Jump to content

Search the Community

Showing results for tags 'winxp'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 7 results

  1. my plan is to do a cleanses out all of my USB flash sticks and to emptied them by moving all file to a safe place and then to formatting all of them .and I almost thinking to make an multi-boot windows into one of USB drive but how to make a multi-boot windows into USB drive ? is there any free tool or utility for it ? and I would like to know exactly how many GB needed to makes one windows 7 -32-bit and one windows 7-64-bit and one windows xp-32-bit and one windows 10-64-bit ! and also I want to make a back-up for the system into a 4 GB flash drive which is for recovery if it needed ! I’ve check for a website which is for an official tool but it look like its down any tutorial or recommendation are highly welcomed !
  2. Hi. The computer, winxp sp3, has been slow and getting slower for maybe 3-4 years. Antivirus programs have found nothing major except for several instances of Trojan horse Agent5.AETS by AVG free about a year ago. Then, AVG would not work and it was removed, Currently I am using free Avast as the main antivirus and MBAM for on demand scans. Panda Cloud Cleaner, Avira PC Cleaner (a cloud cleaner), and MSERT are used at least monthly. Thank you for your help, Tom
  3. Hi, False positive using WinXP_Pro-SP3 and Winword 2000. Software details: OS: WinXP_Pro-SP3 WinWord 2000 v9.09050-SP3 WinXP DEP enabled. Problem exists with or without WinWord excluded. MBAE "word.exe" locked or unlocked Windows throws DEP alert and shuts down MS Word with alert dialog box. Problem occurs starting MS Word directly (not opening existing document) OR attempting to open Word document without Word already running. Excluding MS Word in DEP makes no difference. Unlocking MS Word (word.exe) in MBAE Shields makes no difference Stopping MBAE Protection all is OK. For now I will ensure I disable my Internet connection and MBAE while creating Word documents. Tried to attach zipped folder but get Error Message "Upload Skipped (Error IO)". File size 195KB (<30MB limit). Browser is Firefox Ver 38.0.5. Is there a filename length limit? OK, used basic uploader. Folder zip file attached OK now.MBAE_FP_WinXP_Word.zip Hope you can help. Regards...Aussie_Bob
  4. 95% of ATM machines still use Windows XP, and will be exposed to vulnerabilities after April 8th, 2014 Jett Goldsmith The world's ATM machines will soon face a major issue on April 8th: The end of support for their operating system. According to BusinessWeek, 95 percent of active ATMs in the world, or nearly all of the 420,000 currently operating in the United States, run on Windows XP - a system which Microsoft is officially ending support for in under 90 days. Despite being one of the most frequently used consumer technologies in the world, many ATMs run on outdated operating systems. and with the April 8th deadline looming, their owners must make the upgrade. But this may be easier said than done for many of the machines, which run on outdated hardware that may struggle to keep up with a newer OS, like Windows 7. According to Suzanne Cluckey, the editor of ATM Marketplace, The machines that aren't promptly upgraded could face significant security vulnerabilities as more and more weak points in the OS are uncovered. And while Microsoft promised to continue support for Microsoft Security Essentials until 2015, the operating system as a whole will still lack regular security patches - something which could end badly for the machines which thousands deposit cash into every day. Small shops which lack the resources available to larger businesses would be hit the hardest, as they're the slowest to change. And while consumers are protected under industry protections, those operating the machines will be hit the hardest by any malicious attacks. Hopefully ATM operators will heed these warnings and upgrade as soon as possible: The malware infection rate for Windows XP is already almost six times higher than Windows 8 systems, and despite pleas from the Chinese government for Microsoft to continue support, and a warning to the Indian banking industry that details 'major risks' if they don't switch operating systems, those less than tech-savvy operators may still see their ATMs face a significant threat. Source: BusinessWeek | Image via Shutterstock - ATM Machine /Steve
  5. . Microsoft: You will still need to activate Windows XP after April 8th with a fresh install John Callaham When Windows 7 was released in 2009, some of its SKUs included a feature called "XP mode". In the simpliest terms, the Professional, Enterprise and Ultimate versions of Windows 7 could allow older Windows XP programs to run in a simulated environment; the idea was to help small businesses make the transition from XP to 7 easier. With Windows XP now set to lose all security and software update support from Microsoft on April 8th, some Windows 7 users might be wondering about the future of "XP mode" as well. ZDNet reports that, according to a statement from Microsoft, the company has no plans to release a patch for Windows 7 that does away with "XP mode". Having said that, Microsoft states that people who continue to use that feature to run older programs in Windows 7 could still face security risks because Windows XP won't get any more updates in less than three months. In other words, it's best to simply stop using "XP mode" after April 8th. ZDNet also reports that if, for some reason, you want to install Windows XP on your PC after April 8th, Microsoft will still require that the OS be activated before it can run on your computer. A spokesperson said, Source: ZDNet | Image via Microsoft /Steve
  6. Have used in torrenting in the past but It hasnt seemed to affect me but recently I got a torrent search for chrome and have had trouble ever since, I have now deleted a number of programs picked up by mawarebytes as well as any involvement in torrenting but am still seeing ips being blocked.
