Jump to content

Search the Community

Showing results for tags 'extension'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 25 results

  1. Hello. Malwarebyte detects the Video Downloader professional extension as malware. Is it a malware or false positive? Attached report and file. Greetings and thanks. Analisis.txt ffext_basicvideoext@startpage24.rar
  2. I've been having a problem with a PUP related to Google Chrome that doesn't go away. Frequently I would run Malwarebytes and scan my computer, along with AdwCleaner, and the same PUP keeps showing up no matter how many times I deleted it. I've tried clearing sync data for chrome and uninstalling chrome, and the pup still shows up. I've tried formatting my computer but the PUP showed up again after I redownloaded chrome. I don't know if it showed up when I synced my data again, but regardless this is worrying. The PUP hasn't affected performance, and as far as I know, done anything, but I'm still worried about it. Below I've attached my most recent log from AdwCleaner. Thanks AdwCleaner[C00].txt
  3. Hello, first time posting so please excuse any formatting mistakes. So somehow I got segurazo today, managed to remove most of it thanks to jumping into paranoia mode as soon as i saw something. Managed to remove facemoods and conduit as well which had been bothering me for a long time. All these thanks to adwcleaner 8 and Malwarebytes. Now there is this persistent chrome extension showing up in adwcleaner classified as a PUP.Optional.Legacy but i can't find it anywhere and when i quarantine it, it shows up again every time i launch chrome. Attached is my latest AdwCleaner scan log. It seems to be a chromium derivative but i can't seem to find any traces of chromium left-overs from today's blunder. Thanks in advance for any help. My job is on the line. AdwCleaner[S08].txt
  4. Namita

    False Positive

    Appears Browser Guard (in this instance on Firefox) is having a False Positive on website: aaroh.info VirusTotal shows all clean: https://www.virustotal.com/gui/url/3b61664e837b385c5666601251c6d30bbb7b2b25ab274579db40df16a7d75f0d/detection As said here (https://forums.malwarebytes.com/topic/253405-extension-blocking-tld/?do=findComment&comment=1343777) : It's totally unacceptable and everyone would agree to this users statement (https://forums.malwarebytes.com/topic/252629-why-is-my-website-blocked/?do=findComment&comment=1339923): Fix this policy or it will create serious trouble for you guys soon.
  5. Hi, All my computer files have been infected and the .heard extension has been added to all files. Please help to resolve the problem. Thank you
  6. An option to report a website for analysis (because it is suspicious). I asume MBAM also has automated analysis, so it is an extra option to collect URL's of malware sites. You could add some predifined options Suspicios because a) other security solutions warn for it (probably malware) b) mimics another website (probably phisining) c) behaves weird or suspiciously (probably hacked) d) other comment: ________________________________
  7. Hello, Back in May of this year I reported a bug to Malwarebytes by email about the Malwarebytes For Chrome browser extension conflicting with the Video DownloadHelper extension for Chrome, and this bug was confirmed by Malwarebytes after I reported it by email months ago. Here is an edited version of my report from back then: This conflict is still there, I was asked to report it here when I emailed Malwarebytes again to see if this bug was on the list of bugs to be fixed. This problem is pretty annoying for me and has prevented me from using the Malwarebytes extension for long, I have to keep disabling it, and so I usually give up using it until the next version comes out hoping that it will be fixed. I like the Malwarebytes extension and I would like to be able to use it again full-time one day and recommend it to others if this problem is fixed one day. Thank you, -John Jr
  8. Hey! I was playing overwatch, and when i stopped playing it i desided to go browse the internet. I use the latest version of Chrome, with Adblock Plus, Avira Browser Safety, Poper Blocker and with MalwerBytes Extensio BETA. And i saw that chrome was open (i closed it before playint OW) and i saw 25+ tabs open that was from my browser history (the links was drive-by-download links) and all of it was blocked by MalwareBytes. I did NOT open them, and the links was not suspicious. One of them was Skype download file... here are some photoes I think it was done by MalwareBytes extension. (the blocked links started to dissapeare from my history, strange huh?) Any help why did this happened?
  9. Hello, my google searches are being redirected to Bing, it is not simply my default search engine being switched. I have malware busted before and this one is very well hidden. Threat Scan: Those are not the problem, regardless they have been removed. FRST.txt Addition.txt Plz send halp.
