Jump to content

Search the Community

Showing results for tags 'spyware.password'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 12 results

  1. Certain files from TorBrowser Bundle 4.5.1 are being detected as Spyware.Password Spyware.Password, C:\Users\Jorge\Desktop\TorBrowser\Browser\AccessibleMarshal.dll, , [4060cfc9e7a3b6807e6f7de52ed4ee12],Spyware.Password, C:\Users\Jorge\Desktop\TorBrowser\Browser\libEGL.dll, , [643c7127256537ff02ebee7431d1fd03],Spyware.Password, C:\Users\Jorge\Desktop\TorBrowser\Browser\libGLESv2.dll, , [f7a93e5a35552b0b6687da88996959a7],Spyware.Password, C:\Users\Jorge\Desktop\TorBrowser\Browser\mozalloc.dll, , [20807325880232045499fe6422e0a858],Spyware.Password, C:\Users\Jorge\Desktop\TorBrowser\Browser\browser\components\browsercomps.dll, , [fba5d3c5c9c13cfa67867ce65aa8f50b], I have, for now, added an exception to MBAM installation on my computer to stop it from scanning TorBrowser files. The software can be freely downloaded from: https://dist.torproject.org/torbrowser/My specific version is torbrowser-install-4.5.1_pt-PT.exeFor the record, attached are the scan log and the false positives archive. TorBrowser.txt TorBrowser.zip
  2. I completed a scan this morning and Spyware.Password was quarantined. Is this a genuine threat or a false positive? What action do I need to take? I enclose the scan log. My computer is now crashing if I leave it unattended for a long period. The on off light stays winking. Pressing the windows button or the on off switch briefly does not revive it and I have to reboot. This may or may not be related to the suspect file. If you want to see the actual suspect file please would you explain how I can safely retrieve it from quarantine and send it as a Zip file. Your online instructions do not explain how to save the file as a zip file. Taking the file out of quarantine also seems risky when the danger level is still unknown. Many thanks. MWLogSQ20141113.txt
  3. I completed a scan this morning and Spyware.Password was quarantined. Is this a genuine threat or a false positive? What action do I need to take? I enclose the scan log. My computer is now crashing if I leave it unattended for a long period. The on off light stays winking. Pressing the windows button or the on off switch briefly does not revive it and I have to reboot. This may or may not be related to the suspect file. If you want to see the actual suspect file please would you explain how I can safely retrieve it from quarantine and send it as a Zip file. Many thanks. MWLogSQ20141113.txt
  4. Hi, Recently visited http://www.powermapper.com to download their SortSite free trial program from http://www.powermapper.com/download/sortsite/index.htm. The exe file wasn't flagged by Malwarebytes on download but when I scanned the file after downloading Malwarebytes flagged it as "Spyware.Password" which it then quarantined and deleted. Power mapper seem to be a reputable company so could this be a false positive and if it isn't why didn't MB pick it up on download? Thanks, Elaine
  5. Hi, Yesterday I ran a Malwarebytes scan of my computer and was told that Malwarebytes found spyware.passord. Malwarebytes removed it but, when browsing on the internet my browser will suddenly redirect me to bizcoaching.info. I'm unsure if Malwarebytes actually removed the program or this is a symptom of another infection. Thanks!!
  6. Something happen to my PC today. Someone tried to transfer $99,000 from our corporate bank account from my PC. I downloaded an installed MBAM. Here is what it found and removed--- Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.19.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19393 becky :: TRUSTEE1010 [administrator] Protection: Enabled 12/19/2012 12:12:51 PM mbam-log-2012-12-19 (12-12-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 219988 Time elapsed: 5 minute(s), 37 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|*.securewebinfo.com (Trojan.Zlob) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|*.safetyincludes.com (Trojan.Zlob) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|*.securemanaging.com (Trojan.Zlob) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|KB00072502.exe (Trojan.Agent.KBGen) -> Data: "C:\Users\becky\AppData\Roaming\KB00072502.exe" -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 5 C:\Users\becky\AppData\Local\Temp\exp5374.tmp.exe (Spyware.Password) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully. (end) After a restart, MBAM found nothing. Second scan-- Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.19.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19393 becky :: TRUSTEE1010 [administrator] Protection: Enabled 12/19/2012 12:29:03 PM mbam-log-2012-12-19 (12-29-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 36456 Time elapsed: 58 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) My Symantec was updated and nothing was found. How bad was this infection? Should I be worried? I plan on changing ALL my passwords.