  7. I had posted my Protection issue with v.1.65 upgrade on the General Forums, and was advised to start a topic on this forum instead, to get help addressing a possible infection. At this time I personally do not believe I am infected, only because my machine is not showing any of the classic signs of malware, such as slow performance or hijacked browser navigation. But since I can't seem to enable Filesystem Protection or Malicious Website Blocking in MB Pro 1.65, even after going through the normal reboots, etc, as others have been advised elsewhere, I will submit to an infection diagnostic. My original post is here. Please look there for the details of what problems I've noted, as well as the solutions I've tried on my own. It includes the text from my DDS test, which has been repasted to this forum. I have also reattached here my Attach.txt, mbam-check results, and Protection Log files for your reference. Thank you rwtrekker . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by User at 15:15:56 on 2012-09-15 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3807.3028 [GMT -5:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Ahead\InCD\InCDsrv.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\program files\real\realplayer\update\realsched.exe C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE C:\Compaq\EAKDRV\EAUSBKBD.EXE C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/webhp?complete=1&hl=en uSearch Bar = hxxp://go.compaq.com/1Q00CDT/0409/bl8.asp mSearch Bar = hxxp://go.compaq.com/1Q00CDT/0409/bl8.asp uInternet Settings,ProxyOverride =;*.local mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll {31c5b04f-5354-4a41-9f61-1709ee9a882b} {3fa2a876-9c21-43d8-857e-147bb1b03eee} {402298e1-0d51-432a-a121-fe2bcb736325} {416defa2-b336-4854-ad0d-aa317b910aaf} {449497ea-466c-4d64-871c-13bc68a5db54} {51cf8a3e-a4dd-4598-a750-20701c0c2a7e} BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll {55d2d2b1-44bb-48bd-9377-4b58bfa9e837} {59084763-cc10-42de-bcdd-3089480fbf28} {6b90da66-ddfc-40a9-8cf1-7149fcc0a506} {6ba1cca5-c3d6-430d-a796-8418698ec98d} BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll {79b4db19-a8e7-4e80-b9e1-46fd6545451d} BHO: DataVault Object: {8373adc0-6330-11dd-9d77-22c856d89593} - c:\program files\avanquest\systemsuite\IE_ContextMenu_Vault.dll {85ab479e-81b6-4331-b0c0-cce2c389ca20} {8cf3b09c-434c-423b-9027-974f2b0c66ef} {8f9d70e8-f79f-46a4-9877-c298d5c4f2cb} {933a2822-cc8f-432d-9a0c-3b2634b410ac} {95de9494-578c-447a-814c-c2f87404d7f3} {9a4f4743-4ee9-40b5-8620-58d9584bef81} {a459a550-2510-4335-b84e-a5f200131ff7} {a75613f5-5781-44f6-8cdf-7772aaae9720} BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll {b13895a7-c769-4f8e-a63e-80089021e060} {c5f98f5d-3f00-4077-b237-c338fbc5e1cd} {c9e1045e-391f-4c33-b517-47cad3817de6} {d01a5674-b8b6-4e30-b73a-df1148d06abd} {d4cae1a9-f94c-4db3-9aca-0aec0e43eec6} {d6cc44c6-99c3-4b04-9c2a-68a60b388bd4} BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll {e738240a-18b7-4dc1-80ac-d6a849b20d50} BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {e8274214-1d33-4822-af8d-ab26dacade86} TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\nero\data\xtras\mssysmgr.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe mRun: [smapp] c:\program files\analog devices\soundmax\SMTray.exe mRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exe mRun: [srmclean] c:\cpqs\scom\srmclean.exe mRun: [setRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe mRun: [CPQEASYACC] c:\program files\compaq\easy access button support\StartEAK.exe mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon mRun: [statusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto mRun: [TomcatStartup] c:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe mRun: [HPLJ Config] c:\program files\hewlett-packard\hp laserjet 1150_1300\SetConfig.exe -c Network -p hpLaserJet1300 -pn "hp LaserJet 1300 PCL 6" -n 0 -l 1033 -sl 120000 mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe" mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe mRun: [Motive SmartBridge] c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe" mRun: [<NO NAME>] mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRunOnce: [WIAWizardMenu] RUNDLL32.EXE c:\windows\system32\sti_ci.dll,WiaCreateWizardMenu StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/ DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227667786390 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345076437890 DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcDcToday.