Jump to content

Search the Community

Showing results for tags 'hapili malware smart hdd'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Hello, I got infected by the said names above and I have been using MBAM to remove them. However, they have been coming back "everyday". So I figured, there was an exploit that keeps my pc re-infected. I downloaded and ran Kaspersky Rescue Disk 10 and it found some trojan downloader etc.. and I removed it. Now I ran MBAM and updated again and it did not find anything anymore... so I was expecting everything is okay. (by the way I also tried TDSSKiller by Kaspersky and it did not find anything) My issue now is that when I google something and click on the link on the results... It still redirect me to a numeric ip with /c.php?blahblah something. I went ahead and downloaded and ran ComboFix and below is the result. (please delete after) Thanks! =============================================================== ComboFix 12-05-10.04 - michaelrp 05/10/2012 14:31:37.2.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.14243 [GMT -7:00] Running from: c:\users\michaelrp\Desktop\ComboFix.exe SP: PC Tools Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-04-10 to 2012-05-10 ))))))))))))))))))))))))))))))) . . 2012-05-10 21:34 . 2012-05-10 21:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-05-10 21:34 . 2012-05-10 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-10 18:13 . 2012-04-13 21:28 85192 ----a-w- c:\windows\system32\drivers\PCTBD64.sys 2012-05-10 18:10 . 2012-04-23 21:18 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-05-10 18:10 . 2012-05-10 18:12 -------- d-----w- c:\programdata\PC Tools 2012-05-10 18:10 . 2012-05-10 18:10 -------- d-----w- c:\users\michaelrp\AppData\Roaming\TestApp 2012-05-10 17:12 . 2012-05-10 17:12 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-10 16:39 . 2012-05-10 16:39 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-10 16:39 . 2012-05-10 16:39 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-10 02:48 . 2012-05-10 03:12 -------- d-----w- c:\users\michaelrp\DoctorWeb 2012-05-10 02:29 . 2012-05-10 02:29 -------- d-----w- c:\windows\system32\appmgmt 2012-05-08 21:32 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-08 21:32 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-08 21:32 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-08 21:32 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-08 21:32 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-08 21:32 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-08 21:32 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-08 21:32 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-08 21:32 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-08 21:32 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-08 21:32 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-08 21:32 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-08 21:31 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-08 21:29 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E798604E-7681-4A80-8BE7-1DC15512EB01}\mpengine.dll 2012-05-06 00:01 . 2012-05-06 00:01 -------- d-----w- c:\program files (x86)\TopCMM 2012-05-02 06:21 . 2012-05-02 06:21 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-05-02 06:21 . 2012-05-02 06:21 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-05-02 06:21 . 2012-05-02 06:21 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-04-12 10:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-12 10:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-12 10:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-12 10:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-12 10:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-12 10:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-12 10:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-11 18:16 . 2012-05-06 07:16 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-11 00:14 . 2012-04-11 00:31 -------- d-----w- c:\program files (x86)\Canon 2012-04-11 00:14 . 2012-04-11 00:14 -------- d-----w- c:\programdata\Canon IJ Network Tool 2012-04-11 00:14 . 2012-04-11 00:14 -------- d-----w- c:\programdata\CanonIJFAX 2012-04-11 00:14 . 