Jump to content

Search the Community

Showing results for tags 'music'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 5 results

  1. This is my sec time writing this, I wrote a 3 page things but when I clicked to submit the site timed out and I lost it all....(logged me out as well) So basically, something Called Nine keeps showing up along with CTF Loader in the task manager in windows 10, I check on the location of NINE and a file called Salta.exe and a .dll file are there, I have deleted/shredded both but they keep coming back, my research on CTFLoader is that is normally part of MS office, which I don't have, I ran a uninstall prg for ctfloader and though it is listed as gone, it still shows up. what theses two items seem to be doing is going to the net and playing audio, sometimes ads and or music...this happens with or without a browser open. I have run avg, spyware spybot, and malwarebytes and though Avg sometimes catches NINE/salta.exe when its in memory and it claims to be removing it, it still comes back after a while. There are sometimes other files one called Wrapper(something I forget the whole name) that also might be part of it...but as there are so many things in memory in Windows 10 its hard to know (or why there needed, I miss Windows 98 or xp where all you needed was windows.exe and explore.exe) I've tried Hyjack this, but it gives me an error saying it is blocked from writing changes because of the Host file in system32 director, I checked this but the item in it that it asked me to check for was not in the file.... When CTFLoader is in memory, I open its location, and though I can remove it from memory, when I then try to delete it, it says my clearance lvl is not high enough to do so...
  2. Hello. This is my first post on the site. All help is appreciated. Not always, but often, when I alter the volume on my PC, random music starts playing. If I turn it all the way down, and play something else, it stops. I'm not the most computer-literate person in the world, so it would be brilliant if someone could suggest what sort of scans I should carry out to find whatever is doing this. I've done an AVG scan, and it found nothing. I'll be checking this post very frequently to provide the additional information that is needed. Thanks in advance!
  3. I am wondering if .mp3 files could contain any sort of malware in any way? I am not talking about a file that is named music.mp3 but the file type is an .exe being hidden by windows. I am talking about a real .mp3 file. I also would preferably like someone to answer who knows what they are talking about. I've been searching on the internet and many say yes and no... So I am still not sure. Also if an .mp3 file could contain something malicious, would an antivirus or antimalware scanner detect it? Thank you.
  4. Well, I don't know how/when I got it, but a trojan/rootkit managed to get on my pc. My svchost.exe is playing ads in the background and using up a lot of memory. I've read over other forum posts detailing this exact problem but none of them have fixed it. Here's a list of programs i've run: rKillmbrScanaswMBRadwCleanerRougeKillerGMERJunkware Removal ToolFarbar Recovery ToolTDSSKillerMalwareBytes Anti-malware (Full scan, ran for an hour+)MalwareBytes Rootkit Removal toolEvery time it seems like I manage to stop it or remove it, next login I see a "Launching application" window that says something like "Verifying application requirements" for a couple seconds and then it closes and I get the music/ads again. Right now I have my PC locked down with my firewall to prevent any more connections from the trojan. I also noticed in my Farbar tool logs it mentioned something about svchost having a fault. And Spybot S&D added those links to my hosts file if anyone was wondering what they were. I'll attach all my logs below, hope I can get some help, i'm at my wit's end. :/ Addition.txt AdwCleanerR1.txt ComboFix.txt FRST_09-01-2014_03-23-54.txt mbar-log-2014-01-09 (00-24-35).txt MbrScan.log Rkill.txt RKreport0_S_01092014_025936.txt system-log.txt TDSSKiller.3.0.0.19_09.01.2014_12.11.55_log.txt
  5. I cleaned up my computer today because it kept jumping to other web sites. I used rkill, Mlwaerbytes and AVG Internet Security 2012.They cleaned up several viruses. Now I am hearing ad's in the background. . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 6/15/2012 12:45:05 PM System Uptime: 6/21/2012 11:32:35 AM (6 hours ago) . Motherboard: Dell Inc. | | 0HF42M Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 296 GiB total, 206.497 GiB free. D: is FIXED (NTFS) - 2 GiB total, 1.975 GiB free. E: is CDROM () F: is Removable G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP14: 6/18/2012 5:50:15 AM - Windows Update RP15: 6/18/2012 10:15:29 AM - Windows Update RP16: 6/18/2012 4:19:13 PM - Installed QuickTime RP17: 6/19/2012 4:00:19 AM - Windows Update RP18: 6/19/2012 7:26:53 PM - Installed iTunes RP19: 6/20/2012 8:55:33 AM - Windows Update RP20: 6/20/2012 9:07:53 AM - Windows Update RP21: 6/20/2012 5:50:40 PM - Windows Update RP22: 6/21/2012 3:00:19 AM - Windows Update . ==== Installed Programs ====================== . AC3Filter 1.63b Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Flash Player 11 ActiveX Adobe Help Manager Adobe Widget Browser Apple Application Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver bl Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink YouCam Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Digital Delivery DirectX 9 Runtime DivX Setup Face Filter GetFLV Pro 9.0.0.7 Google Talk Plugin Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 PDF Settings CS6 ph PowerISO QuickTime Roxio BackOnTrack Roxio BackOnTrackPE Roxio Burn - Secure Roxio CinePlayer Roxio CinePlayer Decoder Pack Roxio Creator 2012 Pro Roxio System Rollback Recovery Disk Roxio Video Capture USB Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition SmartSound Common Data SmartSound Quicktracks 5 Sure Cuts A Lot 1.016 Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 Visual Studio 2008 x64 Redistributables Vuze Vuze Remote Toolbar WinRAR archiver Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 6/21/2012 9:52:44 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/21/2012 9:52:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/21/2012 9:52:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 6/21/2012 9:52:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/21/2012 9:52:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache SaibVdAd64 SCDEmu spldr Wanarpv6 6/21/2012 9:52:10 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 6/21/2012 12:23:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/21/2012 12:23:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 6/21/2012 11:10:34 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 6/21/2012 1:53:45 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 6/21/2012 1:53:45 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 6/20/2012 9:09:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670). 