Jump to content

Search the Community

Showing results for tags 'trojan.agent'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Need solution, My PC got infected with EpicNet.inc/CloudNet/glupteba/or whatever, they keep coming after rebooting, I need your help to get rid of these pesky malware, step by step guide will be appreciated.
  2. so apparently, malwarebytes and adwcleaner recognize this pup and trojan agent as a folder, i tried to remove it from malwarebytes and the folder stil reappear when i rebooted my computer can somebody help me with this?
  3. What is ExtenBro?The Malwarebytes research team has determined that ExtenBro is adware. These adware applications display advertisements not originating from the sites you are browsing.This particular one blocks access to domains related to security software to hinder victims from installing a remediation.How do I know if my computer is affected by ExtenBro?Users may complain about being unable to reach malwarebytes.com and other AV related domains:You may see this type of task in your Scheduled Tasks:these changed DNS settings:and this entry in your list of Root certificates:How did ExtenBro get on my computer?Adware applications use different methods for distributing themselves. This particular one was installed by a bundler.How do I remove ExtenBro?Our program Malwarebytes can detect and remove this potentially unwanted program. Due to the nature of this DNS changer you may have to change your DNS settings first. If you can't find the preferred settings on the website of your internet-service provider (ISP), you can follow the appropiate instructions on the OpenDNS site. When you are looking at the DNS settings, make sure to click Advanced and look at the DNS tab Make sure that only two of those entries are left and that they match the preferred settings that you found, before you close the Internet Connection settings menu's. Do not reboot your system yet, because the Scheduled Task will re-instate the malicious DNS settings. You may have to restart your browser to make it use the new settings. Now you should be able to reach the blocked sites again and you can continue with the instructions below. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of ExtenBro? No, Malwarebytes removes ExtenBro completely. This PUP creates a scheduled task. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this adware.As you can see below the full version of Malwarebytes would have protected you against the ExtenBro adware. It would have blocked the installer before it became too late. Technical details for expertsPossible signs in FRST logs: Task: {50620101-C554-48D3-BAC6-0E9FF5466289} - System32\Tasks\Sk7661Pl => C:\Users\{username}\AppData\Local\prunld2088\he26091.exe [1387864 2019-07-10] ( ) [File not signed] Tcpip\..\Interfaces\{DCC6FDFC-344E-465D-A1F5-77B8161CA4FB}: [NameServer] 45.86.180.227,185.162.93.213,116.203.6.218,185.130.104.222,77.234.40.79 Tcpip\..\Interfaces\{EDB0D6D8-B1F7-496F-A023-44DF7155F1CD}: [NameServer] 45.86.180.227,185.162.93.213,116.203.6.218,185.130.104.222 FF user.js: detected! => C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js [2019-07-10] C:\Windows\System32\Tasks\Sk7661Pl ( ) C:\Users\{username}\Desktop\dpo231.exe ( ) C:\Users\{username}\AppData\Local\prunld2088\he26091.exe Significant changes made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Users\{username}\AppData\Local\prunld2088 Adds the file he26091.exe"="7/10/2019 8:59 AM, 1387864 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default Adds the file user.js"="7/10/2019 8:59 AM, 53 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file Sk7661Pl"="7/10/2019 8:59 AM, 3194 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\36509B8F624CE280E0C797F42F4A8F552A280313] "Blob"="REG_BINARY, .................. ................................................. .......................................... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters] "DisabledComponents"="REG_DWORD", 255 [HKEY_CURRENT_USER\Software\UniversalCadast] "InstRes"="REG_SZ", "1" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/10/19 Scan Time: 1:15 PM Log File: 0e88437a-a304-11e9-a395-00ffdcc6fdfc.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.11482 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: METALLICA-PC\Metallica -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 236345 Threats Detected: 11 Threats Quarantined: 11 Time Elapsed: 5 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 5 Adware.ExtenBro, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\36509B8F624CE280E0C797F42F4A8F552A280313, Quarantined, [2068], [706129],1.0.11482 Adware.ExtenBro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\36509B8F624CE280E0C797F42F4A8F552A280313, Quarantined, [2068], [706129],1.0.11482 Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sk9239Pl, Quarantined, [442], [698502],1.0.11482 Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{03EAD71D-807C-49EE-922B-A4F7F554D25B}, Quarantined, [442], [698502],1.0.11482 Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{03EAD71D-807C-49EE-922B-A4F7F554D25B}, Quarantined, [442], [698502],1.0.11482 Registry Value: 0 (No malicious items detected) Registry Data: 3 Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DCC6FDFC-344E-465D-A1F5-77B8161CA4FB}|NameServer, Replaced, [3068], [706134],1.0.11482 Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DCC6FDFC-344E-465D-A1F5-77B8161CA4FB}|NameServer, Replaced, [3068], [706135],1.0.11482 Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DCC6FDFC-344E-465D-A1F5-77B8161CA4FB}|NameServer, Replaced, [3068], [706136],1.0.11482 Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 3 Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\Sk9239Pl, Quarantined, [442], [698502],1.0.11482 Adware.DNSChanger, C:\USERS\METALLICA\APPDATA\LOCAL\PRUNLD8747\HE88127.EXE, Quarantined, [695], [706144],1.0.11482 Adware.DNSChanger, C:\USERS\METALLICA\DESKTOP\DPO231.EXE, Quarantined, [695], [706158],1.0.11482 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  4. Hi. I have high ram usage at times, I mean 70-90% and I think it's connected to malware and Malwarebytes can't pick it up, but when my windows has been up and running for few hours, it shows 2 malware threats are detected, but even if I quarantine them and delete them, nothing works, they just keep coming back. I have also tried to use ADW cleaner multiple times without any luck too since it's all come back a few minutes after windows has loaded. One thing to note is that Chrome is only using 4-5 GB of ram which is okay, but the task manager shows over 70% even at sometimes 90% so there might be something running in the background which is hidden. I really hope we can fix this since this really destroys my PC experience and I can't wait to get down to bussines. Thank you. FRST.txt Addition.txt
  5. What is CPUID CPU-Z?The Malwarebytes research team has determined that CPUID CPU-Z is a trojan.This particular one injects downloaded JavaScript (JS) files into browser sessions and sets a proxy accompanied with a false SSL certificate to perform a man-in-the-middle (MITM) attack.How do I know if my computer is affected by CPUID CPU-Z?You may see this entry in your list of installed software:and this icon in your startmenu and on your desktop:How did CPUID CPU-Z get on my computer?Trojans use different methods for distributing themselves. This particular one was bundled with other software.How do I remove CPUID CPU-Z?Our program Malwarebytes can detect and remove this malware. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of CPUID CPU-Z? No, Malwarebytes removes CPUID CPU-Z completely. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this hijacker.As you can see below the full version of Malwarebytes would have protected you against the CPUID CPU-Z hijacker. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and it blocks the domains where the trojn was downloaded from by the bundler: and even if you should get infected it blocks the exploit that the trojan uses to perform the man-in-the-middle attack: Technical details for expertsPossible signs in FRST logs: (Microsoft Corporation) C:\ProgramData\Microsoft\Windows\Audio\winamgr.exe.bak (Microsoft Corporation) C:\ProgramData\Microsoft\Windows\GPR\network\svcnetwk.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows\GPR\browser\svchostctl.exe ProxyEnable: [S-1-5-21-{user GUID}] => Proxy is enabled. ProxyServer: [S-1-5-21-{user GUID}] => http=127.0.0.1:8080;https=127.0.0.1:8080 R2 winamgr; C:\ProgramData\Microsoft\Windows\Audio\winamgr.exe [9875968 2018-04-10] (Microsoft Corporation) [File not signed] C:\Users\Public\Desktop\CPUID CPU-Z.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID C:\Program Files\CPUID CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) FirewallRules: [TCP Query User{D3E7F7AC-72C7-4000-8B93-DD0DA199AD56}C:\programdata\microsoft\windows\gpr\network\svcnetwk.exe] => (Allow) C:\programdata\microsoft\windows\gpr\network\svcnetwk.exe FirewallRules: [UDP Query User{79ED0071-EA4B-4214-BD80-E472E1505F7A}C:\programdata\microsoft\windows\gpr\network\svcnetwk.exe] => (Allow) C:\programdata\microsoft\windows\gpr\network\svcnetwk.exe Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files\CPUID\CPU-Z Adds the file cpuz.exe"="12/20/2017 1:10 PM, 3517688 bytes, A Adds the file cpuz.ini"="12/20/2017 1:15 PM, 594 bytes, A Adds the file cpuz_eula.txt"="8/12/2015 8:57 PM, 7651 bytes, A Adds the file cpuz_readme.txt"="12/20/2017 1:14 PM, 26325 bytes, A Adds the file unins000.dat"="4/10/2018 8:40 AM, 3245 bytes, A Adds the file unins000.exe"="4/10/2018 8:40 AM, 725157 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Audio Adds the file winamgr.exe"="4/10/2018 8:40 AM, 9875968 bytes, A Adds the file winamgr.exe.bak"="1/29/2018 2:03 PM, 9342976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\GPR\browser Adds the file svchostctl.exe"="4/10/2018 8:40 AM, 216576 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\GPR\func Adds the file ca.crt"="4/10/2018 8:40 AM, 1094 bytes, A Adds the file ca.key"="4/10/2018 8:40 AM, 887 bytes, A Adds the file cert8.db"="4/10/2018 8:40 AM, 65536 bytes, A Adds the file certutil.exe"="4/10/2018 8:40 AM, 103936 bytes, A Adds the file chrome.exe"="4/10/2018 8:40 AM, 140736 bytes, A Adds the file freebl3.dll"="4/10/2018 8:40 AM, 222208 bytes, A Adds the file key3.db"="4/10/2018 8:40 AM, 16384 bytes, A Adds the file libnspr4.dll"="4/10/2018 8:40 AM, 199680 