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/InstBanr.ocx DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/InstFred.ocx DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.0/jinstall-1_4_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/Autodesk%20Architectural%20Desktop%203/AcPreview.ocx DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928 TCP: DhcpNameServer = TCP: Interfaces\{3D66CC26-F72F-4003-8C85-6C6B671510D0} : DhcpNameServer = SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL Hosts: www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\zcl2djuq.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?complete=1&hl=en FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll . ============= SERVICES / DRIVERS =============== . R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-7-31 238952] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-6-8 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2011-1-11 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-6-15 47640] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-14 399432] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-14 676936] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-7-31 36608] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-14 22856] S1 SABKUTIL;SABKUTIL;\??\c:\program files\superantispyware\sabkutil.sys --> c:\program files\superantispyware\SABKUTIL.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 250568] S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\MfeAVFK.sys [2006-5-15 79304] S3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\MfeBOPK.sys [2006-5-15 35240] S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\MfeRKDK.sys [2008-8-18 33832] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-22 114144] S3 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?] S3 ssecbus;Samsung Mobile Modem Device driver (WDM);c:\windows\system32\drivers\ssecbus.sys [2010-7-31 86528] S3 ssecmdfl;Samsung Mobile Modem Device 2 Filter;c:\windows\system32\drivers\ssecmdfl.sys [2010-7-31 14976] S3 ssecmdm;Samsung Mobile Modem Device 2 Driver;c:\windows\system32\drivers\ssecmdm.sys [2010-7-31 114304] S3 TFilter;TFilter;\??\c:\progra~1\avanqu~1\system~1\tfilter.sys --> c:\progra~1\avanqu~1\system~1\TFilter.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 LMIRfsClientNP;LMIRfsClientNP; [x] . =============== File Associations =============== . .scr=AutoCADScriptFile . =============== Created Last 30 ================ . 2012-09-15 02:54:58 937984 ------w- c:\windows\system32\asrecmms.ocx 2012-09-15 02:54:58 73728 ------w- c:\windows\system32\vbzlib1.dll 2012-09-15 02:54:58 667648 ------w- c:\windows\system32\PictureViewer.ocx 2012-09-15 02:54:58 536576 ------w- c:\windows\system32\amp3dj.ocx 2012-09-15 02:54:58 200704 ------w- c:\windows\system32\threed32.ocx 2012-09-15 02:54:58 143360 ------w- c:\windows\system32\asrecmms.oca 2012-09-15 02:54:58 135168 ------w- c:\windows\system32\id3vx_ocx.dll 2012-09-15 02:54:58 1028096 ------w- c:\windows\system32\NCTAudioInformation2.dll 2012-09-15 02:54:57 145408 ------w- c:\windows\system32\Lame.exe 2012-09-15 02:54:57 1422336 ------w- c:\windows\system32\AdjMmsEng.dll 2012-09-15 02:54:57 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer 2012-09-15 02:49:55 -------- d-----w- c:\program files\Free M4a to MP3 Converter 2012-09-15 02:06:31 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-15 02:06:29 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-15 02:06:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-15 01:59:47 -------- d-----w- c:\documents and settings\user\application data\Malwarebytes 2012-08-28 22:52:17 -------- d-----w- c:\program files\AMR Player . ==================== Find3M ==================== . 2012-09-07 00:43:20 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-07 00:43:19 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-31 23:36:02 900 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05:18 139784 ------w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40:15 1866112 ------w- c:\windows\system32\win32k.sys 2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec 1997-07-22 01:30:54 1045776 --sha-w- c:\windows\system32\Msjet35.dll 1997-06-23 09:00:00 123664 --sha-w- c:\windows\system32\Msjint35.dll 1997-06-23 18:06:50 24848 --sha-w- c:\windows\system32\Msjter35.dll 1997-06-23 18:06:50 252176 --sha-w- c:\windows\system32\Msrd2x35.dll 1997-06-23 18:06:50 287504 --sha-w- c:\windows\system32\Msxbse35.dll . ============= FINISH: 15:17:12.23 =============== protection-log-2012-09-14.txt protection-log-2012-09-15.txt CheckResults.txt Attach.txt
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.