Jump to content

Search the Community

Showing results for tags 'shutdown'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 16 results

  1. PC running windows 7 will not shut down with Malwarebytes Ransomware enabled. I also have Norton 360 which plays nicely with Malwarebytes. Premium. I have worked with support and sent replies and logs as requested without a fix. The last email requested I submit this information to Engineering which I highly doubt exists since the has been no fixes either for myself or others reporting the same problem as far back as 2018.
  2. Is there a way or an option to shut down the PC if the scan finds no problems? I would like to run a scan every night before I go to bed. I currently have a scan scheduled for 3 am, but I don't like leaving my computer on 24x7. If I don't leave it on all night, it takes 20-30 minutes to run a threat scan when I boot it up in the morning, which is a pain. If there IS no way to do this currently, I would like to suggest that such an option be added in some future release. Thanks!
  3. Malwarebytes (MWB) threat scan is driving my PC into 100% utilisation and shutdown, often when I'm away from my desk. It's affecting my work and general computer use big time. There may have been external manipulation of my machine as I've been hacked numerous times, and MWB's settings have been hacked and manipulated numerous times, mainly involving turning off layers of security. I've set a user password in MWB now which has helped me get control of MWB, and now this overheating overutilisation of CPU has started. Even with my fan settings changed to Turbo, my CPU's are overheating and shutting down PC at times. I'm disappointed how easy it is to hack MWB and I've had 2 trojan intrusions recently which I've removed. Rather than data destruction, these trojans seemed to be focussed on monitoring my activity , data mining and getting identity data assumedly for banking access. Windows defender picked up these trojans- not MWB. any help with CPU overload would be appreciated.
  4. Why do my “Real Time Protective Layers” keep shutting off from my Premium Malwarebytes 3.2.2? For a whole week now I am getting 5 or 6 daily warnings that they are “shut off” and that I must manually put them on again.
  5. Lately my PC has been acting suspiciously; performing simple tasks such opening an image very slowly and freezing my games minutes after opening them. Although they would eventually unfreeze, it makes playing games almost impossible. Additionally, sometimes, when I attempt to shutdown my PC, an unnamed program or a program named 'G' will prevent my PC from shutting down, although when I reenter my PC no such my program is running in the task manager. My PC specs are listed below. CPU: Intel i5 4460 GPU: Radeon R9 270 Motherboard: Gigabyte B85M-D3H PSU: Corsair 500M RAM: 8gb hyper x fury ddr3
  6. Hi. Since the new 3.x version i've been experiencing this issue. It does not happen everytime but it does most of the time, whenever i need to reboot or shutdown my computer, with windows 10, i see the screen with the rolling balls saying shuting down or rebooting and then it just freezes and stays like that forever. I need to reset or keep the power button pressed. I assume this is because malwarebytes, i already tried to unninstall it multiple times and when i do that, those freezes no longer happen. I really like malwarebytes but i cant have my computer crashing like this everytime. I'll place my mbamservice log. The last time i had to shutdown the computer was in the 6AM events in the log. I even did it twice, and in one of them i closed the program before shutting down my computer, it still happened. MBAMSERVICE.LOG
  7. If I leave my laptop (hpprobook, Windows 7) idle for a while, it shuts down and I have to reboot it. Also, AVAST somtimes notifies me that a potencially malicious code is preventing the scanning of my browser (Mozilla Firefox).
  8. About 2 months ago we started having problems with our Windows 7 machines getting stuck on shutting down during a shutdown or reboot process. We've narrowed the problem down to Malwarebytes Anti-Ransomware. If we uninstall and reinstall it the problem goes away but it seems whenever we get windows updates it breaks it again. Anyone else see this problem and have a more permanent fix? We are running Anti-Ransomware for business 0.9.17.689
  9. After having installed Windows Security Update KB3197868 which is the Windows 7, Nov, 2016 Security Monthly Quality Rollup for Windows 7 64 bit, my shutdown time went from 15 seconds to 5 minutes. After fiddling with MSCONFIG, I determined the hangup was due to service MB3Service . If I click on "Stop Protection", in the Anti-Ransomeware Dashboard, the problem goes away.This started to happen immediately after installing KB3197868.