bytes, A Adds the file libplc4.dll"="4/10/2018 8:40 AM, 14336 bytes, A Adds the file libplds4.dll"="4/10/2018 8:40 AM, 12288 bytes, A Adds the file libvlc.dll"="4/10/2018 8:40 AM, 87040 bytes, A Adds the file libvlcwk.dll"="4/10/2018 8:40 AM, 195072 bytes, A Adds the file msvcr100.dll"="4/10/2018 8:40 AM, 773968 bytes, A Adds the file nss3.dll"="4/10/2018 8:40 AM, 798720 bytes, A Adds the file nssckbi.dll"="4/10/2018 8:40 AM, 370176 bytes, A Adds the file nssdbm3.dll"="4/10/2018 8:40 AM, 108544 bytes, A Adds the file nssutil3.dll"="4/10/2018 8:40 AM, 93696 bytes, A Adds the file secmod.db"="4/10/2018 8:40 AM, 16384 bytes, A Adds the file smime3.dll"="4/10/2018 8:40 AM, 97792 bytes, A Adds the file softokn3.dll"="4/10/2018 8:40 AM, 172544 bytes, A Adds the file sqlite3.dll"="4/10/2018 8:40 AM, 423936 bytes, A Adds the file ssl3.dll"="4/10/2018 8:40 AM, 190976 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\GPR\network Adds the file default_cse.js"="4/10/2018 8:40 AM, 5900 bytes, A Adds the file general.js"="4/10/2018 8:40 AM, 2252 bytes, A Adds the file svcnetwk.exe"="4/10/2018 8:40 AM, 11952128 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z Adds the file CPU-Z.lnk"="4/10/2018 8:40 AM, 893 bytes, A Adds the file Edit CPU-Z Config File.lnk"="4/10/2018 8:40 AM, 893 bytes, A Adds the file Uninstall CPU-Z.lnk"="4/10/2018 8:40 AM, 917 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file CPUID CPU-Z.lnk"="4/10/2018 8:40 AM, 869 bytes, A In the existing folder C:\Users\Public\Documents Adds the file {DE764086-1C0A-4DD3-90BA-0B93BDD794BE}"="4/10/2018 8:41 AM, 34 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail] "ChannelId"="REG_SZ", "icbusa20" [HKEY_LOCAL_MACHINE\SOFTWARE\CPUID\CPU-Z] "PATH"="REG_SZ", "C:\Program Files\CPUID\CPU-Z" "PRODUCT_NAME"="REG_SZ", "CPUID CPU-Z" "VERSION"="REG_SZ", "1.82.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\483A0ECB697A7E8FE5FB5DBCA52C7F82D70D8239] "Blob"="REG_BINARY, ................ ...........................................................................................................................................................................................................K........................................................................................................................................................................................ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1] "DisplayIcon"="REG_SZ", "C:\Program Files\CPUID\CPU-Z\cpuz.exe" "DisplayName"="REG_SZ", "CPUID CPU-Z 1.82.1" "DisplayVersion"="REG_SZ", "1.82.1" "EstimatedSize"="REG_DWORD", 4166 "Inno Setup: App Path"="REG_SZ", "C:\Program Files\CPUID\CPU-Z" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "CPUID\CPU-Z" "Inno Setup: Language"="REG_SZ", "default" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon" "Inno Setup: Setup Version"="REG_SZ", "5.5.9 (a)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20180410" "InstallLocation"="REG_SZ", "C:\Program Files\CPUID\CPU-Z\" "MajorVersion"="REG_DWORD", 1 "MinorVersion"="REG_DWORD", 82 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "QuietUninstallString"="REG_SZ", ""C:\Program Files\CPUID\CPU-Z\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files\CPUID\CPU-Z\unins000.exe"" "VersionMajor"="REG_DWORD", 1 "VersionMinor"="REG_DWORD", 82 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\CPUZ] "(Default)"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\winamgr] "Description"="REG_SZ", "Windows Audio Manager" "Display"="REG_SZ", "Windows Audio Manager" "DisplayName"="REG_SZ", "Windows Audio Manager" "ErrorControl"="REG_DWORD", 0 "ImagePath"="REG_EXPAND_SZ, ""C:\ProgramData\Microsoft\Windows\Audio\winamgr.exe" -s" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 "WOW64"="REG_DWORD", 1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "ProxyEnable"= REG_DWORD, 1 "ProxyServer"="REG_SZ", "http=127.0.0.1:8080;https=127.0.0.1:8080" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/10/18 Scan Time: 8:54 AM Log File: fdd2c3b4-3c8b-11e8-87ee-080027235d76.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.4674 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 245556 Threats Detected: 46 Threats Quarantined: 46 Time Elapsed: 2 min, 43 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 2 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\browser\svchostctl.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\network\svcnetwk.exe, Quarantined, [1117], [505207],1.0.4674 Module: 3 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\browser\svchostctl.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\network\svcnetwk.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\AUDIO\WINAMGR.EXE, Quarantined, [383], [489320],1.0.4674 Registry Key: 2 Trojan.Egguard.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [1117], [-1],0.0.0 Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\winamgr, Quarantined, [383], [489320],1.0.4674 Registry Value: 6 Trojan.Egguard.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1117], [-1],0.0.0 Trojan.Egguard.PrxySvrRST, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1117], [-1],0.0.0 Trojan.Egguard.PrxySvrRST, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1117], [-1],0.0.0 Trojan.Egguard.PrxySvrRST, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [1117], [-1],0.0.0 Trojan.Egguard.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [1117], [-1],0.0.0 Trojan.FakeMS, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINAMGR|IMAGEPATH, Quarantined, [3025], [506363],1.0.4674 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 4 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\browser, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\network, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\PROGRAMDATA\MICROSOFT\WINDOWS\GPR, Quarantined, [1117], [505207],1.0.4674 File: 29 Trojan.Egguard.PrxySvrRST, C:\PROGRAMDATA\MICROSOFT\WINDOWS\GPR\NETWORK\GENERAL.JS, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\browser\svchostctl.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\ca.crt, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\ca.key, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\cert8.db, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\certutil.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\chrome.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\freebl3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\key3.db, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\libnspr4.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\libplc4.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\libplds4.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\libvlc.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\libvlcwk.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\msvcr100.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\nss3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\nssckbi.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\nssdbm3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\nssutil3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\secmod.db, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\smime3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\softokn3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\sqlite3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\func\ssl3.dll, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\network\default_cse.js, Quarantined, [1117], [505207],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\ProgramData\Microsoft\Windows\GPR\network\svcnetwk.exe, Quarantined, [1117], [505207],1.0.4674 Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\AUDIO\WINAMGR.EXE, Quarantined, [383], [489320],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\USERS\{username}\DESKTOP\CPU-Z.EXE, Quarantined, [1117], [505199],1.0.4674 Trojan.Egguard.PrxySvrRST, C:\DOWNLOADS\CPU-Z.EXE, Quarantined, [1117], [505199],1.0.4674 Physical Sector: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  6. Hi, MBAM has failed to quarantine/remove three identified trojan viruses several times today. I checked some sources and saw that it was recommended that I try MBAM Anti-Rootkit Beta to solve this, so I installed and ran it. It located the files and I selected to clean them and restarted my laptop, but if I run Anti-Rootkit or MBAM again it still detects the same files and MBAM still fails to quarantine them. I also tried running the scans and quarantining from Safe Mode, but that did not change the results. Any suggestions? Addition.txt FRST.txt Threat Scan Log.txt
  7. What is taswexuahoft? The Malwarebytes research team has determined that taswexuahoft is adware. These adware applications display advertisements not originating from the sites you are browsing. How do I know if my computer is affected by taswexuahoft? You may see the Registry Editor (regedit) open when the system starts: and this list of running svchost processes as children of taswexuahoft : How did taswexuahoft get on my computer? Adware applications use different methods for distributing themselves. This particular one was dropped by other malware. How do I remove taswexuahoft? Our program Malwarebytes can detect and remove this potentially unwanted program. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of taswexuahoft? No, Malwarebytes removes taswexuahoft completely. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you eradicate this adware. As you can see below the full version of Malwarebytes would have protected you against the taswexuahoft adware. It would have warned you before the adware could install itself, giving you a chance to stop it before it became too late. Technical details for experts Possible signs in FRST logs: (Hippo Studios) C:\Users\{username}\taswexuahoft.exe HKLM-x32\...\Run: [Regedit32] => C:\Windows\SysWOW64\regedit.exe [398336 2009-07-14] (Microsoft Corporation) HKCU\...\Run: [taswexuahoft] => C:\Users\{username}\taswexuahoft.exe [233984 2017-06-26] (Hippo Studios) HKCU\...\Run: [Regedit32] => C:\Windows\system32\regedit.exe Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- In the existing folder C:\Users\{username} Adds the file taswexuahoft.exe"="6/26/2017 8:34 AM, 233984 bytes, HS In the existing folder C:\Windows Adds the file Ô"="6/26/2017 8:37 AM, 26 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Regedit32"="REG_SZ", "C:\Windows\system32\regedit.