  7. Something happen to my PC today. Someone tried to transfer $99,000 from our corporate bank account from my PC. I downloaded an installed MBAM. Here is what it found and removed--- Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.19.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19393 becky :: TRUSTEE1010 [administrator] Protection: Enabled 12/19/2012 12:12:51 PM mbam-log-2012-12-19 (12-12-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 219988 Time elapsed: 5 minute(s), 37 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|*.securewebinfo.com (Trojan.Zlob) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|*.safetyincludes.com (Trojan.Zlob) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow|*.securemanaging.com (Trojan.Zlob) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|KB00072502.exe (Trojan.Agent.KBGen) -> Data: "C:\Users\becky\AppData\Roaming\KB00072502.exe" -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 5 C:\Users\becky\AppData\Local\Temp\exp5374.tmp.exe (Spyware.Password) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Users\becky\Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully. (end) After a restart, MBAM found nothing. Second scan-- Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.19.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19393 becky :: TRUSTEE1010 [administrator] Protection: Enabled 12/19/2012 12:29:03 PM mbam-log-2012-12-19 (12-29-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 36456 Time elapsed: 58 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) My Symantec was updated and nothing was found. How bad was this infection? Should I be worried? I plan on changing ALL my paswords.
  8. I have multiple computers infected with spyware.password and pup.crossfire.sa. Here is the dds and attach scripts from computer #1. I ran MWB, then ran dds, then uploaded scripts. 2nd computer coming soon. Here are the files in text format . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 1/17/2007 6:33:34 PM System Uptime: 9/24/2012 6:57:05 AM (1 hours ago) . Motherboard: Dell Inc. | | 0WG864 Processor: Intel® Core2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 458 GiB total, 389.422 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP2288: 6/26/2012 5:55:35 PM - System Checkpoint RP2289: 6/27/2012 6:55:40 PM - System Checkpoint RP2290: 6/28/2012 7:03:23 PM - System Checkpoint RP2291: 6/30/2012 11:19:16 AM - System Checkpoint RP2292: 7/1/2012 7:02:11 PM - System Checkpoint RP2293: 7/2/2012 9:51:32 PM - System Checkpoint RP2294: 7/3/2012 11:11:43 PM - System Checkpoint RP2295: 7/4/2012 11:15:04 PM - System Checkpoint RP2296: 7/6/2012 12:12:10 AM - System Checkpoint RP2297: 7/7/2012 2:52:07 AM - System Checkpoint RP2298: 7/8/2012 3:15:07 AM - System Checkpoint RP2299: 7/9/2012 4:15:09 AM - System Checkpoint RP2300: 7/10/2012 7:38:24 AM - System Checkpoint RP2301: 7/11/2012 6:21:54 PM - System Checkpoint RP2302: 7/12/2012 7:00:25 AM - Software Distribution Service 3.0 RP2303: 7/13/2012 7:30:33 AM - System Checkpoint RP2304: 7/14/2012 7:45:04 AM - System Checkpoint RP2305: 7/15/2012 8:30:36 AM - System Checkpoint RP2306: 7/16/2012 9:42:38 AM - System Checkpoint RP2307: 7/17/2012 10:30:40 AM - System Checkpoint RP2308: 7/18/2012 6:36:12 PM - System Checkpoint RP2309: 7/19/2012 6:38:24 PM - System Checkpoint RP2310: 7/20/2012 6:38:55 PM - System Checkpoint RP2311: 7/21/2012 7:05:26 PM - System Checkpoint RP2312: 7/22/2012 7:51:58 PM - System Checkpoint RP2313: 7/23/2012 8:41:30 PM - System Checkpoint RP2314: 7/24/2012 9:24:46 PM - System Checkpoint RP2315: 7/25/2012 9:58:41 PM - System Checkpoint RP2316: 7/26/2012 10:11:55 PM - System Checkpoint RP2317: 7/28/2012 3:17:07 AM - System Checkpoint RP2318: 7/29/2012 3:59:59 AM - System Checkpoint RP2319: 7/30/2012 4:04:09 AM - System Checkpoint RP2320: 7/31/2012 4:50:42 AM - System Checkpoint RP2321: 8/1/2012 5:14:29 AM - System Checkpoint RP2322: 8/2/2012 5:39:09 AM - System Checkpoint RP2323: 8/3/2012 3:22:30 PM - System Checkpoint RP2324: 8/4/2012 4:07:20 PM - System Checkpoint RP2325: 8/6/2012 8:15:05 AM - System Checkpoint RP2326: 8/7/2012 7:34:49 PM - System Checkpoint RP2327: 8/8/2012 10:06:28 PM - System Checkpoint RP2328: 8/9/2012 10:40:52 PM - System Checkpoint RP2329: 8/11/2012 3:29:27 AM - System Checkpoint RP2330: 8/12/2012 8:55:38 AM - System Checkpoint RP2331: 8/13/2012 6:01:26 PM - System