 2 for IIS 7 Microsoft Choice Guard Microsoft Default Manager Microsoft External Cache Version 1 for IIS 7 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Management Objects Microsoft SQL Server 2008 Native Client Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ Run Time Lib Setup Microsoft Web Farm Framework Version 1 for IIS 7 Microsoft Web Platform Installer 2.0 Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 MobileMe Control Panel Movie Templates - Starter Kit Mozilla Firefox (3.6.26) Mozilla Firefox 19.0 (x86 en-US) Mozilla Maintenance Service MP3 Cutter 10.1.0 MPC-HC 1.6.2.4902 MpcStar 4.9 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MySQL Connector Net 5.2.5 Nero 9 Nero BurnRights Nero ControlCenter Nero CoverDesigner Nero Disc Copy Gadget Nero DiscSpeed Nero DriveSpeed Nero InfoTool Nero Installer Nero PhotoSnap Nero Recode Nero Rescue Agent Nero ShowTime Nero StartSmart Nero Vision Nero WaveEditor NeroBurningROM NeroExpress neroxml Norton Internet Security NVIDIA Drivers ObjectBar Octoshape Streaming Services Paint.NET v3.5.6 PDF Settings CS5 Picasa 3 QuickTime Reader for PC RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Safari Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2466156) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB978382) Security Update for Microsoft Office Groove 2007 (KB2494047) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office Outlook 2007 (KB2288953) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Skype™ 5.5 SoundTrax SQL Server System CLR Types Subtitle Workshop 2.51 SumatraPDF swMSM TeamViewer 8 The KMPlayer (remove only) TweetDeck Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (KB2536413) VC80CRTRedist - 8.0.50727.6195 VLC media player 2.0.3 VobSub v2.23 (Remove Only) Vodafone Mobile Connect Lite Web Deployment Tool Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Remote Service Windows Live Sync Windows Live Upload Tool Windows Live Writer WinRAR archiver WinZip 12.0 Yahoo! BrowserPlus 2.9.8 Yahoo! Messenger Yahoo! Search Protection Yahoo! Software Update Yahoo! Toolbar YourFileDownloader . ==== Event Viewer Messages From Past Week ======== . 31/01/2013 0:00:32, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 31/01/2013 0:00:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 31/01/2013 0:00:26, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 30/01/2013 22:03:33, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding 29/01/2013 21:22:37, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Remote Procedure Call (RPC) service, but this action failed with the following error: A system shutdown has already been scheduled. 29/01/2013 21:22:37, Error: Service Control Manager [7031] - The RPC Endpoint Mapper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 29/01/2013 21:22:37, Error: Service Control Manager [7031] - The Remote Procedure Call (RPC) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 29/01/2013 21:22:23, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled. 29/01/2013 21:22:23, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled. 29/01/2013 21:22:23, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 29/01/2013 21:22:23, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 29/01/2013 21:22:23, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 29/01/2013 21:22:15, Error: Service Control Manager [7034] - The World Wide Web Publishing Service service terminated unexpectedly. It has done this 1 time(s). 29/01/2013 21:22:15, Error: Service Control Manager [7031] - The Windows Process Activation Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Run the configured recovery program. 29/01/2013 21:22:09, Error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s). 29/01/2013 21:16:35, Error: Microsoft-Windows-WHEA-Logger [20] - A fatal hardware error has occurred. Component: AMD Northbridge Error Source: Machine Check Exception Error Type: 11 Processor ID: 0 The details view of this entry contains further information. 29/01/2013 21:15:26, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x00000000, 0x875328fc, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\Minidump\012913-41777-01.dmp. Report Id: 012913-41777-01. 29/01/2013 20:22:46, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.103. The computer with the IP address 192.168.1.101 did not allow the name to be claimed by this computer. 29/01/2013 20:17:57, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x00000000, 0x875834dc, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\Minidump\012913-36956-01.dmp. Report Id: 012913-36956-01. 29/01/2013 20:11:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 29/01/2013 20:11:52, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 29/01/2013 20:11:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 29/01/2013 20:11:31, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 29/01/2013 20:11:20, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccSet_NIS discache eeCtrl IDSVix86 spldr SRTSPX SymIRON SymNetS Wanarpv6 29/01/2013 20:03:16, Error: Service Control Manager [7023] - The IPsec Policy Agent service terminated with the following error: The authentication service is unknown. 29/01/2013 19:52:11, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x00000000, 0x875cb024, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\Minidump\012913-43773-01.dmp. Report Id: 012913-43773-01. 29/01/2013 11:59:14, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 29/01/2013 11:54:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Vodafone Mobile Connect Service service to connect. 