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "taswexuahoft"="REG_SZ", "C:\Users\{username}\taswexuahoft.exe" [HKEY_CURRENT_USER\Software\Mxsemfyvejena] "Mopfazsaly"="REG_BINARY, ........ "taswexuahoftPuqjebeqya"="REG_BINARY, ........ Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/26/17 Scan Time: 11:04 AM Log File: mbamHippo.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.141 Update Package Version: 1.0.2232 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 336276 Threats Detected: 7 Threats Quarantined: 7 Time Elapsed: 1 min, 48 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 1 Adware.Agent, C:\USERS\{username}\TASWEXUAHOFT.EXE, Quarantined, [251], [410723],1.0.2232 Module: 1 Adware.Agent, C:\USERS\{username}\TASWEXUAHOFT.EXE, Quarantined, [251], [410723],1.0.2232 Registry Key: 0 (No malicious items detected) Registry Value: 3 Adware.Agent, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|taswexuahoft, Delete-on-Reboot, [251], [410723],1.0.2232 Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|REGEDIT32, Delete-on-Reboot, [24], [211870],1.0.2232 Trojan.Agent, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|REGEDIT32, Delete-on-Reboot, [24], [209941],1.0.2232 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 2 Adware.Agent, C:\USERS\{username}\TASWEXUAHOFT.EXE, Delete-on-Reboot, [251], [410723],1.0.2232 Adware.Agent, C:\USERS\{username}\DESKTOP\1V58TMWG.EXE, Delete-on-Reboot, [251], [410723],1.0.2232 Physical Sector: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  8. Recently one of my windows server 2008 R2 had been infected with malwares. I have no idea on how it got infected but i installed MalwareBytes Malware removal tool and it found few malwares including one bitcoin miner and quarantined it. After rebooting it worked without any issue but it keeps on restarting in 1-1.5 hours with below error in Event Viewer A critical system process, C:\Windows\system32\lsass.exe, failed with status code 00000000. The machine must now be restarted. Also it finds malware in C:\1.exe with type of Trojan.Agent and quarantines it. I am using latest version. It seems that malware is not getting removed completely after scan and it gets activated again and crashes OS after some time. Any help here would be highly appreciated.
  9. Found 1 file with Trojan.BHO and four registry malware items. How can I tell if the threats are completely removed? Webroot did not pick these items up on it's scan.
  10. Hello, long time MBAM Free user who has mostly been happy with it until now. I'm running Windows 7 Home Premium. Yesterday I found my first Trojan while running a scan in my own LUA: a Trojan.Agent.ENM in the file 00011334.tmp. This is especially alarming since it was found in the actual Malwarebytes Anti-Malware folder in Program Files-- and even though the Scan History says it was quarantined, it is nowhere in my Quarantine list. I do not remember whether it was ever there. After a few hours searching the forums for this issue, I updated the program and databases to prepare for creating this post. (I successfully used the Administrator account after having had database/program update problems in my LUA for a few months-- I didn't know till now that running MBAM as an Administrator makes a difference.) This time the scan as Administrator only turned up the two PUPs that also came up in the previous scan that turned up the now-missing Trojan. Since the file isn't showing up in the Quarantine list to be restored and examined, I couldn't post about this issue in the False Positive board-- and by now I am too uneasy about the fact that a possible Trojan on my computer has mysteriously vanished. Logs are attached below: MBAM logs mbamscanlog-11-18-2015-1.txt Using version 2.1.8.1057. Trojan and 2 PUPs found. mbamscanlog-11-18-2015-2.txt Using version 2.2.0.1024. Which only found the PUPs. Farbar Recovery Scan Tool Addition.txt FRST.txt If you need additional information or there are formatting issues, please tell me. I'm just as concerned about what this could mean for your program as I am about my own computer. Thank you in advance for your time. FRST.txt Addition.txt mbamscanlog-11-18-2015-1.txt mbamscanlog-11-18-2015-2.txt
  11. This is odd, I've never had a report like this before. Fonts are being considered as Trojan.Agent. As far as I know TTF or OTF files simply can't contain any malware. No? Here's the screenshot: I've been using these fonts for a while now. I'm sure those are false positives but why?
  12. I recently built a new pc, and have not even had it running for a month, and already I have a trojan... I have Windows Defender and Malwarebytes installed. After booting computer, either Malwarebytes or Windows Defender will quarantine the Win32/Bladabindi.gen Trojan, which is found in C:\ProgramData\smss.exe. I have tried deleting it many times using both of these programs, and have run full scans that show it to be gone afterwards. However, usually when I next restart, a notification will pop up immediately saying that Malwarebytes or Windows Defender has found this very same trojan in the very same location again! As you can imagine, this is very annoying for me, and I want to completely get rid of this program. Perhaps I should mention that I am using HackTool:MSIL/Gendows for my Microsoft Office Activation, and HackTool:Win32/AutoKMS for my Windows 8.1 activation, and that I have allowed both of those items in Windows Defender, although they came up as medium level threats. The threat level of Win32/Bladabindi.gen is stated as SEVERE in Windows Defender, so I am very worried! Please respond with instructions on what action I should take. Thanks so much for the time and consideration. -Jes3monkey
  13. Hello, with each search the file \\ users \ % username% \ AppData \ Roaming \ msconfig.ini found and identified as Trojan.Agent and placed in Quarantäne. After a reboot the file is infected again. What can I do ? regards Tom OS Windows 8.1 Tool (Premium) 2.0.2.1012
  14. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.17197 BrowserJavaVersion: 10.51.2Run by ed at 12:06:28 on 2014-03-31Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.12286.9813 [GMT -7:00].AV: Trend Micro Security Agent *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}SP: Trend Micro Security Agent *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\nvvsvc.exeC:\Windows\SysWOW64\svchost.exe -k AkamaiC:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exeC:\Windows\system32\svchost.exe -k apphostC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\ARX\ARX CryptoKit\utils\ARcltsrv.exeC:\Program Files\ARX\ARX CryptoKit\utils\arcltsrv.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Program Files\CFdesign 2010\CFdServ.exeC:\Windows\system32\CISVC.EXEC:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k ipripsvcC:\Program Files\CFdesign 2010\smpd.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exeC:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\svchost.exe -k regsvcC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k iissvcsC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Microsoft IntelliType Pro\itype.exeC:\Users\ed\AppData\Local\Akamai\netsession_win.exeC:\Program Files\Microsoft Office 15\root\office15\lync.exeC:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exeC:\Users\ed\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Users\ed\AppData\Local\Akamai\netsession_win.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exeC:\Windows\system32\wbem\wmiprvse.exe\\.\globalroot\systemroot\svchost.exe -netsvcsC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\SysWOW64\MDM.EXEC:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXEC:\Program Files (x86)\Telephony Toolbar\bin\BW_Assistant_Enterprise_SP.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Microsoft Office 15\Root\Office15\UcMapi.exeC:\Windows\sysWOW64\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\msiexec.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\splwow64.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyServer = 192.168.10.150:8080uProxyOverride = <local>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1282\6.8000.1119\TmIEPlg32.dllBHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dllBHO: Telephony Toolbar Services: {431A60E6-675F-4b9f-B3F0-66E0FECC8B34} - C:\Program Files (x86)\Telephony Toolbar\bin\BW_Assistant_Enterprise_IE_S.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Telephony Toolbar Call Control: {8F1FF1A7-C048-4d6b-B052-56E42CE427CB} - C:\Program Files (x86)\Telephony Toolbar\bin\BW_Assistant_Enterprise_IE_CC.dllBHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Telephony Toolbar Call Control: {6F6690B9-C5DB-4F08-8833-F2EF4DEE956B} - C:\Program Files (x86)\Telephony Toolbar\bin\BW_Assistant_Enterprise_IE_CC.dllTB: Telephony Toolbar Services: {F10D927F-D3DF-4734-98AB-DD258253F5FD} - C:\Program Files (x86)\Telephony Toolbar\bin\BW_Assistant_Enterprise_IE_S.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [Akamai NetSession Interface] "C:\Users\ed\AppData\Local\Akamai\netsession_win.exe"uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"uRun: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkeymRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\ed\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-System: disablecad = dword:1IE: &Dial - C:\Program Files (x86)\Telephony Toolbar\conf\dialIE.htmIE: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.htmlIE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlTCP: NameServer = 192.168.10.175 192.168.0.250TCP: Interfaces\{3EC6E3A2-D227-40A0-BCEE-DC1D59F2B9EE} : DHCPNameServer = 192.168.10.175 192.168.0.250Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1282\6.8000.1119\TmIEPlg32.dllHandler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Security Agent\UIFramework\ProToolbarIMRatingActiveX.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1282\6.8000.1119\TmIEPlg.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-Trusted Zone: rwcorp_1x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1282\6.8000.1119\TmIEPlg.dllx64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]R2 CFdesign 2010 Server;CFdesign 2010 Server;C:\Program Files\CFdesign 2010\CFdServ.exe [2009-12-15 686960]R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-21 2169016]R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 27136]R2 mpich2_smpd;MPICH2 Process Manager, Argonne National Lab;C:\Program Files\CFdesign 2010\SMPD.EXE [2009-11-16 1830912]R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-5-14 4901888]R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-9-20 77184]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2009-6-17 74256]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2009-6-17 13328]S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-9-20 272816]S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-3-28 1809720]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-3-28 857912]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-2-21 1030600]S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-28 25816]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-17 1255736].