  10. hi, I have the same problem, running windows 7 x64 and MBAR beta 8. To be able to shut down or restart successfully I need to first manually stop the MB3service service. I have followed the instructions above for a clean install, again with beta 8, but the problem persists. I have attached the files from c:\programdata MalwarebytesARW.zip
  11. Getting the Shutdown slowdown and two other issues which seem related. Built a new windows 7 pro sp1 machine and installed ARW. The batch of 100+ updates which usually takes 24-48hrs to appear ready for install never shows (200 + hrs). Also, preset backups using Windows 7 Task Scheduler on another machine stopped working immediately after ARW install.
  12. So last night I left my PC on and went away for about 4 hours. No, I was not browsing porn at the time I went AFK. I came back and my laptop wouldn't boot up. I had to plugin my power cord to start it up. battery was at 16%, though. Then pops up a failure to start and pc repair window (the kind that doesn't load windows fully) It looks like win 98. I restored windows to a "previously working point in time" and went on. Then I ran MBAM out of curiosity. I found trovi and other malware. Obviously i attempted to remove them all. I was prompted to restart for full removal so I did, BUT after 30 mins of waiting I decided to go ahead and restart while it still said "shutting down" still. My real problem is that I can't remove trovi and the other crap again. I can't even find it. I don't have the logs to show you either. How can i fix this?
  13. hi there, My windows 7 shuts down automatically without any reason. It isn`t a sudden shutdown, closes immediately everything then turns off windows. I think it is more likely a software problem, but I dont know where to look. Sometimes it is working for a while (few minutes), then does this. Sometimes you can`t even reach the sign in window. There isn`t any automatic shut down task set up. First it turned on itself as well. I charged the batteries and I couldn`t use my laptop on the train, because on the way there (4 hours) it slowly used its battery. Where should I look for the problem? Did anyone have the same problem before? I`m working from my Ipad now, because I can only use the laptop for few minutes.. Please help, thanks sophie
  14. Hello, I would really appreciate any help I can get. My computer obviously has a virus and I am trying to get rid of it by using Malwarebytes. The problem is that my laptop shuts down when I attempt to run Malwarebytes. I also attempted to run another malware program and yet again, my laptop shut down during the scan. I downloaded the Farbar tool and attached are my log files for review. I appreciate any help you can offer! Thanks you! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014 Ran by Vicky (administrator) on VICKY-PC on 30-05-2014 19:46:19 Running from C:\Users\Vicky\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2786104 2013-10-01] (Intuit Inc. All rights reserved.) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-12-15] (RealNetworks, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-508528177-1095063247-2450766804-1000\...\Run: [Google Update] => C:\Users\Vicky\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-18] (Google Inc.) HKU\S-1-5-21-508528177-1095063247-2450766804-1000\...\Run: [spybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\S-1-5-21-508528177-1095063247-2450766804-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-508528177-1095063247-2450766804-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-508528177-1095063247-2450766804-1000\...\MountPoints2: G - G:\Setup.exe HKU\S-1-5-21-508528177-1095063247-2450766804-1000\...\MountPoints2: {35cce7c0-c9c5-11e0-91aa-705ab63af574} - G:\Setup.exe HKU\S-1-5-21-508528177-1095063247-2450766804-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Vicky\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-18] (Google Inc.) HKU\S-1-5-21-508528177-1095063247-2450766804-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\S-1-5-21-508528177-1095063247-2450766804-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-508528177-1095063247-2450766804-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-508528177-1095063247-2450766804-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: G - G:\Setup.exe HKU\S-1-5-21-508528177-1095063247-2450766804-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {35cce7c0-c9c5-11e0-91aa-705ab63af574} - G:\Setup.exe