27/01/2013 10:52:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 27/01/2013 10:52:13, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 24/01/2013 23:36:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect. 24/01/2013 23:36:43, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 24/01/2013 23:36:43, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} 24/01/2013 0:19:42, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x00000000, 0x875a68fc, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\Minidump\012413-44990-01.dmp. Report Id: 012413-44990-01. . ==== End Of File =========================== Here is dds log DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.9.2 Run by fatehah at 0:31:07 on 2013-01-31 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.60.1033.18.2814.1530 [GMT 7:00] . AV: ESET Smart Security 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET Smart Security 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\inetsrv\inetinfo.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\Explorer.EXE C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Stardock\CursorFX\CursorFX.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\TeamViewer\Version8\tv_w32.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Windows\system32\taskhost.exe C:\Users\fatehah\AppData\Roaming\Mining\coin-miner.exe C:\Windows\system32\conhost.exe C:\Windows\system32\WerFault.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox 4.0 Beta 4\firefox.exe C:\Program Files\Mozilla Firefox 4.0 Beta 4\plugin-container.exe C:\Program Files\Mozilla Firefox 4.0 Beta 4\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe c:\program files\teamviewer\version8\TeamViewer_Desktop.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\svchost.exe -k ftpsvc C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = hxxp://home.sweetim.com/?st=2&barid={19F69080-8BBB-11E1-B629-93268CD5940B} uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: {90b49673-5506-483e-b92b-ca0265bd9ca8} - <orphaned> uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\19.9.0.9\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\19.9.0.9\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.0.9\coieplg.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.0.9\coieplg.dll TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> EB: Search panel: {5DABD05C-E98A-9532-6608-DAF07B9D597B} - EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [CursorFX] "c:\program files\stardock\cursorfx\CursorFX.exe" dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background StartupFolder: c:\users\fatehah\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe StartupFolder: c:\users\fatehah\appdata\roaming\micros~1\windows\startm~1\programs\startup\VIIKII~1.LNK - StartupFolder: c:\users\fatehah\appdata\roaming\micros~1\windows\startm~1\programs\startup\ziggytv (minimized).lnk - c:\program files\ziggytv\ZiggyTV.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoAutorun = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\get styles\ct.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206 IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\fatehah\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 202.73.99.4 61.247.0.2 202.73.99.2 TCP: Interfaces\{0C5994FE-9CA8-4797-8B21-3684F5E91076} : DHCPNameServer = 202.73.99.4 61.247.0.2 202.73.99.2 TCP: Interfaces\{0C5994FE-9CA8-4797-8B21-3684F5E91076}\164686F636 : DHCPNameServer = 192.168.137.1 TCP: Interfaces\{0C5994FE-9CA8-4797-8B21-3684F5E91076}\164686F63623 : DHCPNameServer = 192.168.137.1 TCP: Interfaces\{0C5994FE-9CA8-4797-8B21-3684F5E91076}\55B425944414 : DHCPNameServer = 172.19.0.1 172.18.0.1 TCP: Interfaces\{0C5994FE-9CA8-4797-8B21-3684F5E91076}\C47437361627C65647 : DHCPNameServer = 202.73.99.2 202.73.99.4 61.247.0.4 TCP: Interfaces\{74829032-F291-431B-8BBA-A3F1BF788852} : DHCPNameServer = 203.82.64.145 203.82.64.129 TCP: Interfaces\{7F8589E2-F396-40AA-8C95-FF06300B0919} : DHCPNameServer = 202.73.99.4 61.247.0.2 202.73.99.2 61.247.0.4 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: MCPClient - c:\progra~1\common~1\stardock\mcpstub.dll SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - c:\progra~1\common~1\stardock\MCPCore.dll SSODL: WebCheck - <orphaned> STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1572363&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://www.dymasearch.com/search.php?src=tops&q= FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll FF - component: c:\users\fatehah\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\RadioWMPCore.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\RadioWMPCoreGecko19.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{7762a897-2a75-4e3f-a3a7-55bd098b9879}\components\RadioWMPCore.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{7762a897-2a75-4e3f-a3a7-55bd098b9879}\components\RadioWMPCoreGecko19.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\components\RadioWMPCore.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\components\RadioWMPCoreGecko19.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\engine@conduit.com\components\RadioWMPCore.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - component: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npBitCometAgent.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\nppdf32.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\nppl3260.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin2.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin3.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin4.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin5.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin6.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\npqtplugin7.dll FF - plugin: c:\program files\mozilla firefox 4.0 beta 4\plugins\nprpplugin.dll FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll FF - plugin: c:\program files\sony\readerdesktop\npreaderdetectmoz.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll FF - plugin: c:\users\fatehah\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll FF - plugin: c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\plugins\np-mswmp.dll FF - plugin: c:\users\fatehah\appdata\roaming\mozilla\plugins\npoctoshape.