6/20/2012 9:07:54 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 6/20/2012 9:05:51 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. 6/20/2012 6:03:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG Firewall service to connect. 6/20/2012 6:03:11 PM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/20/2012 5:45:56 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 6/20/2012 2:38:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service. 6/19/2012 9:19:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 6/19/2012 6:54:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 6/19/2012 4:12:51 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer MCGLOWN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{284B2EF0-773D-47DF-887A-C0F6356C59F5}. The master browser is stopping or an election is being forced. 6/18/2012 9:58:38 AM, Error: Service Control Manager [7023] - 6/18/2012 9:55:36 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:32 AM, Error: Service Control Manager [7034] - The vToolbarUpdater11.1.0 service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:31 AM, Error: Service Control Manager [7034] - The BOT4Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:29 AM, Error: Service Control Manager [7034] - The Roxio SAIB Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2563227). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2560656). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2425227). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356). 6/18/2012 9:40:06 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0. 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157). 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845). 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521). 6/17/2012 11:48:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000406f8, 0xfffff8800401da9e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061712-21808-01. 6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The RoxMediaDB13 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The Roxio Hard Drive Watcher 12 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/15/2012 12:42:16 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147467243. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by BodyRoc at 17:00:10 on 2012-06-21 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1427 [GMT -4:00] . AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgfws.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mWinlogon: Userinit=userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [AdobeBridge] uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: mswsock.dll TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 TCP: Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5} : DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO-X64: Vuze Remote - No File BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun-x64: [(Default)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun-x64: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?] R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?] R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?] R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-21 654408] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-16 935480] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-18 257224] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440] . =============== Created Last 30 ================ . 2012-06-21 15:28:07 -------- d--h--w- C:\$AVG 2012-06-21 14:03:02 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes 2012-06-21 14:02:23 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-21 14:02:20 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-21 14:02:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-21 01:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-06-21 01:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-06-21 01:07:33 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-06-20 21:59:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-06-20 20:53:41 580096 ----a-w- C:\Windows\System32\ac3filter64.acm 2012-06-20 20:53:41 -------- d-----w- C:\Program Files (x86)\AC3Filter 2012-06-20 20:44:47 -------- d-----w- C:\Program Files (x86)\Craft Edge 2012-06-20 19:48:17 -------- d-----w- C:\Program Files (x86)\GetFLV 2012-06-20 18:34:08 -------- d-----w- C:\video_output 2012-06-19 23:28:06 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-06-19 23:28:06 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-06-19 23:28:06 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-06-19 23:27:30 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iTunes 2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iPod 2012-06-19 23:27:30 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-19 23:26:15 -------- d-----w- C:\Program Files\Bonjour 2012-06-19 23:26:15 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-06-19 19:09:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Elephant Games 2012-06-19 19:09:36 -------- d-----w- C:\ProgramData\Elephant Games 2012-06-19 00:20:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-19 00:20:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-19 00:18:20 -------- d-----w- C:\Program Files (x86)\Yahoo! 