HKU\S-1-5-21-508528177-1095063247-2450766804-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-508528177-1095063247-2450766804-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-508528177-1095063247-2450766804-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKU\S-1-5-21-508528177-1095063247-2450766804-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-508528177-1095063247-2450766804-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Startup: C:\Users\Vicky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled () GroupPolicyUsers\S-1-5-21-508528177-1095063247-2450766804-1004\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U219DHP&pc=U219 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=27360510b705l0464z105t5532j32n HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=27360510b705l0464z105t5532j32n HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=27360510b705l0464z105t5532j32n HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=27360510b705l0464z105t5532j32n URLSearchHook: HKCU - (No Name) - {da46e5b7-3525-45f5-ac0a-d06f0f7f2fe4} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - 680C505230B346A8B7E8CA0BADC26032 URL = http://search.conduit.com/Results.aspx?ctid=CT2260173&octid=EB_ORIGINAL_CTID&SearchSource=62&CUI=&UM=&UP=SP839B4CC4-8813-4F7A-AEF1-0E348F922FA9&q={searchTerms}&SSPV= SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: No Name - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - No File BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.102\npchrome_frame.dll (Google Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {BB670D0B-5C46-40C7-B38B-40DD26987723} - No File Toolbar: HKCU - No Name - {DA46E5B7-3525-45F5-AC0A-D06F0F7F2FE4} - No File DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {E7DA7F8D-27AB-4EE9-8FC0-3FEC9ECFE758} https://www.compass.state.pa.us/COMPASS.RiaClient/ASDScan/DynamicWebTWAIN.cab Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - No File Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.102\npchrome_frame.dll (Google Inc.) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll (Intuit, Inc.) Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620 FF DefaultSearchEngine: DuckDuckGo FF SelectedSearchEngine: DuckDuckGo FF Homepage: hxxp://duckduckgo.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Vicky\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Vicky\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.) FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Vicky\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) FF SearchPlugin: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\searchplugins\duckduckgo.xml FF Extension: Xmarks - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\Extensions\foxmarks@kei.com [2014-03-04] FF Extension: LastPass - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\Extensions\support@lastpass.com [2014-03-04] FF Extension: feedly - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\Extensions\feedly@devhd.xpi [2014-03-04] FF Extension: Simple Youtube Converter - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi [2014-03-04] FF Extension: DuckDuckGo Plus - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-03-12] FF Extension: Adblock Plus - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\18l056pr.default-1357853551620\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-04] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-10] FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-15] FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/", "hxxp://recruitin.net/", "hxxp://www.resumesearchtool.com/#!recruitingsearchengine/cjg9", "https://www.smartrecruiters.com/cgi-bin/WebObjects/backoffice.woa/wo/24.0.31#/" CHR DefaultSearchKeyword: swagbucks.com CHR DefaultSearchProvider: swagbucks.com CHR DefaultSearchURL: http://www.swagbucks.com/?t=w&p=1&q={searchTerms} CHR DefaultNewTabURL: CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Vicky\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Vicky\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Vicky\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (AVG Internet Security) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll (Catalina Marketing Corporation) CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Talk Plugin) - C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File CHR Extension: (Inventory.com web-store designer) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbjnkibefnakphhnehbkkonkljebijk [2014-05-19] CHR Extension: (LinkedIn Today BeGone) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\adjkolielffnopiokgionkknjbepdkem [2014-05-19] CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2012-01-25] CHR Extension: (Angry Birds) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-01-31] CHR Extension: (Save this page with CleanSave) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammcjklapijbkcphjgmkmefhmheapjoa [2012-02-29] CHR Extension: (Talentguide) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\anajjljmggnieicojgjkpbjhflaaajma [2014-05-19] CHR Extension: (ChoreApp) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoaalijgjmmlnbfpgfjanbdpihfaofjl [2012-06-22] CHR Extension: (Google Drive) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-01-31] CHR Extension: (Shortcuts for Google™) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd [2012-01-25] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22] CHR Extension: (YouTube) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10] CHR Extension: (No Name) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmojmjbhipdpglebpoadnlofcomdfnck [2012-01-31] CHR Extension: (DuckDuckGo for Chrome) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2014-05-19] CHR Extension: (Webmail Ad Blocker) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2014-05-19] CHR Extension: (Adblock Plus) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-19] CHR Extension: (123ContactForm - Online Form Builder) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgolehhldemhadjnflinkaoldejibajd [2012-01-31] CHR Extension: (Smartsheet Project Management Software) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cindmhdfkimaeggbebfjkmkdfiohldbm [2014-05-19] CHR Extension: (Webpage Screenshot) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2012-02-29] CHR Extension: (Adblock for Youtube™) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-05-19] CHR Extension: (Weebly - Website Builder) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2012-01-25] CHR Extension: (Google Search) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10] CHR Extension: (Email this page (by Google)) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2012-01-25] CHR Extension: (Vibe for Google Chrome™) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnookjgoaaelhciadikaadnkgmiamei [2014-05-20] CHR Extension: (SendTo Extension) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dciajaeekjbgabhainjjfjomimniddne [2012-02-29] CHR Extension: (Dokker Clipper) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbddallcpimeifacfbnkndglfnjmfhl [2014-05-19] CHR Extension: (Cool Math Games) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddcbpgaonefnjcnikdkbbdfgcgnpbndd [2012-06-24] CHR Extension: (Read Later Fast) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2012-01-31] CHR Extension: (Organize Your People) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgfffcpfaiphjlfhmdmejffibklapdcb [2014-05-19] CHR Extension: (SEO Site Tools) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\diahigjngdnkdgajdbpjdeomopbpkjjc [2012-01-25] CHR Extension: (Contactually) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dikpagkhomokimcjcemgbjpelimlhpej [2014-05-19] CHR Extension: (RecruitIn) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dojgaeepekolngkomjdphafijmieobam [2012-06-22] CHR Extension: (MaskMe) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2014-05-19] CHR Extension: (LinkedIn Bookmark) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\echiicjpbfmcpkmnogepdcagplinkfai [2012-02-29] CHR Extension: (Tabs Outliner) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl [2014-05-20] CHR Extension: (MailChimp) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnfnfpkbbebamphappjlmbedgjbnoe [2012-01-31] CHR Extension: (Gmail Offline) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2012-01-31] CHR Extension: (Addition & Substraction) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhilgkkhahjjpkaebdffiijonfkgljk [2012-06-22] CHR Extension: (Android Freeware) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\faijocccbppcdmakdenmbbiflcagbapp [2012-01-25] CHR Extension: (Falcon) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcbcnboheaijdfnkchlbeilgmaebdogd [2014-05-20] CHR Extension: (Contactually) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdicmnidmcjbnbeokngbgcbnognoilnn [2014-05-20] CHR Extension: (CATS Applicant Tracking System) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjenbaobpfbbeepeeokhcbcpdggddfa [2014-05-19] CHR Extension: (Virtual Piano Black) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagcpcbacoaogfljhglghpjhkmmfeeo [2012-01-25] CHR Extension: (Print this page with CleanPrint) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf [2012-02-29] CHR Extension: (Springpad) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2012-01-27] CHR Extension: (Math counting puzzle / game for Kids) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmiefkckhkeeggkfjjaocnlljbnlmnok [2012-06-24] CHR Extension: (OfficeClip