Search the Community
Showing results for tags 'pum hijack'.
Found 2 results
-
I did a a scan with malwarebytes and got this: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.07.06.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 owner :: OWNER-PC [administrator] Protection: Enabled 7/11/2013 2:58:40 PM MBAM-log-2013-07-11 (15-13-39).txt Scan type: Flash scan Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Registry | File System | P2P Objects scanned: 216779 Time elapsed: 2 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Is this malware?
-
Hi everyone, I've been infected with PUM.Hijack.TaskManager. I've tried to remove with MalwareBytes. It says that is is removed and successful, but when I restarted the laptop, it gives me a pop-up and disable my task manager...It seems that the PUM.Hijack.TaskManager has not get rid of it yet. Thank you very much for your help Here's my DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by shinyaku at 15:56:05 on 2012-03-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.4027.2543 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\windows\System32\svchost.exe -k secsvcs C:\windows\system32\svchost.exe -k SDRSVC C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uWindow Title = Presented by TOSHIBA Leading Innovation >>> uDefault_Page_URL = hxxp://www.toshiba.ca/welcome mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\shinyaku\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JAG103~1.LNK - C:\Windows\System32\rundll32.exe StartupFolder: C:\Users\shinyaku\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JAG186~1.LNK - C:\Windows\System32\rundll32.exe StartupFolder: C:\Users\shinyaku\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JAG574~1.LNK - C:\Windows\System32\rundll32.exe uPolicies-system: DisableTaskMgr = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\452554E444E65647635323 : DhcpNameServer = 192.168.10.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\6416170255 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\C4964747C65635861627B6D27657563747 : DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\C696E6B6379737 : DhcpNameServer = 24.201.245.77 24.200.243.189 24.200.241.37 TCP: Interfaces\{D316E73B-430E-42A1-B495-7DCAB2257460} : DhcpNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO-X64: Google Dictionary Compression sdch - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ============= SERVICES / DRIVERS =============== . R0 BtHidBus;Bluetooth HID Bus Service;C:\windows\system32\Drivers\BtHidBus.sys --> C:\windows\system32\Drivers\BtHidBus.sys [?] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 BsMobileCS;BsMobileCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2011-4-13 147563] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 cpuz135;cpuz135;\??\C:\windows\system32\drivers\cpuz135_x64.sys --> C:\windows\system32\drivers\cpuz135_x64.sys [?] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-9-10 1604200] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-9-10 2320920] R3 BTCOMBUS;Bluetooth Serial Port Bus Service;C:\windows\system32\Drivers\btcombus.sys --> C:\windows\system32\Drivers\btcombus.sys [?] R3 btnetBUs;Bluetooth PAN Bus Service;C:\windows\system32\Drivers\btnetBus.sys --> C:\windows\system32\Drivers\btnetBus.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?] R3 IvtBtBUs;IVT Bluetooth Bus Service;C:\windows\system32\Drivers\IvtBtBus.sys --> C:\windows\system32\Drivers\IvtBtBus.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-3 136176] S3 acpials;ALS Sensor Filter;C:\windows\system32\DRIVERS\acpials.sys --> C:\windows\system32\DRIVERS\acpials.sys [?] S3 BTCOM;Bluetooth Serial port driver;C:\windows\system32\DRIVERS\btcomport.sys --> C:\windows\system32\DRIVERS\btcomport.