2010-09-13 21:44 106496 ----a-w- c:\windows\SysWow64\CNC880U.dll 2012-04-11 00:14 . 2010-09-07 00:03 315392 ----a-w- c:\windows\SysWow64\CNC880L.dll 2012-04-11 00:14 . 2008-08-26 01:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll 2012-04-11 00:14 . 2012-04-11 00:14 -------- d-----w- c:\windows\system32\STRING 2012-04-11 00:14 . 2010-09-08 23:27 37376 ----a-w- c:\windows\system32\CNMN6UI.DLL 2012-04-11 00:14 . 2010-09-08 23:27 328192 ----a-w- c:\windows\system32\CNMN6PPM.DLL 2012-04-11 00:14 . 2010-09-08 23:26 342016 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL 2012-04-11 00:13 . 2012-04-11 00:13 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2012-04-11 00:13 . 2012-04-11 00:13 -------- d-----w- c:\programdata\CanonBJ 2012-04-11 00:13 . 2010-10-18 12:00 88576 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAN.DLL 2012-04-11 00:13 . 2010-10-18 12:00 29696 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAN.DLL 2012-04-11 00:13 . 2010-10-18 12:00 374784 ----a-w- c:\windows\system32\CNMLMAN.DLL 2012-04-11 00:13 . 2010-10-19 12:00 302080 ----a-w- c:\windows\system32\CNCALAN.DLL 2012-04-11 00:13 . 2010-09-07 17:58 248320 ----a-w- c:\windows\system32\CNMIUAN.DLL 2012-04-11 00:13 . 2012-04-11 00:13 -------- d-----w- c:\program files\CanonBJ . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-13 20:55 . 2012-05-10 18:13 3488 ----a-w- c:\windows\UDB.zip 2012-04-13 20:55 . 2012-05-10 18:13 131 ----a-w- c:\windows\IDB.zip 2012-04-04 22:56 . 2012-03-05 04:14 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-07 22:45 . 2012-03-08 23:50 69632 ----a-w- C:\nporbit.dll 2012-02-25 05:40 . 2012-02-25 05:40 31232 ----a-w- c:\windows\SysWow64\prevhost.exe 2012-02-25 05:40 . 2012-02-25 05:40 31232 ----a-w- c:\windows\system32\prevhost.exe 2012-02-25 05:40 . 2012-02-25 05:40 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe 2012-02-25 05:40 . 2012-02-25 05:40 778752 ----a-w- c:\windows\system32\mssvp.dll 2012-02-25 05:40 . 2012-02-25 05:40 75264 ----a-w- c:\windows\system32\msscntrs.dll 2012-02-25 05:40 . 2012-02-25 05:40 666624 ----a-w- c:\windows\SysWow64\mssvp.dll 2012-02-25 05:40 . 2012-02-25 05:40 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll 2012-02-25 05:40 . 2012-02-25 05:40 591872 ----a-w- c:\windows\system32\SearchIndexer.exe 2012-02-25 05:40 . 2012-02-25 05:40 491520 ----a-w- c:\windows\system32\mssph.dll 2012-02-25 05:40 . 2012-02-25 05:40 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-02-25 05:40 . 2012-02-25 05:40 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe 2012-02-25 05:40 . 2012-02-25 05:40 337408 ----a-w- c:\windows\SysWow64\mssph.dll 2012-02-25 05:40 . 2012-02-25 05:40 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2012-02-25 05:40 . 2012-02-25 05:40 288256 ----a-w- c:\windows\system32\mssphtb.dll 2012-02-25 05:40 . 2012-02-25 05:40 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe 2012-02-25 05:40 . 2012-02-25 05:40 2315776 ----a-w- c:\windows\system32\tquery.dll 2012-02-25 05:40 . 2012-02-25 05:40 2223616 ----a-w- c:\windows\system32\mssrch.dll 2012-02-25 05:40 . 2012-02-25 05:40 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll 2012-02-25 05:40 . 2012-02-25 05:40 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe 2012-02-25 05:40 . 2012-02-25 05:40 1549312 ----a-w- c:\windows\SysWow64\tquery.dll 2012-02-25 05:40 . 2012-02-25 05:40 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll 2012-02-25 05:40 . 2012-02-25 05:40 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe 2012-02-25 05:40 . 2012-02-25 05:40 976896 ----a-w- c:\windows\system32\inetcomm.dll 2012-02-25 05:40 . 2012-02-25 05:40 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS 2012-02-25 05:40 . 2012-02-25 05:40 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax 2012-02-25 05:40 . 2012-02-25 05:40 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll 2012-02-25 05:40 . 2012-02-25 05:40 723456 ----a-w- c:\windows\system32\EncDec.dll 2012-02-25 05:40 . 2012-02-25 05:40 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2012-02-25 05:40 . 2012-02-25 05:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll 2012-02-25 05:40 . 2012-02-25 05:40 613888 ----a-w- c:\windows\system32\psisdecd.dll 2012-02-25 05:40 . 