Complete Suite) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmjfpijbolaiijcfnmnodjdcechkalp [2014-05-19] CHR Extension: (AdBlock) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-01-25] CHR Extension: (Yesware Email Tracking) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp [2014-05-19] CHR Extension: (Save to Google Drive) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-05-19] CHR Extension: (Send to Evernote) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnilckpgiopfcokcijkhpghppekcoafm [2012-02-29] CHR Extension: (LogMyCalls) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnnnninjnjjknlmcikbngchbenobhmde [2014-05-19] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-05-19] CHR Extension: (Rapportive) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2012-01-31] CHR Extension: (Insightly) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkopngnjabiaaibfkfgjhgdfpoholppn [2014-05-19] CHR Extension: (Profile Views: Save Who Viewed My LinkedIn) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldngpjilggobfjfjhodmohobamhbdhh [2014-05-20] CHR Extension: (Evercontact) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfhddckfmifofnpklmmiboiljmengde [2014-05-19] CHR Extension: (tviggr) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmolgbmkhjnoekekdogckilbbedhdnoh [2012-06-18] CHR Extension: (Plypp Piano) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hofckkgpnnjabffkjemconojemcibifh [2012-01-25] CHR Extension: (Cloud Reader) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2012-01-31] CHR Extension: (RealDownloader) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-04-14] CHR Extension: (Lippl) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifnodpmljckfckbpbapkdabdpfcaglab [2014-05-19] CHR Extension: (Color Piano!) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh [2012-06-18] CHR Extension: (Save to Pulse) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\imnghiiajfangdaolekmphkaohhcnklj [2012-01-31] CHR Extension: (HROffice) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\imofbbglaogegnjcddcihhbggjghkido [2014-05-19] CHR Extension: (Clearly) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2012-01-31] CHR Extension: (MosaicTrack Applicant Tracking System) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnlghbapombdhlocehilfjhebelmeah [2014-05-19] CHR Extension: (Slashrecruit) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jebieheiopepcgpbolgifhicniflchoe [2012-02-29] CHR Extension: (Google Tasks Offline (Unofficial)) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekhpicinnaamcmadbipjejafgkjdokh [2014-05-19] CHR Extension: (Learn Elementary Sight Words) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jihnccjhlooodnlicdadocobjlkefdio [2012-06-22] CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2014-05-19] CHR Extension: (KIDO'Z TV) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokdeafnhahffanabnbjjjjmoechjklc [2012-06-22] CHR Extension: (HelloSign: Online signatures made easy) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2014-05-19] CHR Extension: (Google Voice (by Google)) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-05-27] CHR Extension: (Shareaholic for Pinterest) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc [2012-01-25] CHR Extension: (OnePageCRM Lead Clipper) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcnbhcjcmfmjmnefhhmcjifakidfnp [2014-05-19] CHR Extension: (Search on Linkedin) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldijfbphampndgemooecbdgfdnmhhjl [2012-02-29] CHR Extension: (LinkedNotes) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmbfbgimpbcaaeibgnijiflciagmiha [2012-02-29] CHR Extension: (Qandidate.com) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kopdjgjngibkccbopfgcigehmcdggdeo [2014-05-19] CHR Extension: (Evernote Web) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2012-02-29] CHR Extension: (Post Me) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjlnfbhplkdjihpdhgelilkkbfmloab [2012-06-18] CHR Extension: (DuckDuckGo Home Page) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljkalbbbffedallekgkdheknngopfhif [2014-05-19] CHR Extension: (Reload All Tabs) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem [2012-01-31] CHR Extension: (Base CRM and Sales Tracking) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpncklmdfcdmnlkjdplcmkkijhhphfaa [2012-06-18] CHR Extension: (SalesLoft Prospector) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\meeccdmelneokmmeagkgalomighgigbp [2014-05-19] CHR Extension: (HiringThing) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfojkhgjlcafifapbebeamnbllnkkkff [2014-05-19] CHR Extension: (Google Mail