Jump to content

Search the Community

Showing results for tags 'pum hijack'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 2 results

  1. I did a a scan with malwarebytes and got this: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.07.06.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 owner :: OWNER-PC [administrator] Protection: Enabled 7/11/2013 2:58:40 PM MBAM-log-2013-07-11 (15-13-39).txt Scan type: Flash scan Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Registry | File System | P2P Objects scanned: 216779 Time elapsed: 2 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Is this malware?
  2. Hi everyone, I've been infected with PUM.Hijack.TaskManager. I've tried to remove with MalwareBytes. It says that is is removed and successful, but when I restarted the laptop, it gives me a pop-up and disable my task manager...It seems that the PUM.Hijack.TaskManager has not get rid of it yet. Thank you very much for your help Here's my DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by shinyaku at 15:56:05 on 2012-03-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.4027.2543 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\windows\System32\svchost.exe -k secsvcs C:\windows\system32\svchost.exe -k SDRSVC C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uWindow Title = Presented by TOSHIBA Leading Innovation >>> uDefault_Page_URL = hxxp://www.toshiba.ca/welcome mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\shinyaku\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JAG103~1.LNK - C:\Windows\System32\rundll32.exe StartupFolder: C:\Users\shinyaku\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JAG186~1.LNK - C:\Windows\System32\rundll32.exe StartupFolder: C:\Users\shinyaku\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JAG574~1.LNK - C:\Windows\System32\rundll32.exe uPolicies-system: DisableTaskMgr = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\452554E444E65647635323 : DhcpNameServer = 192.168.10.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\6416170255 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\C4964747C65635861627B6D27657563747 : DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 TCP: Interfaces\{156D7AD6-9F00-4607-A884-1B508C09176F}\C696E6B6379737 : DhcpNameServer = 24.201.245.77 24.200.243.189 24.200.241.37 TCP: Interfaces\{D316E73B-430E-42A1-B495-7DCAB2257460} : DhcpNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO-X64: Google Dictionary Compression sdch - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ============= SERVICES / DRIVERS =============== . R0 BtHidBus;Bluetooth HID Bus Service;C:\windows\system32\Drivers\BtHidBus.sys --> C:\windows\system32\Drivers\BtHidBus.sys [?] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 BsMobileCS;BsMobileCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2011-4-13 147563] R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 cpuz135;cpuz135;\??\C:\windows\system32\drivers\cpuz135_x64.sys --> C:\windows\system32\drivers\cpuz135_x64.sys [?] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-9-10 1604200] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-9-10 2320920] R3 BTCOMBUS;Bluetooth Serial Port Bus Service;C:\windows\system32\Drivers\btcombus.sys --> C:\windows\system32\Drivers\btcombus.sys [?] R3 btnetBUs;Bluetooth PAN Bus Service;C:\windows\system32\Drivers\btnetBus.sys --> C:\windows\system32\Drivers\btnetBus.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?] R3 IvtBtBUs;IVT Bluetooth Bus Service;C:\windows\system32\Drivers\IvtBtBus.sys --> C:\windows\system32\Drivers\IvtBtBus.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-3 136176] S3 acpials;ALS Sensor Filter;C:\windows\system32\DRIVERS\acpials.sys --> C:\windows\system32\DRIVERS\acpials.sys [?] S3 BTCOM;Bluetooth Serial port driver;C:\windows\system32\DRIVERS\btcomport.sys --> C:\windows\system32\DRIVERS\btcomport.