Jump to content

Search the Community

Showing results for tags 'hack'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 17 results

  1. Hi everyone, I'd like to know if there is a way to detect special spyware. malware, trojans, keyloggers..and more...created by the biggest ethical hackers worlwide for government's agencies like cia, nsa, all secret agencies worlwide? I ask that question because in the deepweb, some black hat are selling malicious spyware, trojans, keyloggers and many more, and the contract tells that compagnies like norton, avast, yours and all anti-malware haven't got these tools added into their database, and cannot detect them in any way... It's written that these tools are done by the biggest ethical hackers (before they were black hat for most of them) for Goverments and black hat activities, that's why as soon as they are added into your database, they create a new one, to bypass any test... check wikileaks about it.... Is that real or fiction?if yes, how can we be online and be sure 100% that no one is spying us? Please if someone really knows about that, reply with all informations needed. Please no scam, or spam.. Yours truly, corethical/SWITZERLAND
  2. With Windows 10 December update a New Windows 10 unlock screen has appeared before the normal one. How do I get rid of this? (MALWARE?)
  3. Hello i have someone is hacking on my laptop is here is image i have used by using snipping tool. Hello All i am New to forum.....i am not a computer expert someone can help figure what this is how are this hackers be on laptop without me knowing about it
  4. Hi, I'm not great with computers, I thoughtmacs were protective and I git my credit card numbers stolen 3 times in 2 months. after the first i was careful and aware of every payment I made and the only common denominator was the use of my new mac. Is there any way to make sure I don't have any maware that tracks credit card numbers used on my computer? thank you
  5. I've had some really strange connection and DNS lookup issues ever since having TWC service installed at a new apartment. Only GF was here with the tech, and when I got home I went about setting up modem and router passwords, and when I noticed the issues I checked the modem's firewall logs and found this stuff which looked suspect. I initially ignored it and called TWC to send another tech. He installed a TWC modem hoping it would fix the problem, which it didn't. Today my credit card was flagged for fraud, and the rep suggested I may have been hacked which makes me think there is a remote possibility that the two are related. Normally I would chalk it all up to coincidence, but in this case I'm starting to think it might not be. Let me know what other data or information you guys would need to narrow it down to an actual intrusion or compromised system. I did run malwarebytes anti-malware premium, and malewarebytes anti-rootkit, and both came up clean.
  6. so i though it would be clever to try to download a free version of a game instead of buying it. i did some stupid clicking around, and when I thought I was just clicking forum page link to look at what the download file looks like, it automatically started downloading packages of random stuff onto my computer. one of which was the PROUnstl package virus and tons of other things. so far i went into command prompt and deleted the SHR files from system 32 and windows. i think i uninstalled PROUnstl, but im not really sure. What i need help with is finding a program or method to remove all traces of this malware that has infected my new computer. Oh yeah, and by the way, a pop-up notification that says I have a "Zeus" virus, and I need to call a support number and if I close the message than my WHOLE entire drive will be deleted. here is what it looks like : http://imgur.com/IGdxj71 some problems include: -slow loading certain pages -some pages will not load at all, and just say there is an internal problem within my computer -pop up like the one I explained -random weird ads at the bottom of my chrome browser that are blocked by AdBlockPlus (but still show up as the blocked ad message) also, ads are on most pages that I go onto but not all - thankfully not this one -weird unfamiliar background processes like "plugin.exe" , "laufer.exe" , "Lupvhaj.exe" , "Simokhtau.exe" and "lobo.exe" thanks so much if anyone responds to this, im just trying to get help before this gets out of hand or I mess something up
  7. Hi there, I just wanna make sure that my PC is absolutely virus free. I was playing a computer game (Witcher 3) when my character started doing actions that I wasn't inputting in my keyboard. I closed the application, and removed my ethernet cable for internet access. However, in my desktop random files were being opened and attempted to run on their own- without stimulus from my own mouse. I think it's probably a virus (seeing that my internet connection was severed, thus ruling out the possibility of a remote attacker), and would like to see if it's still there. Attached are the FarBar logs. Thanks FRST.txt Addition.txt
  8. Hello , I'm not sure this is the right section to post this topic .. So , A friend of mine got infected with Trojan ( NOT SURE WICH ONE ) . All his document and personal file got encrypted . Every File extension is now followed by ( .HenoTRJ ) , So If the file is PDF , It will be (( Example.PDF.HenoTRJ )) . Those files are extremely important , Some files since " 1988 " I've tried to remove the extra extension which is (( .HenoTRJ )) , But That Didn't Worked , PDF reader cant read the files , Nor Office . I Scanned The Computer using MBAM And I Found Some Trojans And PUPs , But its too late as the files were already corrupted . I will upload some files on ATTACHMENTS that got corrupted , please review them and see if it can be fixed . Corrupted Files Samples.rar
  9. I have the Free version of Malwarebytes, while looking through the settings i clicked on web exclusions. I see 2 ip adresses that i do not recognize and i know that i NEVER added them or allowed malwarebytes to add them. I cannot remove them from the list because i have the free version. Should i be worried? Are these being skipped because they are in the list? Here is a picture of my Malwarebytes and the IP's that added themselves. Are they viruses? What can i do, i'm scared.