2012-02-25 05:40 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-02-25 05:40 . 2012-02-25 05:40 534528 ----a-w- c:\windows\SysWow64\EncDec.dll 2012-02-25 05:40 . 2012-02-25 05:40 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2012-02-25 05:40 . 2012-02-25 05:40 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-02-25 05:40 . 2012-02-25 05:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll 2012-02-25 05:40 . 2012-02-25 05:40 404480 ----a-w- c:\windows\system32\umpnpmgr.dll 2012-02-25 05:40 . 2012-02-25 05:40 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-02-25 05:40 . 2012-02-25 05:40 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-02-25 05:40 . 2012-02-25 05:40 294912 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-02-25 05:40 . 2012-02-25 05:40 2871808 ----a-w- c:\windows\explorer.exe 2012-02-25 05:40 . 2012-02-25 05:40 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2012-02-25 05:40 . 2012-02-25 05:40 2616320 ----a-w- c:\windows\SysWow64\explorer.exe 2012-02-25 05:40 . 2012-02-25 05:40 252928 ----a-w- c:\windows\SysWow64\drvinst.exe 2012-02-25 05:40 . 2012-02-25 05:40 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2012-02-25 05:40 . 2012-02-25 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2012-02-25 05:40 . 2012-02-25 05:40 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll 2012-02-25 05:40 . 2012-02-25 05:40 1395712 ----a-w- c:\windows\system32\mfc42.dll 2012-02-25 05:40 . 2012-02-25 05:40 1359872 ----a-w- c:\windows\system32\mfc42u.dll 2012-02-25 05:40 . 2012-02-25 05:40 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll 2012-02-25 05:40 . 2012-02-25 05:40 1139200 ----a-w- c:\windows\system32\FntCache.dll 2012-02-25 05:40 . 2012-02-25 05:40 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll 2012-02-25 05:40 . 2012-02-25 05:40 108032 ----a-w- c:\windows\system32\psisrndr.ax 2012-02-25 05:40 . 2012-02-25 05:40 100864 ----a-w- c:\windows\system32\fontsub.dll 2012-02-25 05:40 . 2012-02-25 05:40 961024 ----a-w- c:\windows\system32\CPFilters.dll 2012-02-25 05:40 . 2012-02-25 05:40 902656 ----a-w- c:\windows\system32\d2d1.dll 2012-02-25 05:40 . 2012-02-25 05:40 861696 ----a-w- c:\windows\system32\oleaut32.dll 2012-02-25 05:40 . 2012-02-25 05:40 850944 ----a-w- c:\windows\SysWow64\sbe.dll 2012-02-25 05:40 . 2012-02-25 05:40 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2012-02-25 05:40 . 2012-02-25 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2012-02-25 05:40 . 2012-02-25 05:40 715776 ----a-w- c:\windows\system32\kerberos.dll 2012-02-25 05:40 . 2012-02-25 05:40 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll 2012-02-25 05:40 . 2012-02-25 05:40 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2012-02-25 05:40 . 2012-02-25 05:40 542208 ----a-w- c:\windows\SysWow64\kerberos.dll 2012-02-25 05:40 . 2012-02-25 05:40 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-02-25 05:40 . 2012-02-25 05:40 421888 ----a-w- c:\windows\system32\KernelBase.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-02-25 05:40 . 2012-02-25 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-05-10_18.46.37 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 04:54 . 2012-05-10 21:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-05-10 18:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-05-10 21:06 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-05-10 18:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-05-10 21:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-05-10 18:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-05-10 21:07 41036 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-05-10 21:07 41066 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2012-03-02 01:44 . 2012-05-10 21:12 98488 c:\windows\system32\perfc014.dat - 2012-03-02 01:44 . 2012-05-10 18:45 98488 c:\windows\system32\perfc014.dat + 2012-03-02 01:17 . 2012-05-10 21:12 88106 c:\windows\system32\perfc00D.dat - 2012-03-02 01:17 . 2012-05-10 18:45 88106 c:\windows\system32\perfc00D.dat + 2012-03-02 01:13 . 2012-05-10 21:12 97996 c:\windows\system32\perfc001.dat - 2012-03-02 01:13 . 2012-05-10 18:45 97996 c:\windows\system32\perfc001.dat - 2012-02-29 04:40 . 2012-05-10 16:42 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-02-29 04:40 . 