=============== File Associations ===============.FileExt: .scr: DWGTrueViewScriptFile=C:\Windows\System32\notepad.exe "%1"FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice].=============== Created Last 30 ================.2014-03-31 18:50:40 20480 ----a-w- C:\Windows\svchost.exe2014-03-29 00:05:59 -------- d-sh--w- C:\$RECYCLE.BIN2014-03-28 21:54:07 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys2014-03-28 21:53:50 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys2014-03-28 21:53:50 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys2014-03-28 21:53:50 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-03-28 21:53:50 -------- d-----w- C:\ProgramData\Malwarebytes2014-03-28 21:53:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware2014-03-28 21:48:03 -------- d-----w- C:\Users\ed\AppData\Local\Programs2014-03-02 23:23:56 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll2014-03-02 23:23:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll.==================== Find3M ====================.2014-03-12 15:33:07 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-03-12 15:33:07 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2014-03-03 00:48:02 829264 ----a-w- C:\Windows\System32\msvcr100.dll2014-03-03 00:48:02 608080 ----a-w- C:\Windows\System32\msvcp100.dll2014-01-29 22:45:12 103424 ----a-w- C:\Windows\SysWow64\CookDLL2005_nat.dll2014-01-29 22:45:06 102400 ----a-w- C:\Windows\SysWow64\Submittals_nat.dll2014-01-22 00:09:27 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2014-01-21 21:31:53 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll.============= FINISH: 12:06:46.84 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2Install Date: 2/21/2010 12:09:58 PMSystem Uptime: 3/31/2014 11:48:48 AM (1 hours ago).Motherboard: Dell Inc. | | 0XPDFKProcessor: Intel® Xeon® CPU W3520 @ 2.67GHz | CPU | 2666/4800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 149 GiB total, 81.564 GiB free.D: is FIXED (NTFS) - 74 GiB total, 56.298 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Broadcom NetXtreme 57xx Gigabit ControllerDevice ID: PCI\VEN_14E4&DEV_1681&SUBSYS_02931028&REV_10\4&170BFACC&0&00E5Manufacturer: BroadcomName: Broadcom NetXtreme 57xx Gigabit ControllerPNP Device ID: PCI\VEN_14E4&DEV_1681&SUBSYS_02931028&REV_10\4&170BFACC&0&00E5Service: b57nd60a.==== System Restore Points ===================.RP263: 3/17/2014 - Scheduled CheckpointRP264: 3/24/2014 12:00:01 AM - Scheduled CheckpointRP265: 3/28/2014 1:59:29 PM - ComboFix created restore point.==== Installed Programs ======================.64 Bit HP BiDi Channel Components Installer7-Zip 4.65 (x64 edition)Adobe Flash Player 12 ActiveXAdobe Reader 9.3Akamai NetSession InterfaceAkamai NetSession Interface ServiceApple Application SupportApple Mobile Device SupportApple Software UpdateARX CoSign ClientARX CryptoKitARX Office SignaturesARX OmniSign PrinterARX Signature APIAutodesk Design Review 2012Autodesk Design Review Browser Add-on v1.2 Autodesk Revit MEP 2010 x64Autodesk Revit MEP 2010 x64 Update 2Bentley Redline XM Edition 08.09.04.88Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2012Bentley View V8i (SELECTseries 3) 08.11.09.303BonjourCamStudioCamStudio Lossless CodecCDDRV_InstallerCFdesign 2010CFdesign License ManagerCompatibility Pack for the 2007 Office systemCompute-A-Fan 9.2Dell Driver Download ManagerDHTML Editing ComponentDocuments To Go Desktop for iPhoneDropboxDWG TrueView 2010DWG TrueView 2012DWGSee ProerLTEspPlusEspPlus - PumpsEspPlus - TanksEvernote v. 4.6.6GeoDesigner for ClimateMaster Version 3.2.02Google ChromeGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperGoToMeeting 4.8.0.723Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)iTime & ExpenseiTunesJava 7 Update 51Java 7 Update 51 (64-bit)Java Auto UpdaterJava 6 Update 19join.meJuniper Networks Host CheckerJuniper Networks Setup ClientKhalInstallWrapperLogitech SetPointMalwarebytes Anti-Malware version 2.00.0.1000Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft IntelliType Pro 8.2Microsoft Office 365 ProPlus - en-usMicrosoft Office Office 64-bit Components 2010Microsoft Office Project MUI (English) 2010Microsoft Office Project Standard 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Project Standard 2010Microsoft SilverlightMicrosoft SQL Server 2008 Management ObjectsMicrosoft SQL Server Compact 3.5 SP1 Design Tools EnglishMicrosoft SQL Server Compact 3.5 SP1 EnglishMicrosoft Visual Basic 2008 Express Edition with SP1 - ENUMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENUMicrosoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)Microsoft Visual Studio Tools for Applications 2.0 - ENUMicrosoft Visual Studio Tools for Applications 2.0 RuntimeMicrosoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enuMicrosoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKNotesForExchange Outlook AddIn version 0.7NVIDIA DriversNVIDIA nView Desktop ManagerNVIDIA Performance DriversOffice 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOverDrive Media ConsolePDF-XChange 3Pdf995PdfEdit995PVSonyDllQuickTimeSignature995Softros LAN MessengerSQL Server System CLR TypesTaco 2002 HX SelectionTelephony Toolbar 17 SP4 (17.4.72.5) MB5Trend Micro Worry-Free Business Security AgentUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Visual Basic for Applications ® CoreVisual Basic for Applications ® Core - EnglishVisual C++ 2008 - x86 (KB958357) - v9.0.30729.177WebExWindows XP Mode.==== Event Viewer Messages From Past Week ========.3/31/2014 11:55:33 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.3/31/2014 11:48:14 AM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.3/30/2014 6:50:05 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact the administrator to install the driver before you log in again.3/30/2014 6:49:59 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver RICOH Class Driver Plus required for printer RICOH Aficio MP C4000 is unknown. Contact the administrator to install the driver before you log in again.3/30/2014 6:49:58 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.3/30/2014 6:49:58 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Canon MG5400 series Printer required for printer Canon MG5400 series Printer WS is unknown. Contact the administrator to install the driver before you log in again.3/30/2014 6:49:57 AM, Error: Microsoft-Windows-TerminalServices-Printers [1111] - Driver Canon MG5400 series Printer required for printer Canon MG5400 series Printer is unknown. Contact the administrator to install the driver before you log in again.3/28/2014 5:24:53 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.3/28/2014 5:11:29 PM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067] - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. .3/28/2014 5:09:18 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).3/28/2014 5:09:14 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain RWE due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.3/28/2014 5:04:16 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.3/28/2014 5:03:54 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.3/28/2014 4:58:34 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service..==== End Of File ===========================
  15. We were having some issues with an image that was newly created so we ran a scan out of curiosity and it showed a resultant Trojan.agent within the Windows/hosts file. As the build is a new build we are wondering if it is a false positive and therefore a remnant of an incomplete wipe of the disc due to reformatting using only the Windows disk from Dell. I have attached the log file as evidence if that helps. Thanks in advance, Mike bmrt-log-2013-12-09 (12-36-04).txt
  16. Some weeks ago, I started to clean my father's computer in the following topic, but I had to go back home and could not progress until now: https://forums.malwarebytes.org/index.php?showtopic=132373 During this time, it seemed like he used his computer a few times, so I ran all the steps again yesterday(with fresh downloads of all programs). MWB did not find any new infections. The new Roguekiller log is below. The latest step I completed was to run Combofix. The first time around, it hung on creating the logfile (possibly because I let it run overnight) but I ran it again this morning, resulting in the following logfile (next message). The computer has been working very well; fast and responsive. However I am concerned because it was used during my absence, before the cleaning was complete. Roguekiller logfile: RogueKiller V8.7.4 [Oct 16 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : HC [Admin rights] Mode : Scan -- Date : 10/20/2013 00:42:01 | ARK || FAK || MBR | ¤¤¤ Bad processes : 3 ¤¤¤ [sUSP PATH] MXOALDR.EXE -- C:\WINDOWS\MXOALDR.EXE [7] -> KILLED [TermProc] [sUSP PATH] iexplore.exe -- I:\Documents and Settings\HC2\Desktop\iexplore.exe [7] -> KILLED [TermProc] [sUSP PATH] iexplore.exe -- I:\Documents and Settings\HC2\Desktop\iexplore.exe [7] -> KILLED [TermThr] ¤¤¤ Registry Entries : 3 ¤¤¤ [RUN][sUSP PATH] HKLM\[...]