  10. Hi. I 've got problem with process svchost.exe. Sometimes shows me up the information that malwarebytes has blocked malicious website. This is seen on file log added to attached files . All the time i am getting information from malwarebytes about that malicious website. Could someone help me? PS. I attached files form scan by FraBarRecorvery tool. Malwarebytes Log File protection-log-2014-09-04.xml FRST.txt FRST.txt Addition.txt Addition.txt
  11. Hey everyone, Recently I've been having some real trouble with my email and social media and am looking for your guys input. I noticed my email sending out messages to people in my contact book without my knowing on 2 of my 4 email accounts. I changed both the passwords, but the sending has continued. And also, tonight for the first time, my Twitter was tweeting links to websites that I did not authorize. Ive done multiple virus scans to no prevail. Do you all have any suggestions of what to do besides continuely changing passwords? Is their a keylogger somewhere on my computer. Please help!
  12. Is this malware or not, I found this on my old laptop, I did a virustotal scan and 19 says yes. It was always harmless when I used it, never caused my computer any problems... schoolbulliesaremean-ch.zip
  13. Just wanted to know because I need to download something from an external website, and I can't be sure, malwarebytes blocked me from it. Cheers.
  14. Thanks for a moment of your time. I am in desperate need of your help. Desperate because my computer, a 64 bit Windows Home Premium OS, HP Pavillion has been made a client machine on an unknown network admin's domain. I have done a couple years worth of investigation...learning a lot as I proceed. And I have narrowed the Hack to the exploitation of my WIRED router-in this case a Netgear WNR1000v2, but the brand is irrelevant-using a script I found that contains a reference to a program called Dnsmasq and something called MICROSOFT WINDOWS RALLY PROGRAM among others which I will include at the bottom of this text. On Netgear utility app called Genie [which denies me permission to Wireless, ReadyShare and parental controls] I try to enter a password that control,using I get a message that says " The server 192.168.0.1 at WebAdmin request a password which is not the standard PW or the one I created.. I logged on today using an ethernet cable from modem directly to my pc, but the the Netgear router [unplugged and disconnected] app called Genie indicates that I am passing through the router????????? I have lost control of my computer and have not yet been able to regain it due to a lack of knowledge regarding this open code written by someone else. Please help me understand how to remove this control from my PC. I would be so very grateful. . I tried to attach the wordpad doc that I copied from the Notepad Script but was unsuccesful. Contains many references to unknown programs. So here are some selected keywords: Binary or Source code */...bpalogin.sourceforge.net bridge.sourceforge.net/....busybox-1.4.2...dnsmasq-2.39...iptables-1.3.5 http://www.microsoft...iupnpd-20070127... ftp://ftp.samba.org/.......udhcp-0.9.8 wireless-tools-29.pre1...datalib...detcable..dni-ripd...dns-ipupdate...Oray...detwan...led-control...net-util...radvd...telnetenable...[ap91-hostapd]... hostapd...Atheros...BSD/GPL...ap91-madwifi-11n-scripts]... madwifi... wlanlog...ap91-wpatalk]...hostapd...Kernel Modules...Linux-2.6.15... ag7240-enet ag7240-gpio...ipv6-cone...netfilter...dnirtsp...ftp alg...pptp drv...netgear-rejec...urlblock....ap91-madwifi-11n.