2012-06-18 21:35:55 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions 2012-06-18 20:23:49 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple Computer 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-06-18 20:18:47 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple 2012-06-18 20:17:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn 2012-06-18 13:54:28 -------- d-----w- C:\Windows\SysWow64\Wat 2012-06-18 13:54:28 -------- d-----w- C:\Windows\System32\Wat 2012-06-18 09:57:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios 2012-06-18 09:52:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-06-18 09:52:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-06-18 09:52:50 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-06-18 09:52:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-06-18 09:52:50 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-06-18 09:52:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-06-18 09:52:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-06-17 22:53:48 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games 2012-06-17 19:09:18 -------- d-----w- C:\Users\BodyRoc\AppData\Local\AVG Secure Search 2012-06-16 21:31:59 -------- d-----w- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics 2012-06-16 18:51:22 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-06-16 18:40:07 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-06-16 18:29:30 -------- d-----w- C:\ProgramData\ALM 2012-06-16 18:25:18 -------- d-----w- C:\Users\BodyRoc\Adobe Flash Builder 4.6 2012-06-16 18:16:00 -------- d-----w- C:\Program Files (x86)\My Company Name 2012-06-16 18:02:22 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Adobe 2012-06-16 17:39:07 -------- d-----w- C:\Users\BodyRoc\AppData\Local\DDMSettings 2012-06-16 15:41:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-06-16 15:41:51 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-06-16 15:39:57 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2012-06-16 15:38:50 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-06-16 15:38:50 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-06-16 15:38:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-06-16 15:38:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38:47 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38:47 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-06-16 15:38:47 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-06-16 15:38:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-06-16 15:38:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-06-16 15:38:31 77312 ----a-w- C:\Windows\System32\packager.dll 2012-06-16 15:38:31 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-06-16 15:34:25 -------- d-----w- C:\System Rollback Data 2012-06-15 23:37:44 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Diagnostics 2012-06-15 22:48:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-06-15 22:48:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-06-15 22:48:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-06-15 20:29:54 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation 2012-06-15 20:16:54 -------- d-----w- C:\ProgramData\Uninstall 2012-06-15 20:16:40 -------- d-----w- C:\ProgramData\eSellerate 2012-06-15 20:15:23 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys 2012-06-15 20:15:23 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys 2012-06-15 20:15:22 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys 2012-06-15 20:15:05 -------- d-----w- C:\Program Files (x86)\Roxio 2012-06-15 20:06:51 -------- d-----w- C:\Program Files\Roxio 2012-06-15 20:06:36 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CyberLink 2012-06-15 20:06:32 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys 2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys 2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys 2012-06-15 20:06:31 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared 2012-06-15 20:06:18 -------- d-----w- C:\Program Files (x86)\SmartSound Software 2012-06-15 20:06:17 -------- d-----w- C:\ProgramData\SmartSound Software Inc 2012-06-15 20:03:35 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files 2012-06-15 19:25:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-06-15 19:25:22 -------- d-----w- C:\Program Files\DivX 2012-06-15 19:25:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared 2012-06-15 19:25:02 -------- d-----w- C:\Program Files (x86)\DivX 2012-06-15 19:24:48 -------- d-----w- C:\ProgramData\DivX 2012-06-15 19:12:10 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-06-15 19:12:09 -------- d-----w- C:\ProgramData\Tarma Installer 2012-06-15 19:11:21 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-06-15 19:06:55 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2012-06-15 18:51:58 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-06-15 18:51:38 -------- d-----w- C:\Windows\PCHEALTH 2012-06-15 18:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-06-15 18:50:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-06-15 18:49:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-06-15 18:48:58 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Microsoft Help 2012-06-15 18:38:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AVG2012 2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-06-15 18:38:09 -------- d--h--w- C:\ProgramData\Common Files 2012-06-15 18:38:04 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-06-15 18:37:37 -------- d-----w- C:\Windows\System32\drivers\AVG 2012-06-15 18:37:37 -------- d-----w- C:\ProgramData\AVG2012 2012-06-15 18:37:08 -------- d-----w- C:\Program Files (x86)\AVG 2012-06-15 18:35:34 -------- d-----w- C:\ProgramData\MFAData 2012-06-15 18:16:24 -------- d-----w- C:\Users\BodyRoc\.swt 2012-06-15 18:16:22 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Azureus 2012-06-15 18:15:49 -------- d-----w- C:\Program Files (x86)\Vuze 2012-06-15 18:15:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CRE 2012-06-15 18:15:41 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Conduit 2012-06-15 18:15:41 -------- d-----w- C:\Program Files (x86)\Conduit 2012-06-15 18:15:40 -------- d-----w- C:\Program Files (x86)\Vuze_Remote 2012-06-15 18:12:38 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Google 2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Deployment 2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apps 2012-06-15 17:39:03 -------- d-----w- C:\Windows\Panther 2012-06-15 17:38:49 -------- d-sh--w- C:\Boot 2012-06-15 17:38:29 -------- d-----w- C:\Program Files (x86)\Cisco 2012-06-15 17:37:39 -------- d-sh--w- C:\Windows\Installer 2012-06-15 17:37:07 1089024 ----a-w- C:\Windows\System32\BCMLogon.dll 2012-06-15 16:59:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys 2012-06-15 16:59:15 -------- d-----w- C:\Program Files (x86)\PowerISO 2012-06-15 16:52:24 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e 2012-06-15 16:52:03 76912 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys 2012-06-15 16:52:03 75888 ----a-w- C:\Windows\System32\drivers\L1C60x64.sys 2012-06-15 16:52:02 -------- d-----w- C:\dell . ==================== Find3M ==================== . 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 17:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-04-25 17:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 17:02:15.89 =============== Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.