Jump to content

dogrunner

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. dogrunner
    mbd, I am curious to see if we have the same browser hijack. Is yours the nginx, blekko, hijack? I have this problem and keep getting redirected.
  2. dogrunner
    . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 7/9/2010 10:43:42 PM System Uptime: 7/23/2012 3:16:04 AM (8 hours ago) . Motherboard: Acer | | Aspire 5740 Processor: Intel® Core i3 CPU M 330 @ 2.13GHz | CPU 1 | 2133/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 49.376 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP246: 6/30/2012 10:47:26 PM - Windows Update RP247: 7/3/2012 12:02:37 PM - Installed Java 7 Update 5 RP248: 7/3/2012 12:04:22 PM - Installed JavaFX 2.1.1 RP249: 7/5/2012 8:38:58 PM - Windows Update RP250: 7/11/2012 4:23:56 AM - Windows Update RP251: 7/14/2012 3:00:37 AM - Windows Update RP252: 7/17/2012 9:53:38 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acer Assist Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer GridVista Acer Registration Acer ScreenSaver Acer Updater Acoustica Effects Pack Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1 MUI AIM 7 Alcor Micro USB Card Reader Anti-phishing Domain Advisor Apple Application Support Apple Software Update Audible Download Manager avast! Free Antivirus Backup Manager Basic BitTorrent BlackBerry Desktop Software 6.0.1 blekko search bar CCleaner Compatibility Pack for the 2007 Office system DAEMON Tools Lite DivX Setup Download Updater (AOL LLC) Dropbox eSobi v2 F.lux Feedback Tool FLV Player 2.0 (build 25) Full Tilt Poker Google Chrome Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Identity Card Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Java Auto Updater Java 7 Update 5 Junk Mail filter update K-Lite Codec Pack 4.8.0 (Standard) Launch Manager Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MVS-Player Toolbar MVS Player MyWinLocker Norton Online Backup NTI Backup Now 5 NTI Backup Now Standard PokerStars Portal Portal: First Slice Realtek High Definition Audio Driver REAPER Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Spybot - Search & Destroy Steam The KMPlayer (remove only) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition VC80CRTRedist - 8.0.50727.4053 Welcome Center Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer WinRAR archiver YouTube Downloader 3.5 YouTube Downloader Toolbar v6.0 . ==== Event Viewer Messages From Past Week ======== . 7/23/2012 11:11:10 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Aaron-PC\Aaron SID (S-1-5-21-4206676-2437987100-3157373198-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 7/17/2012 1:27:29 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.12 with the system having network hardware address 00-25-B3-E9-7B-DF. Network operations on this system may be disrupted as a result. . ==== End Of File =========================== There it is in text form. The text on top says to add it to a .zipfile and attach it. Is that neccesary?
  3. dogrunner
    Hey how is it going? I've had this blekko, nginex browser redirect that has been infecting my laptop for about a month now. I'm almost certain I got it from a cnet download. If you could help remove it, I'd greatly appreciate it. DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 10.5.0 Run by Aaron at 8:36:50 on 2012-07-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3764.1272 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Prey\platform\windows\cronsvc.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\PLFSetI.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Users\Aaron\Local Settings\Apps\F.lux\flux.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\WUDFHost.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aaron\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\notepad.exe C:\Windows\system32\wbem\WmiApSrv.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=1078C5290D31C0D0A023A94FEA7F6708&tbp=homepage uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273607105106l03f8z1h5t58m1d51o mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273607105106l03f8z1h5t58m1d51o mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273607105106l03f8z1h5t58m1d51o uInternet Settings,ProxyOverride = *.local uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll uURLSearchHooks: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll mURLSearchHooks: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll uRun: [Google Update] "C:\Users\Aaron\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [F.lux] "C:\Users\Aaron\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun: [<NO NAME>] mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk.disabled StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk.disabled mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79} : DhcpNameServer = 4.2.2.1 4.2.2.2 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212} : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\14E64627F696461405 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\6325258343 : DhcpNameServer = 192.168.1.1 68.237.161.12 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\6716E656373716 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\841627C656D6132383D27657563747 : DhcpNameServer = 192.168.0.1 192.168.33.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\841627C656D6132383F5548545 : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\84F6C697D41636D27657563747 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{FE8B705C-310C-4310-9C59-534B63D99212}\C696E6B6379737 : DhcpNameServer = 10.21.240.252 10.14.115.85 10.24.115.186 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO-X64: blekko search bar - No File BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: MVS-Player Toolbar: {ab420b03-23d5-4470-9528-daea1bf952f8} - C:\Program Files (x86)\MVS-Player\tbMVS-.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun-x64: [(Default)] mRun-x64: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\afr68lai.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Aaron\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(extentions.y2layers.installId, a7c9b189-9120-4438-9f81-ed0e4663e065 FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock, FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: security.csp.enable - false . ============= SERVICES / DRIVERS =============== . R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-6-27 791488] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-9 40384] R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2010-9-29 18432] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-12-7 844320] R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496] R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-11 305448] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-4 2320920] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 240160] R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-9 40384] R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-7-9 40384] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-16 135664] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-16 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-3 113120] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-07-20 07:25:50 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CB8A312D-18C5-4D37-9EDB-D6FAF89FDD44}\mpengine.dll 2012-07-14 07:09:45 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 08:29:50 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 08:29:49 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 08:29:48 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 08:29:48 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 08:29:48 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 08:29:47 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 08:29:47 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 08:29:47 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 08:29:47 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 08:29:46 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 08:29:46 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 08:29:46 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 08:29:45 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-03 16:03:59 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-07-03 16:03:57 772592 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-03 15:25:52 -------- d-----w- C:\Users\Aaron\AppData\Local\Macromedia 2012-07-03 15:10:55 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-03 15:10:55 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 13:41:59 -------- d-----w- C:\Program Files (x86)\YouTube Downloader Toolbar 2012-07-03 13:41:59 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot 2012-07-03 13:41:59 -------- d-----w- C:\Program Files (x86)\Application Updater 2012-06-27 04:52:09 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2012-06-27 04:51:30 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2012-06-27 03:37:05 -------- d-----w- C:\Users\Aaron\AppData\Roaming\DAEMON Tools Lite 2012-06-27 03:35:43 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-06-27 03:35:14 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-27 03:34:55 -------- d-----w- C:\Program Files (x86)\blekkotb_031 2012-06-27 03:34:52 -------- d-----w- C:\Users\Aaron\AppData\Local\blekkotb_031 2012-06-27 03:34:52 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-06-27 03:34:50 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor 2012-06-27 03:34:48 -------- d-----w- C:\ProgramData\Tarma Installer 2012-06-26 19:01:12 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-26 19:00:41 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-26 19:00:23 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-26 19:00:23 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-26 04:03:46 -------- d-----w- C:\Program Files (x86)\Portal 2012-06-26 03:53:10 -------- d-----w- C:\Users\Aaron\Portal 2012-06-25 23:34:23 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-06-25 23:34:17 -------- d-----w- C:\Program Files (x86)\Steam 2012-06-23 18:07:48 -------- d-----w- C:\Users\Aaron\Olivia Prom-grad . ==================== Find3M ==================== . 2012-07-23 12:29:06 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe . ============= FINISH: 8:39:51.03 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.