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-3 136176] S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?] S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-9-10 51512] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-03-04 20:23:08 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34811B4A-2340-4D18-BA2C-5BAA8F3E2510}\offreg.dll 2012-03-03 14:09:22 -------- d-----w- C:\ProgramData\Nexon 2012-03-03 13:22:34 -------- d-----w- C:\Users\shinyaku\AppData\Local\{B86B5D91-B97C-44D6-AA6B-580AA6666414} 2012-03-03 13:22:22 -------- d-----w- C:\Users\shinyaku\AppData\Local\{D2A642D2-CD3A-4B73-AE21-0E17A1346A99} 2012-03-03 02:31:33 -------- d-----w- C:\Nexon 2012-03-03 02:31:32 -------- d-----w- C:\ProgramData\NexonUS 2012-03-03 00:42:29 -------- d-----w- C:\Users\shinyaku\AppData\Local\PMB Files 2012-03-03 00:42:28 -------- d-----w- C:\ProgramData\PMB Files 2012-03-03 00:42:11 -------- d-----w- C:\Program Files (x86)\Pando Networks 2012-03-03 00:31:42 -------- d-----w- C:\Users\shinyaku\AppData\Local\{7434C8A8-E363-4405-935F-CBE59A805983} 2012-03-03 00:31:31 -------- d-----w- C:\Users\shinyaku\AppData\Local\{78AB2EB3-BD97-4647-B573-EF02BFF4C4C7} 2012-03-02 23:23:52 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34811B4A-2340-4D18-BA2C-5BAA8F3E2510}\mpengine.dll 2012-02-28 02:50:16 -------- d-----w- C:\Users\shinyaku\AppData\Local\NFS Underground 2 2012-02-19 04:45:25 -------- d-----w- C:\Users\shinyaku\AppData\Roaming\Xilisoft 2012-02-19 04:41:05 -------- d-----w- C:\ProgramData\Xilisoft 2012-02-19 04:41:05 -------- d-----w- C:\Program Files (x86)\Xilisoft 2012-02-19 04:21:11 -------- d-----w- C:\Users\shinyaku\AppData\Roaming\Xilisoft Corporation 2012-02-18 04:23:10 -------- d-----w- C:\Program Files (x86)\Paradox Interactive 2012-02-18 01:13:20 -------- d-----w- C:\Users\shinyaku\AppData\Local\{87CBB699-E02C-437E-A690-2B5AA5CDCCBB} 2012-02-18 01:12:57 -------- d-----w- C:\Users\shinyaku\AppData\Local\{794E914A-4BA1-4E3C-9A5B-4E0EF8AFBC0B} 2012-02-17 01:03:55 -------- d-----w- C:\Users\shinyaku\AppData\Local\{488243DC-22F5-4B93-AEC2-7BBE195C9BB7} 2012-02-17 01:03:32 -------- d-----w- C:\Users\shinyaku\AppData\Local\{CE261DBB-59E5-4F14-A773-8B69A301B7FE} 2012-02-15 23:41:13 509952 ----a-w- C:\windows\System32\ntshrui.dll 2012-02-15 23:41:12 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll 2012-02-15 02:52:30 3145728 ----a-w- C:\windows\System32\win32k.sys 2012-02-15 02:37:55 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll 2012-02-15 02:37:55 634880 ----a-w- C:\windows\System32\msvcrt.dll 2012-02-15 02:05:11 515584 ----a-w- C:\windows\System32\timedate.cpl 2012-02-15 02:05:11 478720 ----a-w- C:\windows\SysWow64\timedate.cpl 2012-02-15 01:57:38 498688 ----a-w- C:\windows\System32\drivers\afd.sys 2012-02-13 01:12:03 -------- d-----w- C:\Users\shinyaku\AppData\Local\{7291F65A-EB5C-4236-B8CE-A1C5E684EF23} 2012-02-13 01:11:41 -------- d-----w- C:\Users\shinyaku\AppData\Local\{C663A3CA-6F6B-486C-ABCB-7C75794D63CE} 2012-02-06 01:26:31 -------- d-----w- C:\Users\shinyaku\AppData\Local\{C04FE8D4-EAFA-4BAE-A316-74A14C8DE549} 2012-02-06 01:26:09 -------- d-----w- C:\Users\shinyaku\AppData\Local\{9371624C-D827-4FB1-AD9B-9506C38BA62C} 2012-02-05 21:06:17 -------- d-----w- C:\Program Files (x86)\3D-Fahrschule 2012-02-04 01:13:59 -------- d-----w- C:\Users\shinyaku\AppData\Local\{86E3A2B6-0DF6-482C-A197-27F6F9572632} 2012-02-04 01:13:48 -------- d-----w- C:\Users\shinyaku\AppData\Local\{DA2A71B8-4F19-4C09-B48B-2E1582183D58} . ==================== Find3M ==================== . 2012-02-10 03:14:04 6074176 ----a-w- C:\windows\System32\nvcpl.dll 2012-02-10 03:14:01 3089728 ----a-w- C:\windows\System32\nvsvc64.dll 2012-02-10 03:07:03 2561856 ----a-w- C:\windows\System32\nvsvcr.dll 2012-02-10 03:07:00 889664 ----a-w- C:\windows\System32\nvvsvc.exe 2012-02-10 03:07:00 63296 ----a-w- C:\windows\System32\nvshext.dll 2012-02-10 03:07:00 118080 ----a-w- C:\windows\System32\nvmctray.dll 2012-01-29 10:10:42 279656 ------w- C:\windows\System32\MpSigStub.exe 2012-01-17 12:46:01 31040 ----a-w- C:\windows\System32\nvhdap64.dll 2012-01-17 12:45:56 188224 ----a-w- C:\windows\System32\drivers\nvhda64v.sys 2012-01-17 12:45:55 1451840 ----a-w- C:\windows\System32\nvhdagenco6420103.dll 2011-12-14 07:11:03 2308096 ----a-w- C:\windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2011-12-10 20:24:08 23152 ----a-w- C:\windows\System32\drivers\mbam.sys . ============= FINISH: 15:56:53.91 =============== Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.