\Run : MXOBG (C:\WINDOWS\MXOALDR.EXE [7]) -> FOUND [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (sysmatrix.net:3) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V1][sUSP PATH] Disk Defragmenter.job : C:\WINDOWS\DEFRAG.EXE - /SAGERUN:1 [-] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ [Address] SSDT[12] : NtAlertResumeThread @ 0x80630120 -> HOOKED (Unknown @ 0x89A833A0) [Address] SSDT[13] : NtAlertThread @ 0x80577310 -> HOOKED (Unknown @ 0x89A83438) [Address] SSDT[17] : NtAllocateVirtualMemory @ 0x80569302 -> HOOKED (Unknown @ 0x89AB8F80) [Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805A1387 -> HOOKED (Unknown @ 0x89A908C0) [Address] SSDT[31] : NtConnectPort @ 0x8058CB11 -> HOOKED (Unknown @ 0x89C244A8) [Address] SSDT[43] : NtCreateMutant @ 0x805776E0 -> HOOKED (Unknown @ 0x89A8F898) [Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x8059E796 -> HOOKED (Unknown @ 0x89A90770) [Address] SSDT[53] : NtCreateThread @ 0x80578925 -> HOOKED (Unknown @ 0x89AECC20) [Address] SSDT[57] : NtDebugActiveProcess @ 0x8065C271 -> HOOKED (Unknown @ 0x89A90958) [Address] SSDT[68] : NtDuplicateObject @ 0x805749DA -> HOOKED (Unknown @ 0x89ADD8F8) [Address] SSDT[83] : NtFreeVirtualMemory @ 0x80569C2D -> HOOKED (Unknown @ 0x89AB8E30) [Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805DC22E -> HOOKED (Unknown @ 0x89A8F940) [Address] SSDT[91] : NtImpersonateThread @ 0x805817C1 -> HOOKED (Unknown @ 0x89A8F9B8) [Address] SSDT[97] : NtLoadDriver @ 0x805A29BD -> HOOKED (Unknown @ 0x89B11600) [Address] SSDT[108] : unknown @ 0x8057CB31 -> HOOKED (Unknown @ 0x89AC97F0) [Address] SSDT[114] : NtOpenEvent @ 0x80581B30 -> HOOKED (Unknown @ 0x89A8F800) [Address] SSDT[122] : NtOpenProcess @ 0x80574BC1 -> HOOKED (Unknown @ 0x89AB94A0) [Address] SSDT[123] : NtOpenProcessToken @ 0x80571121 -> HOOKED (Unknown @ 0x89ADD860) [Address] SSDT[125] : NtOpenSection @ 0x8056E583 -> HOOKED (Unknown @ 0x89A858C0) [Address] SSDT[128] : NtOpenThread @ 0x80590CFC -> HOOKED (Unknown @ 0x89ADD980) [Address] SSDT[137] : NtProtectVirtualMemory @ 0x80574F70 -> HOOKED (Unknown @ 0x89A90818) [Address] SSDT[206] : NtResumeThread @ 0x80578F98 -> HOOKED (Unknown @ 0x89A83E08) [Address] SSDT[213] : NtSetContextThread @ 0x8062E94F -> HOOKED (Unknown @ 0x89A83F90) [Address] SSDT[228] : NtSetInformationProcess @ 0x80570E2D -> HOOKED (Unknown @ 0x89AC96B0) [Address] SSDT[240] : NtSetSystemInformation @ 0x805A6AA9 -> HOOKED (Unknown @ 0x89A85808) [Address] SSDT[253] : NtSuspendProcess @ 0x80630065 -> HOOKED (Unknown @ 0x89A85958) [Address] SSDT[254] : NtSuspendThread @ 0x805E05D6 -> HOOKED (Unknown @ 0x89A83E60) [Address] SSDT[257] : NtTerminateProcess @ 0x80585851 -> HOOKED (Unknown @ 0x89AC4A60) [Address] SSDT[258] : unknown @ 0x80578037 -> HOOKED (Unknown @ 0x89A83EF8) [Address] SSDT[267] : NtUnmapViewOfSection @ 0x8057C6B6 -> HOOKED (Unknown @ 0x89AC9758) [Address] SSDT[277] : NtWriteVirtualMemory @ 0x805815AA -> HOOKED (Unknown @ 0x89AB8ED8) [Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x89C759F0) [Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x89C73B20) [Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x89C689F8) [Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x89C73008) [Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x89D67490) [Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x89CA7C18) [Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x89CE5DA8) [Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x89CD9068) [Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x89CAC038) [Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x89C5C3E8) ¤¤¤ External Hives: ¤¤¤ -> I:\Documents and Settings\HC\NTUSER.DAT | DRVINFO [Drv - I:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] -> I:\Documents and Settings\HC2\NTUSER.DAT | DRVINFO [Drv - I:] | SYSTEMINFO [sys - NO_SYS] [sys32 - NOT_FOUND] | USERINFO [startup - NOT_FOUND] ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD2500JB-00REA0 +++++ --- User --- [MBR] 211e2f97f442344d1ee0a8a4744f8100 [bSP] 80b0def8c0bc8e3626a25b59d942ca51 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 57474 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 117708255 | Size: 180997 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE2 @ USB) (Standard disk drives) - SanDisk Cruzer Glide USB Device +++++ --- User --- [MBR] a124dc1f32b91ceacb765c7a5ad6ec2e [bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15266 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_10202013_004201.txt >>
  17. My elderly father has been complaining about his slow Windows computers for some time. He has an up to date, automatically renewed subscription to Norton Security, so when it had trouble updating, he googled "Norton" and found some guy whom he thought was working for Norton. Dad somehow gave him remote access to his computer, and the tech said he had a lot of Trojans and wanted hundreds of dollars to fix the problem. The upshot is that last week I drove in from out of state to check out the computers. I eventually discovered and ran Malwarebytes and indeed it seems that his desktop has a lot of issues, including Agent, Proxy, and Banker Trojans, as well as TopArcadeHits and several other PUPs. I had to leave before the scan was done, but I came back today and have now attached the MBAM and DDS logs that I found. I didn't disable Norton while running DDS-- not sure if I should have. I'm running MBAM quick scan on his laptop as I type this. Thank you so much for any help or advice you can give on cleaning his computers and making sure they stay clean!! Here's his desktop log: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.24.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 HC :: HCPCBOX [administrator] Protection: Enabled 8/24/2013 7:42:41 PM mbam-log-2013-08-24 (19-42-41).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 393956 Time elapsed: 53 minute(s), 35 second(s) Memory Processes Detected: 1 C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\QuickShare.exe (PUP.Optional.SmartBar.A) -> 2860 -> Delete on reboot. Memory Modules Detected: 26 C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\MACTrackBarLib.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Controls.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Docking.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.MainClient.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Core.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.Common.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.NetSeer.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll (PUP.Optional.SmartBar.A) -> Delete on reboot. Registry Keys Detected: 20 HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully. HKCR\IESmartBar.BHO (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully. HKCR\CLSID\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4C712FAB-F0AB-4F89-AA2B-584CB75E77E5} (Adware.OnScreen.K) -> Quarantined and deleted successfully. HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (Adware.GameVance) -> Quarantined and deleted successfully. Registry Values Detected: 1 HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Browser Infrastructure Helper (PUP.Optional.SmartBar.A) -> Data: C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\QuickShare.exe startup -> Quarantined and deleted successfully. Registry Data Items Detected: 2 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Detected: 41 C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\it (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\nl (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\pt (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\ru (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\tr (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\Configs (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\ServicesPlugins (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\DistributionFiles (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\DistributionFiles\Configs (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\DistributionFiles\Profiles (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.62.60.11333 (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} (PUP.Optional.TopArcadeHits.A) -> No action taken. C:\Documents and Settings\HC\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome (PUP.Optional.TopArcadeHits.A) -> No action taken. C:\Documents and Settings\HC\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content (PUP.Optional.TopArcadeHits.A) -> No action taken. C:\Documents and Settings\HC\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin (PUP.Optional.TopArcadeHits.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully. C:\Documents and Settings\June\HC\Programs\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\TopArcadeHits (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Temp\Smartbar (PUP.Optional.Linkury.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application (PUP.Optional.SmartBar.A) -> Delete on reboot. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\CSS (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\images (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\PublisherImages (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\ar (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\Configs (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\de (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\es (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\fr (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\he (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\chrome (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\chrome\images (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully. Files Detected: 881 C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\QuickShare128.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\QuickShare16.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\ISmartbarFireFoxRemotePlugin.xpt (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_16.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_17.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_18.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_19.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\Configs\UserInfo.xml (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00c.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00cPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0A2DE7DB-ADE9-44FC-BC66-CF5604F9BF7A.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0A2DE7DB-ADE9-44FC-BC66-CF5604F9BF7Ahover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0A2DE7DB-ADE9-44FC-BC66-CF5604F9BF7Apress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABE.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\101FF2F5-9F51-405F-ACBB-D4A5F3601679.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\101FF2F5-9F51-405F-ACBB-D4A5F3601679hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\101FF2F5-9F51-405F-ACBB-D4A5F3601679press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827Ehover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1A19CD12-F9A2-44A6-8F44-F3A95E0081A0.