  15. I downloaded ezvid (a video editing software) a couple of hours ago and then immediately deleted it as it was also downloading a bunch of other craps with it (conduit search engine and some other stuff), but most importantly I remember it downloading a file to my windows folder in the downloading bar, which I thought was very suspicious. Not long after that I tried to sign in to skype but it said I entered a wrong password,I then tried to open my yahoo email but it also said I entered a wrong password. I tried all my other online website and forum groups that I has password with and I can not login on any of them. Is there any way to retrieve all of my online accounts? I did a quick scan with malwarebytes but it didn't find anything. Any help is greatly appreciated! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 1.6.0_31 Run by mantik at 22:04:48 on 2013-04-18 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.2797 [GMT -5:00] . AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\Hpservice.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Users\mantik\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\AWS\WeatherBug\Weather.exe C:\Users\mantik\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Windows\system32\notepad.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\mantik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\notepad.exe C:\Users\mantik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20130209,17117,0,18,0 uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE \rpbrowserrecordplugin.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\mantik\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll uRun: [Google Update] "C:\Users\mantik\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1 uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\mantik\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\mantik\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\mantik\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: NameServer = 10.1.10.1 192.168.1.1 TCP: Interfaces\{3EBFC901-9D3F-4B0D-85D4-82A3B413D165} : DHCPNameServer = 10.1.10.1 192.168.1.1 TCP: Interfaces\{3EBFC901-9D3F-4B0D-85D4-82A3B413D165}\2656C6B696E6E2430336 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{3EBFC901-9D3F-4B0D-85D4-82A3B413D165}\7756C6F66756A6A6 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{3EBFC901-9D3F-4B0D-85D4-82A3B413D165}\84F4354554C4F52374 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{3EBFC901-9D3F-4B0D-85D4-82A3B413D165}\84F6374756C602237484A7 : DHCPNameServer = 10.1.10.1 192.168.1.1 TCP: Interfaces\{48423D3D-A00B-4EA5-8A5A-E903324ED59E} : DHCPNameServer = 207.230.75.50 207.230.75.34 4.2.2.3 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\mantik\AppData\Roaming\Mozilla\Firefox\Profiles\aauyn24f.default\ FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\mantik\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Users\mantik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\mantik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\mantik\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll . ---- FIREFOX POLICIES ---- user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-7-16 55856] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-5 451192] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-5 1129120] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120207.003\BHDrvx64.sys [2012-2-8 1157240] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-5 167072] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-1-17 279616] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120210.002\IDSviA64.sys [2012-2-11 488568] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-5 190072] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-5 405624] R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-9-27 89600] R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\mantik\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-2-24 107520] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-8-25 260424] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-4-8 26680] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-27 13592] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-9-27 2375168] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-24 103472] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-27 2656280] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-4 138360] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-3-23 77936] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2012-3-29 29808] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-5 19456] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-9-27 337512] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-5 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-5 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-10 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-04-18 20:53:27 -------- d-----w- C:\ProgramData\AVS4YOU 2013-04-18 20:53:15 -------- d-----w- C:\Users\mantik\AppData\Roaming\AVS4YOU 2013-04-18 20:52:01 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia 2013-04-18 20:52:00 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2013-04-18 20:52:00 1700352 ----a-w- C:\Windows\SysWow64\GdiPlus.dll 2013-04-18 20:52:00 -------- d-----w- C:\Program Files (x86)\AVS4YOU 2013-04-18 20:47:43 -------- d-----w- C:\Users\mantik\AppData\Local\ezvid,_inc 2013-04-18 20:17:55 -------- d-----w- C:\Users\mantik\AppData\Local\WeatherBug 2013-04-18 20:17:52 -------- d-----w- C:\Users\mantik\AppData\Roaming\WeatherBug 2013-04-18 20:17:49 -------- d-----w- C:\Program Files (x86)\AWS 2013-04-18 20:16:24 -------- d-----w- C:\Users\mantik\AppData\Local\CRE 2013-04-16 08:16:38 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A64C3793-B60D-48CE-8423-F2B720CFE2B2}\mpengine.dll 2013-04-10 04:22:10 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-04-10 04:22:08 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 04:22:05 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-04-10 04:22:00 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-04-10 04:22:00 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-10 04:22:00 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-04-10 04:22:00 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-04-10 04:22:00 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-04-10 04:22:00 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-22 17:50:34 -------- d-----w- C:\Users\mantik\AppData\Local\{0D40B8E7-E4D1-4F4E-830D-CAA7D29CE358} 2013-03-20 20:16:18 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys . ==================== Find3M ==================== . 