Jump to content

Search the Community

Showing results for tags 'nginex'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Hey how is it going? I've had this blekko, nginex browser redirect that has been infecting my laptop for about a month now. I'm almost certain I got it from a cnet download. If you could help remove it, I'd greatly appreciate it. DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 10.5.0 Run by Aaron at 8:36:50 on 2012-07-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3764.1272 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Prey\platform\windows\cronsvc.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\PLFSetI.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Users\Aaron\Local Settings\Apps\F.lux\flux.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\WUDFHost.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\notepad.exe C:\Windows\system32\wbem\WmiApSrv.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=1078C5290D31C0D0A023A94FEA7F6708&tbp=homepage uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273607105106l03f8z1h5t58m1d51o mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273607105106l03f8z1h5t58m1d51o mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273607105106l03f8z1h5t58m1d51o uInternet Settings,ProxyOverride = *.local uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll uURLSearchHooks: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll mURLSearchHooks: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll uRun: [Google Update] "C:\Users\Aaron\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [F.lux] "C:\Users\Aaron\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun: [<NO NAME>] mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk.disabled StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk.disabled mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79} : DhcpNameServer = 4.2.2.1 4.2.2.2 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212} : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\14E64627F696461405 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\6325258343 : DhcpNameServer = 192.168.1.1 68.237.161.12 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\6716E656373716 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\841627C656D6132383D27657563747 : DhcpNameServer = 192.168.0.1 192.168.33.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\841627C656D6132383F5548545 : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\84F6C697D41636D27657563747 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\C696E6B6379737 : DhcpNameServer = 10.21.240.252 10.14.115.85 10.24.115.186 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO-X64: blekko search bar - No File BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun-x64: [(Default)] mRun-x64: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\afr68lai.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Aaron\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(extentions.y2layers.installId, a7c9b189-9120-4438-9f81-ed0e4663e065 FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock, FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: security.csp.enable - false . ============= SERVICES / DRIVERS =============== . R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-6-27 791488] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-9 40384] R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2010-9-29 18432] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-12-7 844320] R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496] R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-11 305448] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-4 2320920] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 240160] R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-9 40384] R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-9 40384] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-16 135664] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-16 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-3 113120] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-07-20 07:25:50 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CB8A312D-18C5-4D37-9EDB-D6FAF89FDD44}\mpengine.dll 2012-07-14 07:09:45 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 08:29:50 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 08:29:49 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 08:29:48 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 08:29:48 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 08:29:48 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 08:29:47 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 08:29:47 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 08:29:47 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 08:29:47 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 08:29:46 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 08:29:46 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 08:29:46 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 08:29:45 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-03 16:03:59 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-07-03 16:03:57 772592 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-03 15:25:52 -------- d-----w- C:\Users\Aaron\AppData\Local\Macromedia 2012-07-03 15:10:55 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-03 15:10:55 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 13:41:59 -------- d-----w- C:\Program Files (x86)\YouTube Downloader Toolbar 2012-07-03 13:41:59 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot 2012-07-03 13:41:59 -------- d-----w- C:\Program Files (x86)\Application Updater 2012-06-27 04:52:09 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2012-06-27 04:51:30 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2012-06-27 03:37:05 -------- d-----w- C:\Users\Aaron\AppData\Roaming\DAEMON Tools Lite 2012-06-27 03:35:43 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-06-27 03:35:14 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-27 03:34:55 -------- d-----w- C:\Program Files (x86)\blekkotb_031 2012-06-27 03:34:52 -------- d-----w- C:\Users\Aaron\AppData\Local\blekkotb_031 2012-06-27 03:34:52 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-06-27 03:34:50 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor 2012-06-27 03:34:48 -------- d-----w- C:\ProgramData\Tarma Installer 2012-06-26 19:01:12 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-26 19:00:41 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-26 19:00:23 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-26 19:00:23 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-26 04:03:46 -------- d-----w- C:\Program Files (x86)\Portal 2012-06-26 03:53:10 -------- d-----w- C:\Users\Aaron\Portal 2012-06-25 23:34:23 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-06-25 23:34:17 -------- d-----w- C:\Program Files (x86)\Steam 2012-06-23 18:07:48 -------- d-----w- C:\Users\Aaron\Olivia Prom-grad . ==================== Find3M ==================== . 2012-07-23 12:29:06 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe . ============= FINISH: 8:39:51.03 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.