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1A19CD12-F9A2-44A6-8F44-F3A95E0081A0hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1A19CD12-F9A2-44A6-8F44-F3A95E0081A0press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\1FFDDB6E-8EB3-4CE0-9C2B-44910A3C5975press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\225323D0-97BB-46E4-85E1-15EA27174BF4.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\225323D0-97BB-46E4-85E1-15EA27174BF4hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\225323D0-97BB-46E4-85E1-15EA27174BF4press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\23E3FEB8-E6FF-4475-811A-805773D02D08.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\23E3FEB8-E6FF-4475-811A-805773D02D08hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\23E3FEB8-E6FF-4475-811A-805773D02D08press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\26E2804B-65B5-47E1-A457-DAA75A2B1370.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\26E2804B-65B5-47E1-A457-DAA75A2B1370hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\26E2804B-65B5-47E1-A457-DAA75A2B1370press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\2C37338C-837B-4846-B50B-E32D70C6A0F5.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\2C37338C-837B-4846-B50B-E32D70C6A0F5hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\2C37338C-837B-4846-B50B-E32D70C6A0F5press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\30657846-199A-4D0D-984D-BE588084F1F6.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\30657846-199A-4D0D-984D-BE588084F1F6hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\30657846-199A-4D0D-984D-BE588084F1F6press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133C.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133CHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133CPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\328F7722-52E8-46A6-9197-B2F27C5142C7.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\328F7722-52E8-46A6-9197-B2F27C5142C7hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\328F7722-52E8-46A6-9197-B2F27C5142C7press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\39028511-3F15-4442-9188-DDC86BE1BBD0.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\39028511-3F15-4442-9188-DDC86BE1BBD0hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\39028511-3F15-4442-9188-DDC86BE1BBD0press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\3C610B86-19DE-4757-B46A-871C9C27FF0A.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\3C610B86-19DE-4757-B46A-871C9C27FF0AHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\3C610B86-19DE-4757-B46A-871C9C27FF0APress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\412D5531-A3E1-40BB-B0C3-71E3C45A4E13.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\412D5531-A3E1-40BB-B0C3-71E3C45A4E13hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\412D5531-A3E1-40BB-B0C3-71E3C45A4E13press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\56B19DA1-B4C5-4FCF-87D0-44E8B2C1002A.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\56B19DA1-B4C5-4FCF-87D0-44E8B2C1002Ahover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\56B19DA1-B4C5-4FCF-87D0-44E8B2C1002Apress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\7CF3BACC-BF1C-4860-BB4E-F1A8440250FE.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\7CF3BACC-BF1C-4860-BB4E-F1A8440250FEhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\7CF3BACC-BF1C-4860-BB4E-F1A8440250FEpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307f.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\85CF6427-8441-427A-859A-7A3C72288481.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\85CF6427-8441-427A-859A-7A3C72288481hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\85CF6427-8441-427A-859A-7A3C72288481press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2C.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Chover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748C.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748CHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748CPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6eba.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\925D8F0E-E5EA-45F9-A657-0C14B68C4A61.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\925D8F0E-E5EA-45F9-A657-0C14B68C4A61hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\925D8F0E-E5EA-45F9-A657-0C14B68C4A61press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\99938D89-FF78-49C8-B92B-5AB4C8DFA2D1.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\99938D89-FF78-49C8-B92B-5AB4C8DFA2D1hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\99938D89-FF78-49C8-B92B-5AB4C8DFA2D1press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8C.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8Chover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A1D51ECC-DBD7-4C7E-9A75-364B8E2F1D8Cpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A89DA5A2-D390-47F4-84EF-6044EC8AC368.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A89DA5A2-D390-47F4-84EF-6044EC8AC368hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\A89DA5A2-D390-47F4-84EF-6044EC8AC368press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8f.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55F.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55Fhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B1FE90EC-CEDA-4467-86CE-6CD7F1D3D55Fpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B81443D4-15F7-4B97-9DC8-3645A012C817.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B81443D4-15F7-4B97-9DC8-3645A012C817hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\B81443D4-15F7-4B97-9DC8-3645A012C817press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C0AC006A-9C65-42F9-AE11-D675DCCC6840.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C0AC006A-9C65-42F9-AE11-D675DCCC6840hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C0AC006A-9C65-42F9-AE11-D675DCCC6840press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C438F0F0-525A-4942-8307-6B71E596367D.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C438F0F0-525A-4942-8307-6B71E596367Dhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C438F0F0-525A-4942-8307-6B71E596367Dpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C48E3725-71FB-4824-969A-C6D428C18A2B.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C48E3725-71FB-4824-969A-C6D428C18A2Bhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\C48E3725-71FB-4824-969A-C6D428C18A2Bpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CCEE5A80-8C88-4BB1-89BF-4A7EFF93E452press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CCF42F56-0405-4697-A513-AA01DEE5DF02.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CCF42F56-0405-4697-A513-AA01DEE5DF02hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CCF42F56-0405-4697-A513-AA01DEE5DF02press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CFEFCFCB-4871-46CD-86F7-14C1F17A7FF6.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CFEFCFCB-4871-46CD-86F7-14C1F17A7FF6hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\CFEFCFCB-4871-46CD-86F7-14C1F17A7FF6press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D13971C4-4DA8-4C4B-87F6-17E97BFE7448.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D13971C4-4DA8-4C4B-87F6-17E97BFE7448hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D13971C4-4DA8-4C4B-87F6-17E97BFE7448press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876F.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\DCF8B81C-11B5-4B12-A6E5-F74F09BBDD4C.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\DCF8B81C-11B5-4B12-A6E5-F74F09BBDD4Chover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\DCF8B81C-11B5-4B12-A6E5-F74F09BBDD4Cpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cd.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212E.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E6EE3C0D-1AF6-4A1E-AD63-1AFD7CB84583press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580de.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29B.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F5297DBC-3B3B-4744-A54D-308EAD98D223.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F5297DBC-3B3B-4744-A54D-308EAD98D223hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F5297DBC-3B3B-4744-A54D-308EAD98D223press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F9218572-58F0-4FB9-B0C5-4EA74848D6EC.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F9218572-58F0-4FB9-B0C5-4EA74848D6EChover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F9218572-58F0-4FB9-B0C5-4EA74848D6ECpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F9B1CE4C-4CE6-4093-948F-F8FD6A8F48A3.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F9B1CE4C-4CE6-4093-948F-F8FD6A8F48A3hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\F9B1CE4C-4CE6-4093-948F-F8FD6A8F48A3press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\FA3DE5E1-19AC-42FA-8E77-C25C60E60EC7press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7b.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\FF927FFB-35DC-43A3-A502-690B99FCC056.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\FF927FFB-35DC-43A3-A502-690B99FCC056hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\icons\FF927FFB-35DC-43A3-A502-690B99FCC056press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.ico (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00cpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0A2DE7DB-ADE9-44FC-BC66-CF5604F9BF7A.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0A2DE7DB-ADE9-44FC-BC66-CF5604F9BF7Ahover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0A2DE7DB-ADE9-44FC-BC66-CF5604F9BF7Apress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0AE6BC52-0A54-4F53-9848-1FC2D4CE3D3D.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0AE6BC52-0A54-4F53-9848-1FC2D4CE3D3DHover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0AE6BC52-0A54-4F53-9848-1FC2D4CE3D3DPress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABE.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\101FF2F5-9F51-405F-ACBB-D4A5F3601679.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\101FF2F5-9F51-405F-ACBB-D4A5F3601679hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\101FF2F5-9F51-405F-ACBB-D4A5F3601679press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827hover.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png (PUP.Optional.SmartBar.A) -> No action taken. C:\Documents and Settings\HC\Local Settings\Application Data\Smartbar\Common\iconsWide\1A19CD12-F9A2-44A6-8F44-F3A95E0081A0.png (PUP.Optional.SmartBar.A) -> No action taken.