2012-05-10 19:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-02-29 04:40 . 2012-05-10 19:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2012-02-29 04:40 . 2012-05-10 16:42 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-05-10 19:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-05-10 16:42 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-03-02 00:06 . 2012-05-10 21:07 3752 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2901076305-1060788400-636371674-1001_UserData.bin - 2012-05-10 18:26 . 2012-05-10 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-05-10 21:06 . 2012-05-10 21:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-05-10 18:26 . 2012-05-10 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-05-10 21:06 . 2012-05-10 21:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-02 01:39 . 2012-05-10 18:45 674092 c:\windows\system32\perfh01D.dat + 2012-03-02 01:39 . 2012-05-10 21:12 674092 c:\windows\system32\perfh01D.dat - 2012-03-02 01:46 . 2012-05-10 18:45 734876 c:\windows\system32\perfh019.dat + 2012-03-02 01:46 . 2012-05-10 21:12 734876 c:\windows\system32\perfh019.dat - 2012-03-02 01:44 . 2012-05-10 18:45 504926 c:\windows\system32\perfh014.dat + 2012-03-02 01:44 . 2012-05-10 21:12 504926 c:\windows\system32\perfh014.dat + 2012-03-02 01:28 . 2012-05-10 21:12 753522 c:\windows\system32\perfh013.dat - 2012-03-02 01:28 . 2012-05-10 18:45 753522 c:\windows\system32\perfh013.dat + 2012-03-02 01:36 . 2012-05-10 21:12 439728 c:\windows\system32\perfh012.dat - 2012-03-02 01:36 . 2012-05-10 18:45 439728 c:\windows\system32\perfh012.dat + 2012-03-02 01:14 . 2012-05-10 21:12 750344 c:\windows\system32\perfh010.dat - 2012-03-02 01:14 . 2012-05-10 18:45 750344 c:\windows\system32\perfh010.dat - 2012-03-02 01:23 . 2012-05-10 18:45 693830 c:\windows\system32\perfh00E.dat + 2012-03-02 01:23 . 2012-05-10 21:12 693830 c:\windows\system32\perfh00E.dat + 2012-03-02 01:17 . 2012-05-10 21:12 403136 c:\windows\system32\perfh00D.dat - 2012-03-02 01:17 . 2012-05-10 18:45 403136 c:\windows\system32\perfh00D.dat - 2012-03-02 01:13 . 2012-05-10 18:45 755808 c:\windows\system32\perfh00C.dat + 2012-03-02 01:13 . 2012-05-10 21:12 755808 c:\windows\system32\perfh00C.dat - 2012-03-02 01:25 . 2012-05-10 18:45 491790 c:\windows\system32\perfh00B.dat + 2012-03-02 01:25 . 2012-05-10 21:12 491790 c:\windows\system32\perfh00B.dat - 2012-03-02 01:20 . 2012-05-10 18:45 755652 c:\windows\system32\perfh00A.dat + 2012-03-02 01:20 . 2012-05-10 21:12 755652 c:\windows\system32\perfh00A.dat - 2009-07-14 02:36 . 2012-05-10 18:45 672700 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-05-10 21:12 672700 c:\windows\system32\perfh009.dat + 2012-03-02 01:41 . 2012-05-10 21:12 617028 c:\windows\system32\perfh008.dat - 2012-03-02 01:41 . 2012-05-10 18:45 617028 c:\windows\system32\perfh008.dat + 2012-03-02 01:10 . 2012-05-10 21:12 707092 c:\windows\system32\perfh007.dat - 2012-03-02 01:10 . 2012-05-10 18:45 707092 c:\windows\system32\perfh007.dat + 2012-03-02 01:34 . 2012-05-10 21:12 678848 c:\windows\system32\perfh005.dat - 2012-03-02 01:34 . 2012-05-10 18:45 678848 c:\windows\system32\perfh005.dat + 2012-03-02 01:13 . 2012-05-10 21:12 489570 c:\windows\system32\perfh001.dat - 2012-03-02 01:13 . 2012-05-10 18:45 489570 c:\windows\system32\perfh001.dat + 2012-03-02 01:39 . 2012-05-10 21:12 145680 c:\windows\system32\perfc01D.dat - 2012-03-02 01:39 . 2012-05-10 18:45 145680 c:\windows\system32\perfc01D.dat + 2012-03-02 01:46 . 2012-05-10 21:12 153686 c:\windows\system32\perfc019.dat - 2012-03-02 01:46 . 2012-05-10 18:45 153686 c:\windows\system32\perfc019.dat + 2012-03-02 01:28 . 2012-05-10 21:12 156122 c:\windows\system32\perfc013.dat - 2012-03-02 01:28 . 2012-05-10 18:45 156122 c:\windows\system32\perfc013.dat + 2012-03-02 01:36 . 2012-05-10 21:12 123688 c:\windows\system32\perfc012.dat - 2012-03-02 01:36 . 2012-05-10 18:45 123688 c:\windows\system32\perfc012.dat - 2012-03-02 01:14 . 2012-05-10 18:45 149994 c:\windows\system32\perfc010.dat + 2012-03-02 01:14 . 2012-05-10 21:12 149994 c:\windows\system32\perfc010.dat - 2012-03-02 01:23 . 2012-05-10 18:45 174190 c:\windows\system32\perfc00E.dat + 2012-03-02 01:23 . 