Checkpoint RP2332: 8/14/2012 6:46:39 AM - Printer Driver Amyuni Document Converter 400 Installed RP2333: 8/15/2012 8:24:22 PM - System Checkpoint RP2334: 8/16/2012 7:00:26 AM - Software Distribution Service 3.0 RP2335: 8/17/2012 7:43:48 AM - System Checkpoint RP2336: 8/18/2012 8:43:39 AM - System Checkpoint RP2337: 8/19/2012 9:43:34 AM - System Checkpoint RP2338: 8/20/2012 10:43:30 AM - System Checkpoint RP2339: 8/21/2012 11:43:25 AM - System Checkpoint RP2340: 8/22/2012 6:30:19 PM - System Checkpoint RP2341: 8/22/2012 6:46:24 PM - Installed DirectX RP2342: 8/22/2012 10:02:59 PM - Printer Driver Amyuni Document Converter 400 Installed RP2343: 8/22/2012 10:06:11 PM - Printer Driver Amyuni Document Converter 400 Installed RP2344: 8/22/2012 10:06:52 PM - Printer Driver Amyuni Document Converter 400 Installed RP2345: 8/23/2012 10:43:16 PM - System Checkpoint RP2346: 8/25/2012 2:55:58 AM - System Checkpoint RP2347: 8/26/2012 3:43:29 AM - System Checkpoint RP2348: 8/27/2012 3:57:07 AM - System Checkpoint RP2349: 8/28/2012 4:55:33 AM - System Checkpoint RP2350: 8/29/2012 4:58:05 AM - System Checkpoint RP2351: 8/30/2012 5:43:36 AM - System Checkpoint RP2352: 8/31/2012 6:58:08 AM - System Checkpoint RP2353: 9/1/2012 7:09:05 AM - System Checkpoint RP2354: 9/2/2012 12:13:28 PM - System Checkpoint RP2355: 9/3/2012 1:05:25 PM - System Checkpoint RP2356: 9/4/2012 1:43:44 PM - System Checkpoint RP2357: 9/5/2012 6:01:05 PM - System Checkpoint RP2358: 9/6/2012 6:57:10 PM - System Checkpoint RP2359: 9/7/2012 7:33:07 PM - System Checkpoint RP2360: 9/9/2012 9:52:14 AM - System Checkpoint RP2361: 9/10/2012 9:40:44 PM - System Checkpoint RP2362: 9/11/2012 9:54:09 PM - System Checkpoint RP2363: 9/12/2012 10:56:11 PM - System Checkpoint RP2364: 9/13/2012 7:00:17 AM - Software Distribution Service 3.0 RP2365: 9/14/2012 9:29:44 AM - System Checkpoint RP2366: 9/15/2012 3:54:18 PM - System Checkpoint RP2367: 9/16/2012 4:29:45 PM - System Checkpoint RP2368: 9/17/2012 6:45:42 PM - System Checkpoint RP2369: 9/18/2012 7:29:49 PM - System Checkpoint RP2370: 9/20/2012 7:48:31 AM - System Checkpoint RP2371: 9/21/2012 7:58:10 AM - System Checkpoint RP2372: 9/22/2012 1:34:56 PM - System Checkpoint RP2373: 9/23/2012 7:00:15 AM - Software Distribution Service 3.0 RP2374: 9/23/2012 8:23:41 PM - Removed Java 6 Update 20 RP2375: 9/23/2012 8:24:04 PM - Installed Java 6 Update 35 . ==== Installed Programs ====================== . Actiontec Gateway Adobe AIR Adobe Community Help Adobe Download Manager Adobe Flash Player 11 ActiveX Adobe Photoshop Elements 10 Adobe Photoshop.com Inspiration Browser Adobe Reader 9.5.2 Adobe Shockwave Player Advanced Decoder Patch AI RoboForm (All Users) aioprnt Amazon Games & Software Downloader Amazon MP3 Downloader 1.0.3 AnswerWorks 5.0 English Runtime AOLIcon Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Software Suite Bing Bar BL2003 Registration BlackBerry Desktop Software 6.0.2 Bonjour Broderbund Business Lawyer 2003 BUM C4USelfUpdater CCH Small Firm Services (xulRunner) CCScore Coupon Printer for Windows Creative MediaSource Creative Vado AAC Codec Creative Vado Effects Plugin Creative Vado HD Codec Creative Vado MP4 Reader Critical Update for Windows Media Player 11 (KB959772) CyberPower PowerPanel Personal Edition Data Doctor Recovery Memory Card 3.0.1.5 DeductionPro 2009 Dell CinePlayer Dell Driver Download Manager Dell Driver Download Manager - 1 Dell Driver Reset Tool Dell System Restore DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player Elements 10 Organizer EPSON Printer Software ESSBrwr ESSCDBK ESScore essentials ESSgui ESSini ESSPCD ESSPDock ESSSONIC ESSTOOLS essvatgt Facebook Plug-In Fences FormDocs 7.6.2 Google Chrome Google Desktop Google Earth Google Toolbar for Internet Explorer Google Update Helper Google Updater GoToMyPC H&R Block Business 2009 (Remove Only) H&R Block Business 2010 (Remove Only) H&R Block Business 2011 (Remove Only) H&R Block Montana 2009 H&R Block Montana 2010 H&R Block Montana 2011 H&R Block Premium + Efile + State 2009 H&R Block Premium + Efile + State 2010 H&R Block Premium + Efile + State 2011 High Definition Audio Driver Package - KB835221 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) IBM ViaVoice Gold Command Runtime, Version 4.3 Intel® Matrix Storage Manager Intel® PRO Network Connections iTunes Java Auto Updater Java 6 Update 35 kgcbase kgchday Kodak AIO Printer