  10. I installed the Malwarebytes Firefox Extension (beta) but every time i open this link rebrand.ly/advancedir which leads to my website's link https://usefulsoftwaresritesh.blogspot.in/2018/02/hey-friends-today-i-am-writing-about-my.html?zx=ee0185d9b1870d66, Malwarebytes blocks it telling that it is a phishing website. Very bad experience. You can download the screenshot from https://transfer.pcloud.com/download.html?code=5ZFFam7Zlx0spK89OqfZEeaLZMU0SDCihREHg3UVTbyQeYJBlhjCy.
  11. Hello, is this extension of Malwarebytes for Firefox true? https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ I did not see any announcements here in the forum, so I found it strange
  12. I'm having trouble getting rid of some virus that's redirecting all of my google searches to extension.citypage.today and then to a similar bing search. I've tested this with both Google Chrome and Microsoft Edge so I believe it isn't browser specific. Regardless I've tried everything I can think of and nothing has gotten rid of it. While I've also tried a couple of other antiviruses, none of them (including Malwarebytes premium free trial) have helped. I downloaded and ran the FRST scan like asked and attached the files. I also attached my most recent Malwarebytes threat scan. It does say it detects several PUPs but I'm 99.9% sure those aren't related to the extension.citypage.today problem since they didn't show up until after (I think i downloaded some antivirus that wasn't 100% trustworthy in my frantic scramble to try to get rid of this virus- not the best decision, and malwarebytes is having trouble getting rid of that too, but I'll deal with it later as it isn't an immediate problem) threatscan.txt Addition.txt FRST.txt
  13. In attempt to resolve the "Cannot "Allow" MalwareBytes system extension with 10.13 (High Sierra)" issue I disconnected my TeamViewer session and had the client click on Allow. Then took another remote session. The Security setting was allowed and the installer completed successfully. Then I restarted. The iMac no longer starts up. Apple Logo, progress bar slowly moves toward 100% but never completes. I tried having her boot into Safe Mode but that didn't work either. Even if it is Apple's fault. The computer was not having problems prior to installing Malwarebytes for Mac. This is terrible behavior for Malwarebytes and makes me look bad. I mean I'm a Malwarebytes partner and I recommended installing this application. Now I cannot charge for the hours of support. This client is also a friend and she is 265 miles from my office. So I either have to walk this 80 years-of-age woman through booting the iMac into Recovery mode and restoring her computer from her Time Machine backup, or I have to drive up there to fix this. This is the last time I install Malwarebytes remotely. I am hoping someone has seen this and has a simple fix, fingers crossed!
  14. During installation the following message appears "Checking for Authorization of the Malwarebytes Extension" I then get a screen telling me Installation Failed. I have modified Gatekeeper to allow software from "Anywhere" and have temporarily turned off SIP...all to no avail. Thoughts.....?? BTW: forgot to mention, I am running MacOS High Sierra 10.13.1 Beta (17B25c)
  15. Sometimes when I type something into my search bar, it will say: search with Yahoo and not google. MY default browser is google and always has been. In chrome settings, I have no malicious or suspicious extensions, but when I go to IObit uninstaller, it says I have an extension called hTab. "A great way to search the web, with Yahoo provided search on your new tab. If I force an uninstall through IOBit uninstaller, it successfully uninstalls, but the second I open up chrome it says that hTab has been installed through a program on my computer and I can either add it to chrome or remove it. If I remove it, it still shows up in IObit uninstaller and I can repeat the process. I believe I got this virus from an annoying malware that appeared on my computer a couple of times saying that there was an update for windows and that I needed to install a browser search extension. Could not exit out of this popup and if I went to any other computer program it would just keep popping up. Yes before you ask, I HAVE tried running Malwarebytes and it finds nothing. I have the link for the extension and all of the reviews (including mine) claim it to be malware. Please help me remove this annoying extension from chrome. I also don't know if IObit Uninstaller is a trusted program, it has worked perfectly for everything I have needed it to do, and if it weren't for it, I would not have known this extension existed