Checker) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-01-25] CHR Extension: (LiveHive Extension) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkgjlgfgcbmbdphpekbienchiehfmmhf [2012-01-31] CHR Extension: (ScootPad) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjchkacpbjppajjghmohegkkcikmeef [2012-06-22] CHR Extension: (Google Play Books) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2012-01-31] CHR Extension: (PrintableLunchBoxNotes.com) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakeblmcolhimpmieeigbajcmfeefibp [2012-06-22] CHR Extension: (Do It (Tomorrow)) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2012-02-29] CHR Extension: (ZipRecruiter) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\njcepeeichokjhnhemejcjbckncplfic [2014-05-19] CHR Extension: (Google Wallet) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-19] CHR Extension: (Popcorn) - C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnonfepeafdifhdohiplonkljgafpahm [2014-05-19]
  15. I have a scheduled daily full scan and, within the last two days, came home to find that my pc has rebooted. Nothing appears in the log and MSE doesn't reflect anything either. Windows displays a message: "Your PC has recovered from a serious error" A Quick Scan runs fine and when rebooting in Safe Mode, a full MWB scan runs fine - with no issues found. Thanks in advance for any guidance. jk
  16. Help! I have ran a ton of different anti-virus programs trying to kill this infestation: AVG, Avast, Avira, Kaspersky, DRWeb, ESET, F-Prot... to name a few... main issue is the computer turns off while scanning or blocks scanning... it has also stolen my network password and added it to some key ring... changed password.. anyway here's some found virus' in the infecting file: Trojan.Click2 - AVG, Arcavir Crypt.AJZT (64 bit, infected registry keys) - AVG W32/Backdoor2.HJZG -- Use Commtouch, F-Prot, Authentium Troj/Keygen-GV - Sophos HackTool.Keygen!O9+5af6Bu28 - VirusBuster Trojan/Win32.Genome.ymdi - Anity BAT/HostsChanger.A application - NOD32 TROJ_SPNR.08JR11 - Trend Micro Suspected files and entries: Crypt.PKO in registry YMERemote csrss.exe atieclxx.exe winlogon.exe cryptdlg.exe bcrypt32.dll cryptocme2.dll cryptbase.dll cryptsp.dll cryptxml.dll Infections Reported: Trojan Crypt.AJZT (on the loose somewhere) Heur.Generic,Dialer.15 in C:\Program Files\TOSHIBA\TOSAPINS\COMPS1\TC0034620\TC00346200B.EXE<ZIP>:tinstall.exe (replaced) Downloader.Riskware.Popcap.B in C:Windows\Downloaded Program Files\popcaploader,dll (deleted) E_SE14C.tmp.vir (quarantined) Here's my DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1 Run by Lisa at 21:13:02 on 2013-01-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.2201 [GMT -6:00] . AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig uDefault_Page_URL = hxxp://start.toshiba.com/g/ dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned> mWinlogon: Userinit = userinit.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [KGShareApp] C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe uRun: [EPSON1574D8 (Epson Stylus NX420)] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\windows\TEMP\E_SE14C.tmp" /EF "HKCU" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/bejeweled2/sis/popcaploader_v10.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{362C9586-D96A-4566-97CD-9ADB030ECEF8} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{362C9586-D96A-4566-97CD-9ADB030ECEF8}\16474777966696 : DHCPNameServer = 192.168.5.1 TCP: Interfaces\{362C9586-D96A-4566-97CD-9ADB030ECEF8}\7596C616E6462457464697 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{362C9586-D96A-4566-97CD-9ADB030ECEF8}\A5960707564696479744F6F64416 : DHCPNameServer = 192.168.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe x64-Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [smoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe x64-Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-6-23 75904] R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-6-23 38016] R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-10-15 63328] R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2012-9-21 225120] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2012-11-15 111968] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-9-14 40800] R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-29 30568] R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512] R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-6-23 9216] S1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464] S1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-10-2 185696] S1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2012-9-21 