  18. Pretty sure this is a false positive since I scanned this, removed it, restarted and didn't see the problem again. So I decided to verify game cache on the game Blocks that Matter under Steam and scanned again. Sure enough it showed up as the same Trojan.Agent found in the file natives-win32.jar again. I'm not 100% sure that's why I'm posting here in hopes that maybe this will help shed light on either a false positive or something in my system. Highly doubt steam is downloading the same virus into my system though. Anyways here's my log: MBAM-log-2013-10-30 (09-45-36).txt Thank you for your time and for a great program.
  19. Hi, Latest Data Version Trojan.Agent detected C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.28.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Camelia :: UTIMA [administrator] Protection: Enabled 8/28/2013 10:45:52 AM MBAM-log-2013-08-28 (10-58-42).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 221103 Time elapsed: 12 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe (Trojan.Agent) -> No action taken. [b004e4a5d894b5810489cb8a0001d62a] (end)
  20. My online Armor says that i my removable disk has a trojan.agent virus or shortcut virus. I use malwarebytes to remove it but it failed to locate it saying "no infection". Any help?
  21. Hello Malwarebytes, I updated Anti-Malware to the latest database version (913042702) and ran a full scan today. Here's what I got after running the same scan in developer mode: Files Infected: C:\Windows\System32\COMMAND.COM (Trojan.Agent) -> No action taken. [27517B842938D5006908C61D87F3AB7C] This never happened before. I'll be pleased if you guys could check this one whether it's a false positive or not. I've zipped everything and attached it in this post. The zip file includes the following files: COMMAND.COM -> the file reported as "infected" COMMAND.md5 -> MD5 checksum of the file for verification mbam-log-2013-04-27 (13-41-29).txt -> the detailed log of my scan in developer mode Regards, viruskiller mbam-false-positive-2013-04-27.zip
  22. Thank you for your help in the past. I think I've found yet another one. A scan of the computer turns up this result. " ...\FAT-Engine SDK + demos v1.22 BETA - fat.zip (Trojan.Agent.NR) -> No action taken. [19028d807fed5ed82d4ff02cae53738d] ...\FAT-Engine SDK + demos v1.22 BETA - fat.zip (Trojan.Agent.NR) -> No action taken. [04177a93224a330384f82af2649dad53] " FAT-Engine, is a generic Raycasting Engine for the TI-89, TI-89T, TI-92+ and TI-V200 (collectively known as TI-68k) calculators. < http://tict.ticalc.o...ref_other_games > I suspect this one is another false positive since scans of the file in question with AVG and Spybot Search & Destroy both come up clean. Note: Both files listed in the log provided by this post are just copies of the same file. Thank you. -Files and log attached. MBAM-log-2013-05-10 (01-09-50).txt FAT-Engine SDK + demos v1.22 BETA - fat.zip Please help. Thanks.
  23. Hi, I am in desperate need of some help!! Yesterday, I noticed something very wrong. In my research, I came across MBAM. I ran the scan and found 4 issues. MBAM resolved 2, but this Trojan.Agent will not go away. There are 2 (1 file and 1 memory), both svchost.exe. Apparently, Norton was not enough to block it. Before I found MBAM, I tried a system restore which got rid of my Norton and brought back AVG. Either way, the Trojan won't let me open. I did a little research on this Trojan.Agent and am a little freaked at what I read. Can it really be as bad as it says? I am willing to wipe everything and start fresh if absolutely necessary, though I'd like to avoid going that route if someone here can help me get rid of it for good. I have no idea how I got it, as I am VERY careful of the pages I open. I tried to download DDS per the instructions and link on the initial pinned thread. I selected "save to desktop". The message I got was "The publisher of dds.com couldn't be verified" with an option to run at the bottom of my screen. On my desktop, there is a file that says just "dds". In the pinned post, it says to double click dds.scr or dds.com so I didn't want to proceed with the dds on the desktop until I was told to proceed. I could really use some help with this! Ive read through prior threads and believe that I can do this with help, but please bear with me because I am not the most technical savvy person. Thank you in advance, and PLEASE help me get rid of this pest! K-
  24. Hi, I'm new to this forum so I am sorry if this is posted in the wrong category. I was recently infected with the Trojan.Agent that runs out of the svchost.exe (winrscmde). It uses up a large amount of the CPU along with hijacking passwords, etc. My Norton Security wasn't able to detect it so I downloaded malwarebytes to resolve the issue. I ran malwarebytes and it found the Trojan.Agent with little problem. It was quarantined and I restarted my computer. I then deleted the threats listed in the quarantine box. The Trojan.Agent still keeps reappearing in the quarantine box with more Trojan.Agents being created every minute.They are no longer affecting my CPU since it only ranges 3%-10% compared to 50% before it was quarantined. The symptoms are no longer present, but the virus keeps trying to recreate itself to no avail though. I have tried restarting my computer but the virus persists. All of the recreations are quarantined, but they have not stopped being created. I am wondering if my computer is safe right now and if there is anything I can do to prevent these recreations. Thank You
  25. [dss.txt] DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_31 Run by Anne at 17:06:30 on 2013-02-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8174.6310 [GMT -7:00] . AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\VMware\VMware Player\hqtray.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://login-learn.k12.com/accessui/login.do?__actionName=view uWindow Title = Internet Explorer, optimized for Bing and MSN mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\CoIEPlg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\IPS\IPSBHO.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\CoIEPlg.dll uRun: [updateMgr] C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_1_0 -reboot 1 uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe" mRun: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe" mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" StartupFolder: C:\Users\Anne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://eval.phase2.com/dwa85W.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} - hxxp://trminotes.trmnet.com/dwa85W.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NEP1-267/event/ieatgpc1.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{1D091ACF-1959-4203-8862-B2EC8222D547} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{A94BD54E-2FB8-414B-BA4D-FA12020CF019} : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\mujkq0c0.default\ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb185?a=6PQR3nlFRC&i=26 FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb185/?loc=IB_DS&a=6PQR3nlFRC&&i=26&search= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll . ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.brc - FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQR3nlFRC&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - aa04cd6e000000000000c0f8da08ba88 FF - user.js: extensions.incredibar_i.instlDay - 15672 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:15:48 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6PQR3nlFRC FF - user.js: extensions.incredibar_i.upn2n - 92544002127839816 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10678 FF - user.js: extensions.incredibar_i.ppd - 111 . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-4-24 55856] R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2011-4-24 27120] R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2011-4-24 19952] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402000.013\SymDS64.sys [2013-1-16 493216] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402000.013\SymEFA64.sys [2013-1-16 1133216] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130116.013\BHDrvx64.sys [2013-1-15 1388120] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1402000.013\ccSetx64.sys [2013-1-16 168096] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130208.001\IDSviA64.sys [2013-2-8 513184] R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2011-4-24 27632] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402000.013\Ironx64.sys [2013-1-16 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys [2013-1-16 432800] R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-18 203776] R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-7-14 32240] R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-18 13336] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-9 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-9 682344] R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-4-1 67400] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe [2013-1-16 143928] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2013-2-8 794272] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-5-20 539184] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-4-18 116752] R3 HP1319EWS;HP1319EWS;C:\Windows\System32\drivers\HP1319EWS.sys [2011-5-9 14848] R3 HP1319FAX;HP1319MFP FAX;C:\Windows\System32\drivers\HP1319FAX.sys [2011-5-9 16384] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-18 317440] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-4-18 406056] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-9 24176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;"C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe" -svcinvoke -ini "C:\Program Files (x86)\IBM\Lotus\Notes\notes.ini" --> C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe [?] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-4-18 158976] S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-28 29720] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-24 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-02-09 23:35:08 -------- d-----w- C:\Users\Anne\AppData\Roaming\Malwarebytes 2013-02-09 23:35:03 -------- d-----w- C:\ProgramData\Malwarebytes 2013-02-09 23:35:02 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-02-09 23:35:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-02-09 23:34:44 -------- d-----w- C:\Users\Anne\AppData\Local\Programs 2013-02-08 23:36:03 880640 ----a-w- C:\Windows\SysWow64\UniBox10.ocx 2013-02-08 23:36:03 513696 ----a-w- C:\Windows\SysWow64\msxml.dll 2013-02-08 23:36:03 41632 ----a-w- C:\Windows\System32\CleanMFT64.exe 2013-02-08 23:36:03 212992 ----a-w- C:\Windows\SysWow64\UniBoxVB12.ocx 2013-02-08 23:36:03 1101824 ----a-w- C:\Windows\SysWow64\UniBox210.ocx 2013-02-08 23:36:02 -------- d-----w- C:\Program Files (x86)\PC Tools Registry Mechanic 2013-02-08 23:36:02 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools 2013-02-07 19:35:17 -------- d-----w- C:\Users\Anne\AppData\Roaming\Individual Software 2013-02-07 19:31:16 92208 ----a-w- C:\Windows\system\wing.dll 2013-02-07 19:31:16 6736 ----a-w- C:\Windows\system\wingdib.drv 2013-02-07 19:31:16 26112 ----a-w- C:\Windows\system\Wavmix16.dll 2013-02-07 19:31:16 26112 ----a-w- C:\Windows\system\Wavemix.dll 2013-02-07 19:31:16 188960 ----a-w- C:\Windows\system\wingde.dll 2013-02-07 19:31:07 -------- d-----w- C:\ProgramData\Individual Software 2013-02-07 19:30:42 1645320 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2013-02-07 19:30:42 1388544 ----a-w- C:\Windows\SysWow64\temp.000 2013-02-07 19:30:42 132880 ----a-w- C:\Windows\SysWow64\MSINET.OCX 2013-02-07 19:30:42 -------- d-----w- C:\Program Files (x86)\Typing Instructor Deluxe 2013-02-07 19:30:42 -------- d-----w- C:\Program Files (x86)\Common Files\Individual Software 2013-02-04 22:47:09 -------- d-----w- C:\Users\Anne\AppData\Roaming\com.focuseducation.JungleRangers 2013-02-04 22:47:07 -------- d-----w- C:\Program Files (x86)\Jungle Rangers 2013-01-29 13:59:41 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll 2013-01-29 13:57:28 106240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2013-01-22 14:04:12 -------- d-----r- C:\Users\Anne\Dropbox 2013-01-22 14:01:42 -------- d-----w- C:\Users\Anne\AppData\Roaming\Dropbox 2013-01-20 16:48:57 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-01-20 16:48:57 -------- d-----w- C:\Program Files\iTunes 2013-01-20 16:48:57 -------- d-----w- C:\Program Files\iPod 2013-01-20 16:48:57 -------- d-----w- C:\Program Files (x86)\iTunes 2013-01-20 16:23:57 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-20 16:22:37 68608 ----a-w- C:\Windows\System32\taskhost.exe 2013-01-20 16:22:37 3149824 ----a-w- C:\Windows\System32\win32k.sys 2013-01-16 18:05:06 776864 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\srtsp64.sys 2013-01-16 18:05:06 493216 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\SymDS64.sys 2013-01-16 18:05:06 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys 2013-01-16 18:05:06 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\srtspx64.sys 2013-01-16 18:05:06 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\SymELAM.sys 2013-01-16 18:05:06 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\Ironx64.sys 2013-01-16 18:05:06 168096 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\ccSetx64.sys 2013-01-16 18:05:06 1133216 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\SymEFA64.sys 2013-01-16 18:05:00 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402000.013 2013-01-16 16:57:48 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2013-01-16 16:57:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-01-16 16:57:47 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2013-01-16 16:57:47 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-01-16 16:57:47 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2013-01-16 16:57:47 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-01-16 16:57:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2013-01-16 16:57:47 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2013-01-16 16:57:47 243200 ----a-w- C:\Windows\System32\wow64.dll . ==================== Find3M ==================== . 2013-02-07 22:48:10 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-07 22:48:10 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-01-16 18:05:40 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 17:07:18.02 =============== attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 4/23/2011 1:18:55 PM System Uptime: 2/9/2013 4:48:22 PM (1 hours ago) . Motherboard: Dell Inc. | | 0Y2MRG Processor: Intel® Core i5-2400 CPU @ 3.10GHz | CPU 1 | 1581/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 919 GiB total, 624.202 GiB free. D: is CDROM () G: is Removable H: is Removable I: is Removable J: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP187: 1/29/2013 10:44:07 AM - Scheduled Checkpoint RP188: 2/7/2013 11:30:47 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Acrobat 9 Pro - English, Français, Deutsch Adobe Acrobat 9.5.3 - CPSID_83708 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Help Viewer 2 Adobe Reader X (10.1.5) Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update ATI Catalyst Control Center Audacity 1.3.14 (Unicode) Audible Download Manager Bonjour Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco WebEx Meetings Comic Life Consumer In-Home Service Agreement D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Dell Edoc Viewer Dell PhotoStage DirectX 9 Runtime Dragon NaturallySpeaking 11 Dropbox DW WLAN Card Focus Education's Jungle Rangers - v2.46 Google Chrome Google Toolbar for Internet Explorer Google Update Helper GoToMeeting 5.1.0.880 HP Officejet Pro 8500 A910 Basic Device Software HP Officejet Pro 8500 A910 Help HP Officejet Pro 8500 A910 Product Improvement Study HP Update I.R.I.S. OCR iCloud IIS 7.5 Express Intel® Rapid Storage Technology InterActual Player Internet TV for Windows Media Center iTunes Java Auto Updater Java 6 Update 23 (64-bit) Java 6 Update 31 Junk Mail filter update Kelly Club Pet Parade CD-ROM LAME v3.98.3 for Audacity Lotus Notes 8.5.1 Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft ASP.NET Web Pages Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Standard 2010 Microsoft Office Visio 2007 Service Pack 3 (SP3) Microsoft Office Visio MUI (English) 2007 Microsoft Office Visio Professional 2007 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Native Client Microsoft SQL Server Compact 4.0 Web Tools ENU Microsoft SQL Server Compact 4.0 x64 ENU Microsoft SQL Server System CLR Types Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Web Deploy 2.0 Microsoft Web Platform Installer 3.0 Microsoft WebMatrix MobileMe Control Panel Mozilla Firefox 6.0 (x86 en-US) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Multimedia Card Reader MySQL Connector Net 6.3.7 MySQL Server 5.1 Norton 360 OverDrive Media Console PC Tools Registry Mechanic 11.1 Plants vs. Zombies QuickTime RBVirtualFolder64Inst Realtek High Definition Audio Driver Roxio BackOnTrack Roxio Burn Roxio CinePlayer Roxio CinePlayer Decoder Pack Roxio Creator 2011 Roxio Dell install Util Roxio PhotoShow Roxio Video Capture USB Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition Skins Skype Click to Call Skype™ 5.10 SmartSound Common Data SmartSound Quicktracks 5 swMSM THX TruStudio PC Typing Instructor Deluxe Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Visio 2007 Help (KB963666) Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition VD64Inst Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) VMware Player Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Center Add-in for Flash WinRAR 4.20 (32-bit) Yugma . ==== Event Viewer Messages From Past Week ======== . 2/9/2013 5:07:12 PM, Error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s). 2/9/2013 4:49:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect. 2/9/2013 4:34:26 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 2/9/2013 4:34:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 2/9/2013 4:34:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 2/9/2013 4:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/9/2013 4:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/9/2013 4:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 2/9/2013 4:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 2/9/2013 4:28:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 2/9/2013 4:28:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/9/2013 4:27:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss SaibVdAd64 spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 2/9/2013 4:27:58 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/9/2013 10:44:12 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer TTCMOBILE1 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A94BD54E-2FB8-414B-BA4D-FA12020CF019}. The master browser is stopping or an election is being forced. 2/6/2013 8:47:40 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file. 2/6/2013 8:47:40 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000001000000dd, 0x0000000000000002, 0x0000000000000001, 0xfffff800034fd0c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: . . ==== End Of File =========================== THANK YOU SOOOOO MUCH FOR THE HELP!!! attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.