  16. I was trying to create a Jaxx bitcoin wallet using the Jaxx Chrome extension and Malwarebytes blocked its access to btc.blockr.io Everything I have read leads me to believe this is a false positive. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/8/17 Protection Event Time: 11:41 AM Logfile: Administrator: Yes -Software Information- Version: Components Version: 1.0.103 Update Package Version: 1.0.2111 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: btc.blockr.io IP Address: Port: [63085] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  17. I had recently installed the chrome extension "Extensity" and had found it very very useful. The link for it -> https://chrome.google.com/webstore/detail/extensity/jjmflmamggggndanpgfnpelongoepncg Its an extension to toggle other chrome extensions on or off with a press of a button. I just loved it. But doing a scan with adwcleaner, flagged it as a threat & hence i deleted it. But the other reviews state that the extension is not a malware & is safe. Could it be a false positive? Ive posted the log file here.. Can someone please please guide me on this. I so loved the extension.. :'( PLEASE i need help on this.. # AdwCleaner v6.030 - Logfile created 03/11/2016 at 09:25:16 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-02.1 [Local] # Operating System : Windows 7 Professional Service Pack 1 (X64) # Username : Rebecca - REBECCA-PC # Running from : C:\Users\Rebecca\Downloads\Programs & setup files\adwcleaner_6.030.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Folder Found: C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Web browsers ] ***** No malicious Firefox based browser items found. Chrome pref Found: [C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - jjmflmamggggndanpgfnpelongoepncg Chrome pref Found: [C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 2\Web data] - aol.com Chrome pref Found: [C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Profile 2\Web data] - ask.com ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1451 Bytes] - [28/10/2016 08:03:49] C:\AdwCleaner\AdwCleaner[C2].txt - [1474 Bytes] - [28/10/2016 21:00:17] C:\AdwCleaner\AdwCleaner[S0].txt - [1492 Bytes] - [28/10/2016 07:52:16] C:\AdwCleaner\AdwCleaner[S2].txt - [1573 Bytes] - [28/10/2016 20:40:43] C:\AdwCleaner\AdwCleaner[S3].txt - [1558 Bytes] - [30/10/2016 06:38:15] C:\AdwCleaner\AdwCleaner[S4].txt - [1558 Bytes] - [30/10/2016 07:19:07] C:\AdwCleaner\AdwCleaner[S5].txt - [2031 Bytes] - [03/11/2016 08:17:56] C:\AdwCleaner\AdwCleaner[S6].txt - [1951 Bytes] - [03/11/2016 09:25:16] ########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2024 Bytes] ##########
  18. Hello everybody, (sorry if this is the wrong forum for the topic) I have problems with an extension called helper2 on firefox and google chrome. I have purchased Malwarebytes anti-malware few months ago and it was working fine until last couple weeks, when this seemingly unkillable extension is hijacking my browsers. At first Malwarebytes seem to catch a backdoor agent and put it in quarantine. After that, about an hour later, firefox crashes and closes. When I reopen it, most of the websites (including Malwarebytes website) have hyperlinks and pop-ups. No matter where I click, on the pages, I get redirected to another website with random ads. I scan with malwarebytes, having advanced heuristic scan ticked, rootkits as well and scan within archives. I have PUP and PUM detections to treat as malware. Malware protection and Malicious website protection are also enabled. But even though Malwarebytes detects those stuff and notifies me that it put those in quarantine, the whole thing is going through and messes up my browsers anyway. My routine is to download the latest AdwCleaner, run it, scan the system and clean it. After the essential restart, everything is gone and running fine, until next day when everything comes back. I don’t use anything illegal as far as I know. I don’t use torrents and I don’t visit the usual suspects of websites, known for having malware stuff. I’m trying to avoid clean reinstallation of Windows 10, because I will have backup with loads of files and programs which I’ll bring back. I don’t know how deep this firefox@helper2 has rooted in my system. My backup files might bring it back. I don’t know what to do anymore. Is there a way to get rid of this thing? Thanks in advance. P.S. I noticed that on Chrome, the extension is visible and can be removed when it appears, with just a click. However, on Firefox it doesn’t appear anywhere. Also, sometimes the whole thing resets my homepage another search engine called protectedio.