200032] S2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-6-23 203776] S2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-1-22 71600] S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-22 44808] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904] S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] S2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2011-6-23 126392] S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-29 711112] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584] S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\windows\System32\drivers\massfilter_hs.sys [2012-8-23 18456] S3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-6-23 38096] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-4 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-6-23 243712] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-6-23 1109096] S3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] S3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] S3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] S3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-6-23 51576] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-4 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-4 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-8-26 1255736] S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . .bat: <filetype is not registered> .cmd: <filetype is not registered> .com: <filetype is not registered> .exe: <filetype is not registered> .chm: <filetype is not registered> .ini: <filetype is not registered> .inf: <filetype is not registered> . =============== Created Last 30 ================ . 2013-01-23 19:13:08 -------- d-----w- C:\Users\Lisa\AppData\Roaming\ArcaBit 2013-01-23 07:59:55 -------- d-----w- C:\Program Files (x86)\ESET 2013-01-23 07:40:28 -------- d-----w- C:\Users\Lisa\AppData\Roaming\QuickScan 2013-01-23 06:59:56 -------- d-----w- C:\Program Files\Defraggler 2013-01-23 05:31:35 -------- d-----w- C:\Program Files\CCleaner 2013-01-23 02:41:55 71600 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys 2013-01-23 02:41:23 41224 ----a-w- C:\windows\avastSS.scr 2013-01-23 02:40:53 -------- d-----w- C:\ProgramData\AVAST Software 2013-01-23 02:40:53 -------- d-----w- C:\Program Files\AVAST Software 2013-01-23 01:44:06 -------- d-----w- C:\Users\Lisa\Doctor Web 2013-01-22 10:39:22 -------- d-----w- C:\Users\Lisa\AppData\Roaming\FRISK Software 2013-01-22 10:26:28 -------- d-----w- C:\ProgramData\FRISK Software 2013-01-22 10:23:28 -------- d-----w- C:\Users\Lisa\AppData\Roaming\ArcaVirMicroScan 2013-01-22 03:20:53 -------- d-----w- C:\ProgramData\Kaspersky Lab 2013-01-21 21:13:22 -------- d-----w- C:\ProgramData\HitmanPro 2013-01-21 20:37:06 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Malwarebytes 2013-01-21 20:36:52 -------- d-----w- C:\ProgramData\Malwarebytes 2013-01-09 05:19:36 424448 ----a-w- C:\windows\System32\KernelBase.dll 2013-01-09 05:13:16 750592 ----a-w- C:\windows\System32\win32spl.dll 2013-01-09 05:13:16 492032 ----a-w- C:\windows\SysWow64\win32spl.dll 2013-01-09 04:58:13 800768 ----a-w- C:\windows\System32\usp10.dll 2013-01-09 04:58:13 626688 ----a-w- C:\windows\SysWow64\usp10.dll 2013-01-09 04:50:55 68608 ----a-w- C:\windows\System32\taskhost.exe 2013-01-09 04:50:53 3149824 ----a-w- C:\windows\System32\win32k.sys 2013-01-09 04:13:17 2002432 ----a-w- C:\windows\System32\msxml6.dll 2013-01-09 04:13:16 1882624 ----a-w- C:\windows\System32\msxml3.dll 2013-01-09 04:13:16 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll 2013-01-09 04:13:15 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll 2013-01-09 04:12:21 307200 ----a-w- C:\windows\System32\ncrypt.dll 2013-01-09 04:12:20 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll 2013-01-02 20:31:57 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{99D51E8E-B0BF-4FCA-9E48-7CF7A2D706E9}\mpengine.dll . ==================== Find3M ==================== . 2013-01-17 03:58:17 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-17 03:58:17 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll 2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll 2012-11-30 03:45:01 30568 ----a-w- C:\windows\System32\drivers\avgtpx64.sys 2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-16 05:33:24 111968 ----a-w- C:\windows\System32\drivers\avgmfx64.sys 2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll 2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2012-11-02 05:59:11 478208 ----a-w- C:\windows\System32\dpnet.dll 2012-11-02 05:11:31 376832 ----a-w- C:\windows\SysWow64\dpnet.dll . ============= FINISH: 21:14:29.96 =============== attach.txt.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.