2012-05-10 21:12 174190 c:\windows\system32\perfc00E.dat + 2012-03-02 01:13 . 2012-05-10 21:12 152498 c:\windows\system32\perfc00C.dat - 2012-03-02 01:13 . 2012-05-10 18:45 152498 c:\windows\system32\perfc00C.dat + 2012-03-02 01:25 . 2012-05-10 21:12 104338 c:\windows\system32\perfc00B.dat - 2012-03-02 01:25 . 2012-05-10 18:45 104338 c:\windows\system32\perfc00B.dat + 2012-03-02 01:20 . 2012-05-10 21:12 161530 c:\windows\system32\perfc00A.dat - 2012-03-02 01:20 . 2012-05-10 18:45 161530 c:\windows\system32\perfc00A.dat - 2009-07-14 02:36 . 2012-05-10 18:45 125400 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-05-10 21:12 125400 c:\windows\system32\perfc009.dat - 2012-03-02 01:41 . 2012-05-10 18:45 114198 c:\windows\system32\perfc008.dat + 2012-03-02 01:41 . 2012-05-10 21:12 114198 c:\windows\system32\perfc008.dat - 2012-03-02 01:10 . 2012-05-10 18:45 151988 c:\windows\system32\perfc007.dat + 2012-03-02 01:10 . 2012-05-10 21:12 151988 c:\windows\system32\perfc007.dat - 2012-03-02 01:34 . 2012-05-10 18:45 144302 c:\windows\system32\perfc005.dat + 2012-03-02 01:34 . 2012-05-10 21:12 144302 c:\windows\system32\perfc005.dat + 2012-05-10 19:34 . 2012-05-10 19:34 352176 c:\windows\system32\FNTCACHE.DAT - 2012-05-10 18:26 . 2012-05-10 18:26 352176 c:\windows\system32\FNTCACHE.DAT - 2009-07-14 05:01 . 2012-05-10 18:25 298528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-05-10 21:05 298528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-03-01 20:08 . 2012-05-10 21:05 37816072 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2901076305-1060788400-636371674-1001-8192.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] 2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "googletalk"="c:\users\michaelrp\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 257696] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-02 129976] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-04-23 402336] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-03-21 89600] S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-03-22 15296] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-04-13 575416] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-04 2372096] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-09-22 1692480] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-10 382272] S2 ZcfgSvc7;Intel® PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [2011-11-01 994064] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x] S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-05-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 16:39] . 2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2901076305-1060788400-636371674-1001Core.job - c:\users\michaelrp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29 02:50] . 2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2901076305-1060788400-636371674-1001UA.job - c:\users\michaelrp\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29 02:50] . 2012-03-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\AlienAutopsy\uaclauncher.exe [2012-02-07 23:24] . 2012-03-02 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\AlienAutopsy\uaclauncher.exe [2012-02-07 23:24] . . --------- x86-64 ----------- . . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://search.orbitdownloader.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202 LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\michaelrp\AppData\Roaming\Mozilla\Firefox\Profiles\5om7u5hj.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.pinoypinay.tv/videos FF - prefs.js: network.proxy.type - 0 FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2901076305-1060788400-636371674-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BFCF35CD-3309-B6C8-8B8B-B688139B5834}*] "jbdbldihdmojaplakaihnknfbimmhlaikjgofmjfamgknenllcll"=hex:68,61,68,64,66,6e, 66,68,63,67,6b,6c,6c,6c,63,65,00,00 "dbdbldihdmojaplakaihlkicbmlakhahmgghicpm"=hex:62,61,6f,70,00,00 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-05-10 14:36:38 ComboFix-quarantined-files.txt 2012-05-10 21:36 ComboFix2.txt 2012-05-10 18:48 . Pre-Run: 125,811,314,688 bytes free Post-Run: 125,556,989,952 bytes free . - - End Of File - - 8517F4BE3642ECBCE4A5C31EE9BA59BA
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.