2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-03-19 09:24:14 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-19 09:24:14 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-03-12 06:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe 2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll 2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll . ============= FINISH: 22:05:58.41 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/9/2011 11:46:52 PM System Uptime: 4/18/2013 7:51:24 PM (3 hours ago) . Motherboard: Hewlett-Packard | | 1650 Processor: Intel® Core i3-2330M CPU @ 2.20GHz | CPU1 | 880/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 571 GiB total, 404.504 GiB free. D: is FIXED (NTFS) - 21 GiB total, 2.256 GiB free. E: is FIXED (FAT32) - 4 GiB total, 1.082 GiB free. F: is CDROM () G: is CDROM () H: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP145: 4/2/2013 12:38:38 PM - Windows Update RP146: 4/9/2013 4:50:26 AM - Windows Update RP147: 4/10/2013 3:00:15 AM - Windows Update RP148: 4/16/2013 3:16:01 AM - Windows Update RP149: 4/18/2013 3:17:15 PM - Installed WeatherBug . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS5.1 Adobe Photoshop Elements 9 Adobe Premiere Elements 9 Adobe Reader X (10.1.2) MUI Adobe Shockwave Player 11.5 Agatha Christie - Peril at End House Akamai NetSession Interface ALPS Touch Pad Driver Amazon MP3 Downloader 1.0.15 Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver AuthenTec TrueAPI AVS Video Editor 6 Bastion Bejeweled 3 Bing Bar BlackBerry Desktop Software 6.1 Blackhawk Striker 2 Blasterball 3 Bonjour Bounce Symphony Cake Mania Canon RAW Codec CCleaner Chronicles of Albian Chuzzle Deluxe Cradle of Rome 2 CyberLink YouCam D3DX10 DAEMON Tools Lite DecisionTools Suite Industrial 5.7.1 Edu Edition DefaultTab Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Dropbox Elements 9 Organizer Elements STI Installer ESU for Microsoft Windows 7 SP1 Evernote v. 4.2.3 Farm Frenzy FastPictureViewer Professional 1.9.261.0 (64-bit) FATE Free Opener Google Chrome Google Drive Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Governor of Poker 2 Premium Edition Hewlett-Packard ACLM.NET v1.1.1.0 HP 3D DriveGuard HP Client Services HP CoolSense HP Customer Experience Enhancements HP Documentation HP Games HP Launch Box HP On Screen Display HP Power Manager HP Quick Launch HP QuickWeb HP Setup HP Setup Manager HP SimplePass 2011 HP Software Framework HP Support Assistant IDT Audio Intel PROSet Wireless Intel® Control Center Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® WiDi Intel® Wireless Display IrfanView (remove only) iTunes Java Auto Updater Java 6 Update 24 Java 6 Update 31 Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update K-Lite Codec Pack 7.0.0 (Standard) Kaspersky Security Scan Magic ISO Maker v5.5 (build 0281) Mah Jong Medley Malwarebytes Anti-Malware version 1.70.0.1100 McAfee Security Scan Plus McAfee SiteAdvisor Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft IntelliPoint 8.2 Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 3.1 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN Norton Internet Security PakkISO 0.4 PDF Settings CS5 Penguins! Plants vs. Zombies - Game of the Year Poker Superstars III Polar Bowler Polar Golfer RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek PCIE Card Reader RealUpgrade 1.1 Recovery Manager SAS 9.3 Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB2760762) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition SelectionLinks Skype Click to Call Skype™ 6.3 Slingo Supreme SmartSound Quicktracks for Premiere Elements 9.0 Spotify SpyHunter Steam Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Update Installer for WildTangent Games App Vacation Quest - The Hawaiian Islands Validity WBF DDK VIP Access SDK (1.0.1.2) Virtual Villagers 5 - New Believers WeatherBug WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinZip 16.0 Yahoo! Software Update Yahoo! Toolbar Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 4/18/2013 3:18:43 PM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1200000 milliseconds: Restart the service. 4/18/2013 3:18:41 PM, Error: Service Control Manager [7034] - The Application Sendori service terminated unexpectedly. It has done this 1 time(s). 4/16/2013 4:52:48 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended. 4/16/2013 4:52:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} . ==== End Of File ===========================
  16. I downloaded ezvid (a video editing software) a couple of hours ago and then immediately deleted it as it was also downloading a bunch of other craps with it (conduit search engine and some other stuff), but most importantly I remember it downloading a file to my windows folder in the downloading bar, which I thought was very suspicious. Not long after that I tried to sign in to skype but it said I entered a wrong password,I then tried to open my yahoo email but it also said I entered a wrong password. I tried all my other online website and forum groups that I has password with and I can not login on any of them. Is there any way to retrieve all of my online accounts? I did a quick scan with malwarebytes but it didn't find anything. Any help is greatly appreciated!
  17. I keep getting this "Succefully blocked access to a potentially malicious website: ##,##,###,##". It pops up every couple of seconds and its really annoying. I think im getting spammed by some hackers.. Does anyone know how i can block their access completely??? Malware Pro keeps blocking access to mutiple Potentially Malicious Websites... Every Couple of Seconds
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.