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-3 136176] S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?] S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-9-10 51512] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-03-04 20:23:08 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34811B4A-2340-4D18-BA2C-5BAA8F3E2510}\offreg.dll 2012-03-03 14:09:22 -------- d-----w- C:\ProgramData\Nexon 2012-03-03 13:22:34 -------- d-----w- C:\Users\shinyaku\AppData\Local\{B86B5D91-B97C-44D6-AA6B-580AA6666414} 2012-03-03 13:22:22 -------- d-----w- C:\Users\shinyaku\AppData\Local\{D2A642D2-CD3A-4B73-AE21-0E17A1346A99} 2012-03-03 02:31:33 -------- d-----w- C:\Nexon 2012-03-03 02:31:32 -------- d-----w- C:\ProgramData\NexonUS 2012-03-03 00:42:29 -------- d-----w- C:\Users\shinyaku\AppData\Local\PMB Files 2012-03-03 00:42:28 -------- d-----w- C:\ProgramData\PMB Files 2012-03-03 00:42:11 -------- d-----w- C:\Program Files (x86)\Pando Networks 2012-03-03 00:31:42 -------- d-----w- C:\Users\shinyaku\AppData\Local\{7434C8A8-E363-4405-935F-CBE59A805983} 2012-03-03 00:31:31 -------- d-----w- C:\Users\shinyaku\AppData\Local\{78AB2EB3-BD97-4647-B573-EF02BFF4C4C7} 2012-03-02 23:23:52 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34811B4A-2340-4D18-BA2C-5BAA8F3E2510}\mpengine.dll 2012-02-28 02:50:16 -------- d-----w- C:\Users\shinyaku\AppData\Local\NFS Underground 2 2012-02-19 04:45:25 -------- d-----w- C:\Users\shinyaku\AppData\Roaming\Xilisoft 2012-02-19 04:41:05 -------- d-----w- C:\ProgramData\Xilisoft 2012-02-19 04:41:05 -------- d-----w- C:\Program Files (x86)\Xilisoft 2012-02-19 04:21:11 -------- d-----w- C:\Users\shinyaku\AppData\Roaming\Xilisoft Corporation 2012-02-18 04:23:10 -------- d-----w- C:\Program Files (x86)\Paradox Interactive 2012-02-18 01:13:20 -------- d-----w- C:\Users\shinyaku\AppData\Local\{87CBB699-E02C-437E-A690-2B5AA5CDCCBB} 2012-02-18 01:12:57 -------- d-----w- C:\Users\shinyaku\AppData\Local\{794E914A-4BA1-4E3C-9A5B-4E0EF8AFBC0B} 2012-02-17 01:03:55 -------- d-----w- C:\Users\shinyaku\AppData\Local\{488243DC-22F5-4B93-AEC2-7BBE195C9BB7} 2012-02-17 01:03:32 -------- d-----w- C:\Users\shinyaku\AppData\Local\{CE261DBB-59E5-4F14-A773-8B69A301B7FE} 2012-02-15 23:41:13 509952 ----a-w- C:\windows\System32\ntshrui.dll 2012-02-15 23:41:12 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll 2012-02-15 02:52:30 3145728 ----a-w- C:\windows\System32\win32k.sys 2012-02-15 02:37:55 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll 2012-02-15 02:37:55 634880 ----a-w- C:\windows\System32\msvcrt.dll 2012-02-15 02:05:11 515584 ----a-w- C:\windows\System32\timedate.cpl 2012-02-15 02:05:11 478720 ----a-w- C:\windows\SysWow64\timedate.cpl 2012-02-15 01:57:38 498688 ----a-w- C:\windows\System32\drivers\afd.sys 2012-02-13 01:12:03 -------- d-----w- C:\Users\shinyaku\AppData\Local\{7291F65A-EB5C-4236-B8CE-A1C5E684EF23} 2012-02-13 01:11:41 -------- d-----w- C:\Users\shinyaku\AppData\Local\{C663A3CA-6F6B-486C-ABCB-7C75794D63CE} 2012-02-06 01:26:31 -------- d-----w- C:\Users\shinyaku\AppData\Local\{C04FE8D4-EAFA-4BAE-A316-74A14C8DE549} 2012-02-06 01:26:09 -------- d-----w- C:\Users\shinyaku\AppData\Local\{9371624C-D827-4FB1-AD9B-9506C38BA62C} 2012-02-05 21:06:17 -------- d-----w- C:\Program Files (x86)\3D-Fahrschule 2012-02-04 01:13:59 -------- d-----w- C:\Users\shinyaku\AppData\Local\{86E3A2B6-0DF6-482C-A197-27F6F9572632} 2012-02-04 01:13:48 -------- d-----w- C:\Users\shinyaku\AppData\Local\{DA2A71B8-4F19-4C09-B48B-2E1582183D58} . ==================== Find3M ==================== . 2012-02-10 03:14:04 6074176 ----a-w- C:\windows\System32\nvcpl.dll 2012-02-10 03:14:01 3089728 ----a-w- C:\windows\System32\nvsvc64.dll 2012-02-10 03:07:03 2561856 ----a-w- C:\windows\System32\nvsvcr.dll 2012-02-10 03:07:00 889664 ----a-w- C:\windows\System32\nvvsvc.exe 2012-02-10 03:07:00 63296 ----a-w- C:\windows\System32\nvshext.dll 2012-02-10 03:07:00 118080 ----a-w- C:\windows\System32\nvmctray.dll 2012-01-29 10:10:42 279656 ------w- C:\windows\System32\MpSigStub.exe 2012-01-17 12:46:01 31040 ----a-w- C:\windows\System32\nvhdap64.dll 2012-01-17 12:45:56 188224 ----a-w- C:\windows\System32\drivers\nvhda64v.sys 2012-01-17 12:45:55 1451840 ----a-w- C:\windows\System32\nvhdagenco6420103.dll 2011-12-14 07:11:03 2308096 ----a-w- C:\windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2011-12-10 20:24:08 23152 ----a-w- C:\windows\System32\drivers\mbam.sys . ============= FINISH: 15:56:53.91 =============== Attach.txt