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll FF - ExtSQL: 2012-12-12 20:49; 50c8a26b04b88@50c8a26b04bc1.com; c:\users\fatehah\appdata\roaming\mozilla\firefox\profiles\9x0pux3c.default\extensions\50c8a26b04b88@50c8a26b04bc1.com.xpi . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true FF - user.js: google.toolbar.linkdoctor.enabled - false FF - user.js: extensions.BabylonToolbar_i.id - 44aeba08000000000000061fe2a4e5df FF - user.js: extensions.BabylonToolbar_i.hardId - 44aeba08000000000000061fe2a4e5df FF - user.js: extensions.BabylonToolbar_i.instlDay - 15389 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.170:46:27 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109980 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309000.009\symds.sys [2012-10-2 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309000.009\symefa.sys [2012-10-2 924320] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20121130.005\BHDrvx86.sys [2012-12-4 995488] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309000.009\ccsetx86.sys [2012-10-2 132768] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-1-3 242240] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20121204.001\IDSvix86.sys [2012-12-5 386720] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309000.009\ironx86.sys [2012-10-2 149624] R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1309000.009\symnets.sys [2012-10-2 318584] R2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe -k ftpsvc [2009-7-14 20992] R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2010-11-3 83184] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-29 398184] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-29 682344] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.9.0.9\ccsvchst.exe [2012-10-2 138272] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608] R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-1-30 3467768] R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-11-4 14336] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-12 106656] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-29 21104] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1ca6851f6ce18b0;Perkhidmatan Kemas Kini Google (gupdate1ca6851f6ce18b0);c:\program files\google\update\GoogleUpdate.exe [2009-11-18 133104] S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\bitcomet\tools\bitcometservice.exe -service --> c:\program files\bitcomet\tools\BitCometService.exe -service [?] S3 bmusbser;Network Connect USB Device for Legacy Serial Communication;c:\windows\system32\drivers\bmusbser.sys [2010-9-10 105216] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-28 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-11-12 7680] S3 MsDepSvc;Web Deployment Agent Service;c:\program files\iis\microsoft web deploy\MsDepSvc.exe [2010-1-19 55184] S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;c:\windows\system32\drivers\cmusbser.sys [2010-9-4 97408] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-9 1343400] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2010-9-6 110080] S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\zteusbvoice.sys [2010-9-6 104960] S4 wlcrasvc;Windows Live Devices remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-6-4 49504] . =============== File Associations =============== . ShellExec: BitComet.exe: open="c:\program files\bitcomet\BitComet.exe" ShellExec: DVDXPlayer.exe: open=c:\program files\dvd x studios\dvd x player 4.0 professional\DVDXPlayer.EXE" "%1 . =============== Created Last 30 ================ . 2013-01-30 14:22:56 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2013-01-30 11:08:24 -------- d-----w- c:\program files\TeamViewer 2013-01-29 14:44:14 -------- d-----w- c:\users\fatehah\appdata\roaming\Malwarebytes 2013-01-29 14:44:02 -------- d-----w- c:\programdata\Malwarebytes 2013-01-29 14:44:01 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-29 14:44:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-01-29 13:31:50 -------- d-----w- c:\programdata\HitmanPro 2013-01-29 12:26:43 -------- d-----w- c:\users\fatehah\appdata\roaming\Mining 2013-01-29 09:44:02 1272719 --sha-w- C:\010ac1be.exe 2013-01-29 09:43:35 1272719 --sha-w- C:\010a8183.exe 2013-01-29 09:42:00 824207 --sha-w- C:\AdobeART.exe 2013-01-29 09:41:12 824207 --sha-w- C:\01083c97.exe 2013-01-25 21:28:40 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 4 2013-01-18 00:56:41 -------- d-----w- c:\users\fatehah\appdata\roaming\RealNetworks 2013-01-18 00:56:15 -------- d-----w- c:\program files\RealNetworks 2013-01-18 00:56:05 -------- d-----w- c:\programdata\RealNetworks 2013-01-18 00:55:41 -------- d-----w- c:\program files\common files\xing shared 2013-01-18 00:55:15 153296 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll 2013-01-18 00:54:59 124056 ----a-w- c:\program files\mozilla firefox\plugins\nprpplugin.dll 2013-01-02 19:09:31 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-01-02 19:09:24 -------- d-----w- c:\users\fatehah\appdata\roaming\DAEMON Tools Lite 2013-01-02 19:09:20 -------- d-----w- c:\program files\DAEMON Tools Lite 2013-01-02 19:08:55 -------- d-----w- c:\programdata\DAEMON Tools Lite . ==================== Find3M ==================== . 2013-01-18 00:54:35 499712 ----a-w- c:\windows\system32\msvcp71.dll 2013-01-18 00:54:35 348160 ----a-w- c:\windows\system32\msvcr71.dll 2013-01-09 08:13:46 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-09 08:13:46 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-11 10:47:21 409088 ----a-w- c:\windows\system32\systemcpl.dll . ============= FINISH: 0:32:52.26 =============== Thank you for all your response
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.