KODAK EASYSHARE Gallery Easy Upload, v2.0 Kodak EasyShare software ksDIP KSU Learn2 Player (Uninstall Only) Lernout & Hauspie TruVoice American English TTS Engine Let's Go Read - An Island Adventure LiveUpdate 3.0 (Symantec Corporation) Logitech Print Service Logitech QuickCam Software Logitech® Camera Driver Malwarebytes Anti-Malware version 1.65.0.1400 Maxtor Manager MetaFrame Presentation Server Client Micro Logic Info Select 2007 Microsoft .NET Framework 1.0 Hotfix (KB2572066) Microsoft .NET Framework 1.0 Hotfix (KB2604042) Microsoft .NET Framework 1.0 Hotfix (KB2656378) Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.0 Hotfix (KB979904) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft LifeCam Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft Software Update for Web Folders (English) 12 Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser netbrdg nLite 1.4.9.1 Norton PC Checkup Notifier NVIDIA Drivers ocr OfotoXMI PC Study Bible 3.1 PCDADDIN PCDHELP Pdf995 (installed by H&R Block) PdfEdit995 (installed by H&R Block) PHOTOfunSTUDIO 6.5 BD Edition PreReq PSE10 STI Installer Qualxserve Service Agreement Quicken 2010 QuickTime Roxio DLA Roxio Express Labeler Roxio MyDVD Plus Roxio RecordNow Audio Roxio RecordNow Copy Roxio RecordNow Data Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI SFR SFR2 SHASTA SILKYPIX Developer Studio 3.1 SE SKIN0001 SKINXSDK Sleepy 6.2 Smilebox Sonic Activation Module Sonic Encoders Sound Blaster X-Fi staticcr Super Utilities Pro 7.39 Symantec AntiVirus Symantec KB-DocID:2003093015493306 TaxCut Montana 2007 TaxCut Montana 2008 TaxCut Premium + State + Efile 2008 tooltips Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition Update for Windows Internet Explorer 8 (KB969497) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Media Player 10 (KB913800) Update for Windows Media Player 10 (KB926251) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update Rollup 2 for Windows XP Media Center Edition 2005 URL Assistant Viewpoint Manager (Remove Only) Viewpoint Media Player VPRINTOL WebEx WebIQ Technology Engine Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] Windows Media Player 11 Windows Search 4.0 Windows XP Media Center Edition 2005 KB2502898 Windows XP Media Center Edition 2005 KB2619340 Windows XP Media Center Edition 2005 KB2628259 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB925766 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 WIRELESS Yahoo! Browser Services Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Messenger Yahoo! Music Jukebox . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Mikeb at 7:05:10 on 2012-09-24 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1915 [GMT -6:00] . AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Norton Internet Worm Protection *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Citrix\GoToMyPC\g2svc.exe C:\Program Files\Citrix\GoToMyPC\g2comm.exe C:\Program Files\Citrix\GoToMyPC\g2pre.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Citrix\GoToMyPC\g2tray.exe C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe C:\Program Files\Sleepy\service.exe svchost.exe C:\Program Files\Sleepy\slptask.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sleepy\slptray.exe C:\Program Files\Microsoft LifeCam\LifeExp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://seattletimes.nwsource.com/html/nationworld/?from=stnv2 uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = localhost;*.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {36ada89d-2440-4dc4-820a-3a05e8630935} - c:\program files\video activex access\iesplg.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File TB: {31615D5C-5126-448A-818A-A7CDFEE85A9B} - No File TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot uRun: [super Utilities] c:\program files\superlogix\super utilities\SuperUtil.exe /min uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [\\DELL8400\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s10ic1.exe /p41 "\\dell8400\EPSON Stylus Photo R300 Series" /M "Stylus Photo R300" /EF "HKCU" uRun: [PowerPanel Personal Edition User Interaction] "c:\program files\cyberpower powerpanel personal edition\pppeuser.exe" uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Google Update] "c:\documents and settings\mikeb\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe" mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [CTHelper] CTHELPER.EXE mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [CTDVDDET] "c:\program files\creative\sound blaster x-fi\dvdaudio\CTDVDDET.EXE" mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanel.exe" /r mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll" mRun: [updReg] c:\windows\UpdReg.EXE mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe mRun: [\\DELL_8400\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p42 "\\dell_8400\EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300" mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [vptray] c:\progra~1\symant~1\VPTray.exe mRun: [Auto EPSON Stylus Photo R300 Series on DELL_4600] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p48 "auto epson stylus photo r300 series on dell_4600" /o22 "\\dell_4600\EPSON R300" /M "Stylus Photo R300" mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe" mRun: [\\DELL_GX50\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p42 "\\dell_gx50\EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300" mRun: [AdmTask] c:\program files\admtask\admtask.exe /m mRun: [\\DELL8400\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p41 "\\dell8400\EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe" mRun: [Conime] %windir%\system32\conime.exe mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe" dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photof~1.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: &Search IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000 IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxps://support.dell.com/systemprofiler/SysPro.CAB DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9} DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://colorworldprinters.webex.com/client/T27L/support/ieatgpc.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab? TCP: Interfaces\{44A5B0B9-1B52-4C31-A60D-84EFE3B64963} : NameServer = 69.51.76.36,69.51.76.26 Notify: GoToMyPC - c:\program files\citrix\gotomypc\G2WinLogon.dll Notify: NavLogon - c:\windows\system32\NavLogon.dll AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ============= SERVICES / DRIVERS =============== . R0 HWFProt;Hywave File Protector HWFProt;c:\windows\system32\drivers\HWFProt.sys [2007-5-6 43936] R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232] R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896] R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\adobe\elements 10 organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-6-2 185968] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-6-2 161392] R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2011-9-5 393648] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-16 399432] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-6 676936] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2005-6-23 1715904] R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-1-9 1174152] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-4-1 24652] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-6 22856] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20120921.002\naveng.sys [2012-9-21 92704] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20120921.002\navex15.sys [2012-9-21 1601184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-31 135664] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-20 250568] S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2011-2-6 401920] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336] S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2005-6-2 83568] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-11-29 30192] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-31 135664] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2005-8-16 14336] S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-6-23 124608] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-09-24 02:24:23 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-24 02:24:23 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-15 23:29:00 92208 ----a-w- c:\windows\system\WING.DLL 2012-09-15 23:29:00 6736 ----a-w- c:\windows\system32\WINGDIB.DRV 2012-09-15 23:29:00 6736 ----a-w- c:\windows\system\WINGDIB.DRV 2012-09-15 23:29:00 5024 ----a-w- c:\windows\system32\WINGPAL.WND 2012-09-15 23:29:00 188960 ----a-w- c:\windows\system32\WINGDE.DLL 2012-09-15 23:29:00 188960 ----a-w- c:\windows\system\WINGDE.DLL 2012-09-15 23:29:00 12800 ----a-w- c:\windows\system\WING32.DLL 2012-09-15 23:28:59 92208 ----a-w- c:\windows\system32\WING.DLL 2012-09-15 23:28:59 12800 ----a-w- c:\windows\system32\WING32.DLL 2012-09-15 23:27:19 -------- d-----w- C:\ViaVoice 2012-09-15 23:25:50 299520 ----a-w- c:\windows\uninst.exe 2012-09-15 23:24:49 274432 ----a-w- c:\windows\TLCUninstall.exe 2012-09-15 23:24:49 -------- d-----w- c:\program files\The Learning Company 2012-09-07 03:19:01 -------- d-----w- c:\documents and settings\mikeb\application data\Malwarebytes 2012-09-07 03:18:51 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-07 03:18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-07 03:18:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2012-09-24 02:24:11 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-07 02:20:32 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-07 02:20:31 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec 2012-08-15 05:52:34 9232584 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys 2008-10-30 02:43:14 774144 ----a-w- c:\program files\RngInterstitial.dll . ============= FINISH: 7:05:27.50 ===============
  9. This morning, after my morning scan, I woke up to a Spyware.Password file detection in my Steam directory. "C:\Games\Steam\steamapps\common\lone survivor\LoneSurvivor\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe" to be exact. I have strong feeling that this is a false positive but I'm paranoid so I'm posting my findings here. The log isn't very big so I've just copy-pasted it below: I also ran the file CaptiveAppEntry.exe through Virus Total: https://www.virustotal.com/file/fbc76e2f8020993bb9b4dd3eae31d1426423ce6750cff3b35893d0b0b849d31a/analysis/
  10. https://www.virustotal.com/file/a549b915063550a059cd06534c52a12295958e334fbec03c4b75da3f44514740/analysis/1348462888/ Quick scan produced this today. Using MBAM Free, latest update. File is supposed to be from Microsoft to fix a KB941569 install error. (Not fixed) XP Pro SP3.
  11. Hi All, Today I ran a scan and removed something called spyware.password. Now when computer starts it says "c:/users/*****/AppData/Roaming/mobip.dll is missing" Is this dll necessary? Was spyware.password bad? Any information would be helpful. Thank you.
  12. So I've been experiencing the same sort of Google search redirect issues that many people have been posting about recently. This is something I noticed after I installed a Firefox update recently. Something went crazy with the update and Firefox was not opening / crashing repeatedly so I uninstalled it completely. This is my secondary computer so I wasn't using it too often - the next time I booted up, my computer was missing a bunch of icons that were on my desktop before (now I can only see them if I modify folder options to view hidden folders/operating system files). Computer is reporting HDD errors, Catalyst Control Center failure, errors on Boot and other CRAZINESS so I did a system restore. My anti-virus was somehow deleted and Windows Defender repeatedly disabled. System Restore didn't help so I installed AVG Free followed the procedure I saw in someone else's HijackThis Log that I had found in a google search on "svchost.exe*32". Problems still abound so now I'm back at the beginning. This is what I did before I read the "I'm infected..." sticky and saw what I was ACTUALLY supposed to do: -Downloaded, installed and updated Malwarebytes and performed a Quick Scan. -Ran TDSSkiller.exe -Temporarily disabled AVG and ran ComboFix Starting over, I redid an updated Malwarebytes Quick Scan and ddr.scr scan. UGH Sorry for making this harder! Can post any/all previous logs requested. Please HELP!! Most recent Malwarebytes: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.28.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Graciela :: GRACIELA [administrator] Feb.27.2012 8:49:28 PM mbam-log-2012-02-27 (20-49-28).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 187729 Time elapsed: 1 minute(s), 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Graciela\Downloads\qualcomm_extensible_diagnostic_monitor_qxdm_v3919.exe (PUP.BundleInstaller.MG) -> Quarantined and deleted successfully. (end) FIRST SCAN: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.25.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Graciela :: GRACIELA [administrator] Feb.25.2012 3:57:09 AM mbam-log-2012-02-25 (03-57-09).