  19. I have found a "hidden" extension, that is not in the usual Chrome extension list called SuperAdRomove. I believe it interferes with certain websites giving me the "Aw Snap!" Chrome warning that something was wrong with a webpage. I know it is this SuperAdRomove because when I disable it in the Chrome task manager, I can load the webpages (usually wikia web pages) just fine. when I close Chrome and reopen it, SuperAdRomove is back in the Extensions list and the webpages show the "Aw Snap!" warning again. I think I have the ID path for the Extension here: SuperAdRomove chrome-extension://bpimjanmknifnoiajikmhmhmlihdccbd/background.html I have a bad feeling about extensions I don't remember installing and can't permanently get rid of. I have run Malwarebyte's and it does not hit this program. I'm trying Microsoft's Malicious Software Removal Tool at the moment and will post if it has any results. Can someone please help me remove this thing from my computer? Thanks
  20. Not quite sure where to post this... MB has detected 305 non-malware items that belong to Google Chrome and more specifically, to one of the 20 odd extensions installed. Have quarantined these non-malware items but how can i determine which extension is the culprit? See per attachment. BTW, my apologies for not responding to my first post here! Thought settings were made to advise me via email. Should be good this time! non-malware items detected 305.txt
  21. No matter what I do, they will not go away! I got it about 3 days ago, but I don't know how. I deleted the program files already, which I hope doesn't mess with this process. If I remove it from my extensions, it will go away until I close the browser. It only does it to Google Chrome. Malwarebytes doesn't detect it even when I go into safe mode. Please help me, this is starting to get on my nerves. Screenshot of the Extensions: http://gyazo.com/9ab3bbc3318aac2083fc86e35a1aa860 Screenshot of What It Does: http://gyazo.com/05ce3b5d6a1ae16c7070d4b8c08bb647
  22. Hello, BuyNSave extension keeps coming back after removing it in Google Chrome. I have run Malwarebytes software full scan with no luck, plus most anti adware applications I could find. Following the "I'm infected - What do I do" instructions, I have scanned the PC with FRST and I attach here the results, in hope that one of your experts can help me. Thank you very much in advance for any help that you can provide me, Best regards! Addition.txt FRST.txt
  23. Hello, I've decided to post here because I am getting a bit desperate- my current infection must have come bundled together with some other software...and Malwarebytes, McAfee, AdwCleaner, and manual removal have all failed. Or rather, Malwarebytes and AdwClear found the infection initially, seemingly removed it, and all was fine and well for a few days until it came back by itself again. Upon running these programs a second time, nothing came up, even though the infection is still present. I've tried Googlng ddeal4reaol, though there are absolutely no results for it, and it came in the form of an extension on Chrome, and an add-on for Firefox. It seems to enable a whole bunch of other forms of software (such as Saveshare, Windowshopper, etc)- and removing or uninstalling both do not work (and I cannot find these programs on my program list either). If somebody could help me with this, I'd greatly appreciate it. Thanks! DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16750 BrowserJavaVersion: 1.6.0_29Run by Lillian at 19:02:52 on 2014-01-29Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3835.1184 [GMT -8:00].AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\Hpservice.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\vcsFPService.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Program Files\DigitalPersona\Bin\DpHostW.exeC:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exeC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\Windows\system32\mfevtps.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\McAfee\MSC\McAPExe.exeC:\Program Files\Common Files\McAfee\AMCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Windows\system32\rundll32.exeC:\Windows\system32\rundll32.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files (x86)\Giraffic\Veoh_Giraffic.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\taskhost.exeC:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Users\Lillian\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exeC:\Program Files (x86)\DAEMON Tools Lite\DTLite.exeC:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\DigitalPersona\Bin\DPAgent.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\McAfee\MAT\McPvTray.exeC:\Windows\system32\taskmgr.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files\McAfee\VirusScan\mcods.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exeC:\Windows\system32\wuauclt.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskhost.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Users\Lillian\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankuSearch Bar = PreservedURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllBHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllBHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnkuRun: [Google Update] "C:\Users\Lillian\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorunuRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStartmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [iTunesHelper] c:\program files (x86)\itunes\ituneshelper.exemRun: [APSDaemon] c:\program files (x86)\common files\apple\apple application support\apsdaemon.exemRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostartmRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exemRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=truemRun: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogindRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = Interfaces\{20DE690C-B88E-4495-BE71-6F4FAEA3F527}\16A637D6573796B6 : DHCPNameServer = Interfaces\{20DE690C-B88E-4495-BE71-6F4FAEA3F527}\347303148344 : DHCPNameServer = Interfaces\{20DE690C-B88E-4495-BE71-6F4FAEA3F527}\45271636B65627 : DHCPNameServer = Interfaces\{20DE690C-B88E-4495-BE71-6F4FAEA3F527}\74967616375647 : DHCPNameServer = Interfaces\{20DE690C-B88E-4495-BE71-6F4FAEA3F527}\E6F6F566275656F577966696F566F627F597F657 : DHCPNameServer = Interfaces\{20DE690C-B88E-4495-BE71-6F4FAEA3F527}\F414359435 : DHCPNameServer = Interfaces\{3EE4043D-69D7-4D93-BFFD-A173F4A86C58} : DHCPNameServer = Interfaces\{577982DE-E775-4D3A-92BD-07DC0B652C8D} : DHCPNameServer = application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= c:\progra~2\movies~1\safety~1\safety~2.dllSSODL: WebCheck - <orphaned>LSA: Notification Packages = DPPassFilter sceclimASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,x64-BHO: ddeal4reaol: {1BB10760-9CF5-EDE5-3C66-03E8F59A4229} - x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dllx64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hiddenx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Updatex64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exex64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dllx64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Lillian\AppData\Roaming\Mozilla\Firefox\Profiles\pgko0efr.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - about:homeFF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dllFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dllFF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Lillian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dllFF - plugin: C:\Users\Lillian\AppData\Local\Google\Update\\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dllFF - ExtSQL: !HIDDEN! 2011-03-22 23:57; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.============= SERVICES / DRIVERS ===============.R0 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2012-10-23 74560]R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-5-17 17720]R1 CbFs;CbFs;C:\Windows\System32\drivers\cbfs64.sys [2011-2-26 191960]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-8-22 270912]R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-3-15 528192]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-1-22 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-8 203264]R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-12 328928]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2010-6-15 30520]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-5-17 821592]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-23 201304]R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-10-15 178048]R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-12 328928]R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-12 328928]R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-12 328928]R2 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-4-1 311120]R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-10-12 1025232]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-4-1 219272]R2 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-10-15 782360]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-1 182752]R2 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-4-1 343696]R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-9-3 31088]R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-5-17 21384]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-4-1 519576]R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-5-17 33224]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-22 344680]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-1-22 38528]S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-12 328928]S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-4-1 70112]S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-10-20 197704]S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-30 19456]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-1-22 239136]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-30 57856]S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-5-17 21904]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120].=============== Created Last 30 ================.2014-01-29 20:09:48 -------- d-----w- C:\Windows\Migration2014-01-22 22:59:05 -------- d-----w- C:\AdwCleaner2014-01-22 22:37:15 -------- d-----w- C:\ProgramData\Giraffic2014-01-20 04:52:10 -------- d-----w- C:\Users\Lillian\AppData\Roaming\Malwarebytes2014-01-20 04:51:29 -------- d-----w- C:\ProgramData\Malwarebytes2014-01-20 04:51:13 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-01-20 04:51:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-15 09:16:09 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2014-01-15 09:16:09 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2014-01-15 09:16:09 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2014-01-15 09:16:09 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2014-01-15 09:16:09 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2014-01-15 09:16:09 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2014-01-15 09:16:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2014-01-15 09:16:07 3156480 ----a-w- C:\Windows\System32\win32k.sys2014-01-15 09:16:05 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2014-01-10 08:43:04 -------- d-----w- C:\Users\Lillian\AppData\Local\{FB98CE56-4A2F-4CFB-8682-42B939055367}2014-01-07 05:00:08 -------- d-----w- C:\Users\Lillian\AppData\Local\The Witcher2014-01-04 22:01:38 -------- d-----w- C:\Users\Lillian\AppData\Local\{D30256BF-4500-4A5B-A949-A44FA18FBDFB}.==================== Find3M ====================
  24. Hi, I apologize if this has been posted already, feel free to redirect me there if that's the case, but I couldn't find anything on this one on Google or the forums. A few days ago I was noticing a lot of annoying adds coming up (even with AdBlock on) and chrome would crash every once in a while. I looked in my extensions window and noticed this (see attachment). I delete it from Chrome every time I boot up, but it comes back every time. And after using Spybot, Malware Bytes, and several other programs, it's still there. I scanned through my programs/updates list in Windows control panel as well and don't see anything suspicious. If anyone has any ideas, please let me know! Thank you.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.