Jump to content

I'm infected what do I do.

MalDJbyte

By MalDJbyte
in Resolved Malware Removal Logs

 Share

Recommended Posts

MalDJbyte

MalDJbyte

Posted
Posted

I think my laptop is infected.

 

I opened chrome to use and saw this search/nu which I know is no good, so I tried to delete it, but its still here. So I installed other software to help check my laptop, and now its all slow.

 

I use ESET as my anitvirus/firewall, and use malwarebytes free and Adaware, as I read the tow compliment each other. Lavasoft gave me the registry cleaner for free.

 

Please help

 

#noviceuser

 

Here's my DDS log

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16736  BrowserJavaVersion: 10.45.2
Run by DJBeats at 21:24:58 on 2013-11-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3835.838 [GMT 0:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Ad-Aware Antivirus *Enabled/Updated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
SP: Ad-Aware Antivirus *Enabled/Updated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Users\DJBeats\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\ProgramData\Search Protection\SearchProtection.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareDesktop.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
uURLSearchHooks: {ba14329e-9550-4989-b3f2-9732e92d17cc} - <orphaned>
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIIKE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-302 303 305 306 Series" /EF "HKCU"
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [uSBProtection] C:\Program Files (x86)\USB Security Protection\USBProtection.exe
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe
StartupFolder: C:\Users\DJBeats\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\DJBeats\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{3691C1A6-E74A-4770-930B-9D5881BC7388} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\2445740274575637470205 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\2445740274575637470205 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\244575966496D277964786D264F4E4 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\244584572633D2151575D4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\35B4952373830344 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\35B4952373830344 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\74275616470265963647F6279616 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\74275616470265963647F6279616 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\7455543545 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{58E8AB4C-4CA9-47D8-9FAD-1BDAA43FDAEB}\7455543545 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5B3E9B0C-B800-42C1-9CE0-A3B1EF9DE679} : DHCPNameServer = 172.31.139.17 172.30.139.17
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - <orphaned>
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - <orphaned>
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - <orphaned>
x64-BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - <orphaned>
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe"
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - <orphaned>
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - <orphaned>
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DJBeats\AppData\Roaming\Mozilla\Firefox\Profiles\36cr59a4.default\
FF - prefs.js: browser.search.selectedEngine - SecureSearch
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\DJBeats\AppData\Roaming\Mozilla\Firefox\Profiles\36cr59a4.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\DJBeats\AppData\Roaming\Mozilla\Firefox\Profiles\36cr59a4.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113959&tt=3112_1
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.id - f68e2f4b000000000000402cf4336f30
FF - user.js: extensions.BabylonToolbar.instlDay - 15552
FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.122:17:06
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - Search
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - true
FF - user.js: extensions.searchya.id - 68B599DF73702F4B
FF - user.js: extensions.searchya.instlDay - 15564
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.022:36:51
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - foxtab
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef - ft-174
FF - user.js: extensions.searchya.dfltLng - 
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
.
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-12-21 57904]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2012-12-7 14456]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-12-21 213416]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-12-21 59440]
R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-10-28 606672]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2012-2-4 194640]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-11 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-10 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-5 365568]
R2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-10-28 2255064]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2010-12-16 249672]
R2 HitachiBackupService;Hitachi Backup Service;C:\Program Files (x86)\Hitachi\Hitachi Backup\HitachiBackupService.exe [2011-5-18 56832]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-11-11 2375168]
R2 LavasoftAdAwareService11;Ad-Aware Service 11;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe [2013-10-18 517344]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-27 701512]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-9-20 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-11-10 115216]
R3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-10-28 170712]
R3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-10-2 166104]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-9-20 39464]
R3 gzflt;gzflt;C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [2013-7-17 138232]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-27 25928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-7-20 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-7-20 181248]
R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-9-15 24176]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-9-20 337512]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-11-10 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 ezSharedSvc;Easybits Services for Windows; [x]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2012-12-28 38096]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-5-15 317808]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-19 19456]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-19 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-26 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
S4 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2012-12-30 135824]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-11-29 20:35:23 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5AA7ABB-E3A4-467A-8732-E5ED85B37C04}\offreg.dll
2013-11-29 19:32:38 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5AA7ABB-E3A4-467A-8732-E5ED85B37C04}\mpengine.dll
2013-11-28 22:38:06 -------- d-----w- C:\Windows\Migration
2013-11-28 22:17:52 -------- d-----w- C:\Program Files\Common Files\Lavasoft
2013-11-28 22:15:11 -------- d-----w- C:\history
2013-11-27 22:16:35 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-27 22:16:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 16:17:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-11-14 15:56:34 -------- d-----w- C:\ProgramData\BitDefender
2013-11-14 15:45:27 -------- d-----w- C:\Program Files\Lavasoft
2013-11-14 15:45:14 -------- d-----w- C:\ProgramData\Search Protection
2013-11-14 15:45:12 -------- d-----w- C:\ProgramData\blekko toolbars
2013-11-14 15:45:10 -------- d-----w- C:\Users\DJBeats\AppData\Local\adawarebp
2013-11-14 15:45:08 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2013-11-14 15:45:01 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2013-11-14 15:44:51 -------- d-----w- C:\Users\DJBeats\AppData\Roaming\SecureSearch
2013-11-14 15:43:47 -------- d-----w- C:\Program Files (x86)\Lavasoft
2013-11-14 15:19:14 -------- d-----w- C:\ProgramData\EpicSec
2013-11-14 15:14:30 -------- d-----w- C:\Users\DJBeats\AppData\Roaming\KSafe
2013-11-14 15:14:30 -------- d-----w- C:\ProgramData\KSafe
2013-11-14 15:14:24 15392 ----a-w- C:\Windows\SysWow64\drivers\epicdev.sys
2013-11-14 15:14:23 -------- d-----w- C:\Program Files (x86)\USB Security Protection
2013-11-14 13:47:34 -------- d-----w- C:\Program Files\Enigma Software Group
2013-11-14 13:46:11 -------- d-----w- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-14 13:46:07 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-11-13 14:54:31 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-11-13 14:53:37 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-11-07 21:50:16 -------- d-----w- C:\Program Files\iPod
2013-11-07 21:50:15 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 21:50:15 -------- d-----w- C:\Program Files\iTunes
2013-11-07 21:50:15 -------- d-----w- C:\Program Files (x86)\iTunes
.
==================== Find3M  ====================
.
2013-11-29 19:46:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 19:46:55 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-11 05:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-28 18:02:18 2255064 ----a-w- C:\Windows\System32\BtwRSupportService.exe
2013-10-28 18:02:16 170712 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-10-25 02:34:18 317808 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-10-12 08:45:20 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-08 06:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-10-02 17:02:16 66264 ----a-w- C:\Windows\System32\btwdi.dll
2013-10-02 17:02:16 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll
2013-10-02 17:02:16 166104 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-11 21:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2013-09-11 21:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2013-09-11 21:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2013-09-11 21:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-09-11 19:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2013-09-11 19:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2013-09-11 19:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
2013-09-11 19:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
.
============= FINISH: 21:30:27.78 ===============
 
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.