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 184516 Time elapsed: 5 minute(s), 51 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 4548 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Users\Graciela\Downloads\qualcomm_extensible_diagnostic_monitor_qxdm_v3919.exe (PUP.BundleInstaller.MG) -> No action taken. C:\Users\Graciela\AppData\Roaming\Microsoft\9AE6\FB9.tmp (Trojan.Dropper.PE4) -> Quarantined and deleted successfully. C:\Windows\Temp\0.390891485845515667f76.exe (Spyware.Password) -> Quarantined and deleted successfully. C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end) NEW DDS files: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24 Run by Graciela at 21:01:54 on 2012-02-27 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2637 [GMT -8:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\SPLASH.SYS\config\DVMExportService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW uRun: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript StartupFolder: C:\Users\Graciela\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SIDEBA~1.LNK - C:\Program Files (x86)\Windows Sidebar\sidebar.exe mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{10E680FD-D380-42DD-8D8E-D28696508F22} : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{10E680FD-D380-42DD-8D8E-D28696508F22}\059656665656E6 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{10E680FD-D380-42DD-8D8E-D28696508F22}\46271676F6E653 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{10E680FD-D380-42DD-8D8E-D28696508F22}\C696E6B6379737 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{10E680FD-D380-42DD-8D8E-D28696508F22}\C696E6B6379737F5750535F563437363 : DhcpNameServer = 209.18.47.61 209.18.47.62 Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript . ============= SERVICES / DRIVERS =============== . R1 DVMIO;DVMIO;C:\SPLASH.SYS\config\dvmio.sys [2009-9-27 21624] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SPLASH.SYS\config\DVMExportService.exe [2009-7-8 323584] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-5 227896] R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 HtcUsbMdmV64;HTC Proprietary USB Driver (PID 0B03);C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys --> C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-02-28 04:07:04 -------- d-sh--w- C:\$RECYCLE.BIN 2012-02-25 12:32:07 98816 ----a-w- C:\Windows\sed.exe 2012-02-25 12:32:07 518144 ----a-w- C:\Windows\SWREG.exe 2012-02-25 12:32:07 256000 ----a-w- C:\Windows\PEV.exe 2012-02-25 12:32:07 208896 ----a-w- C:\Windows\MBR.exe 2012-02-25 12:16:04 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-25 11:52:38 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE 2012-02-25 11:52:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-02-20 20:13:12 -------- d-----w- C:\Users\Graciela\AppData\Roaming\AVG 2012-02-20 19:53:41 -------- d-----w- C:\Users\Graciela\AppData\Roaming\AVG2012 2012-02-20 19:51:36 -------- d-----w- C:\ProgramData\AVG2012 2012-02-20 19:50:49 -------- d-----w- C:\Program Files (x86)\AVG 2012-02-16 07:52:29 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{97634F34-43F2-46C0-B3E7-C137A98D5CB5}\mpengine.dll 2012-02-16 07:34:30 -------- d--h--w- C:\ProgramData\Common Files 2012-02-16 07:27:47 -------- d-----w- C:\ProgramData\MFAData 2012-02-15 19:47:34 -------- d--h--w- C:\ProgramData\Avira 2012-02-14 18:42:32 -------- d--h--w- C:\Users\Graciela\AppData\Roaming\9EE4A 2012-02-14 18:41:48 -------- d--h--w- C:\Users\Graciela\AppData\Roaming\6449E 2012-02-14 07:33:33 -------- d-----w- C:\Program Files (x86)\9EE4A 2012-02-14 07:19:57 6656 ---ha-w- C:\ProgramData\Microsoft\Windows\DRM\163B.tmp 2012-02-14 07:19:57 6656 ---ha-w- C:\ProgramData\Microsoft\Windows\DRM\163A.tmp 2012-02-12 04:45:08 -------- d--h--w- C:\Users\Graciela\AppData\Roaming\ABBYY 2012-02-12 04:25:39 -------- d--h--w- C:\Users\Graciela\AppData\Local\ABBYY 2012-02-12 04:25:38 -------- d-----w- C:\Program Files (x86)\ABBYY FineReader 11 2012-02-12 04:25:37 -------- d--h--w- C:\ProgramData\ABBYY . ==================== Find3M ==================== . 2012-01-29 13:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe 2011-12-11 04:55:58 111616 ----a-w- C:\Windows\System32\drivers\HtcUsbMdmV64.sys 2011-12-10 23:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 21:02:17.16 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.