Jump to content

Andheesen

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Andheesen
    I'm not comfortable using that tool. I'm going to ask customer service since I'm a paying customer. Thank you for your assistance.
  2. Andheesen
    Completed but the issue is still there.
  3. Andheesen
    I completed all five steps but the problem still exists. Any additional suggestions would be appreciated. Thank you
  4. Andheesen
    DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.13.2 Run by Heesen's Computer at 19:46:25 on 2013-06-03 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3292.1586 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\SLsvc.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Norton Utilities 14\RMTray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Windows\system32\AERTSrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Windows\system32\lxblcoms.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Seagate\SeagateManager\Sync\MaxSync.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Windows\system32\DllHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Heesen's Computer\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wuauclt.exe C:\Users\Heesen's Computer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW01U5KQ\RogueKiller.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.verizon.net/central/vzc.portal?_nfpb=true&_pageLabel=customer uWindow Title = Internet Explorer provided by Dell BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\19.9.1.14\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [NortonUtilities] c:\program files\norton utilities 14\RMTray.exe /H uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jaureg.exe" -u auto-update mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\heesen's computer\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: teleflex.com DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://usbportal.usbank.com/,DSID=3b88aac5d73b5f7493620b8a20dd4727,DanaInfo=ccem515.us.bank-dns.com,ST=1+/dwa8W.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{366684F8-A93A-485E-A6F7-D334DCF28FC6} : DHCPNameServer = 192.168.1.1 71.242.0.12 Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll Notify: igfxcui - igfxdev.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.94\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309010.00e\symds.sys [2013-2-5 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309010.00e\symefa.sys [2013-2-5 924320] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20130515.001\BHDrvx86.sys [2013-5-20 1000024] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309010.00e\ccsetx86.sys [2013-2-5 132768] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20130531.001\IDSvix86.sys [2013-6-3 386720] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309010.00e\ironx86.sys [2013-2-5 149624] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1309010.00e\symtdiv.sys [2013-2-5 345208] R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2009-5-12 73728] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648] R2 CinemaNow Service;CinemaNow Service;c:\program files\cinemanow\cinemanow media manager\CinemaNowSvc.exe [2009-1-15 125304] R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736] R2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe -service --> c:\windows\system32\lxblcoms.exe -service [?] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-3 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-3 701512] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272] R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2009-5-11 27648] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-5-12 112128] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-3 22856] S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-03 21:29:48 -------- d-----w- c:\windows\ERUNT 2013-06-03 21:29:16 -------- d-----w- C:\JRT 2013-06-03 18:09:12 -------- d-----w- c:\users\heesen's computer\appdata\roaming\Malwarebytes 2013-06-03 17:59:57 -------- d-----w- c:\programdata\Malwarebytes 2013-06-03 17:59:53 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-03 17:59:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2013-06-03 14:55:59 -------- d-----w- c:\program files\iPod 2013-06-03 14:55:57 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-05-22 13:54:18 -------- d-----w- c:\programdata\PC-Doctor for Windows 2013-05-22 13:53:14 -------- d-----w- c:\program files\My Dell 2013-05-16 12:51:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-16 12:34:25 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-05-16 12:34:25 37376 ----a-w- c:\windows\system32\cdd.dll 2013-05-16 12:33:44 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-05-08 07:12:56 106088 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2013-05-15 03:33:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-15 03:33:53 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-01 07:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2013-05-01 07:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe 2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll 2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll . ============= FINISH: 19:47:04.43 ===============
  5. Andheesen
    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Heesen's Computer [Admin rights] Mode : Scan -- Date : 06/03/2013 18:32:55 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 10 ¤¤¤ [TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND [TASK][ROGUE ST] 4796 : wscript.exe C:\Users\Heesen's Computer\AppData\Local\Temp\launchie.vbs //B -> FOUND [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[13] : NtAlertResumeThread @ 0x822E37B3 -> HOOKED (Unknown @ 0x8754F1D0) SSDT[14] : NtAlertThread @ 0x8225C357 -> HOOKED (Unknown @ 0x8754F2B0) SSDT[18] : NtAllocateVirtualMemory @ 0x822986AD -> HOOKED (Unknown @ 0x8754FC08) SSDT[21] : NtAlpcConnectPort @ 0x8223A8A1 -> HOOKED (Unknown @ 0x866714E0) SSDT[42] : NtAssignProcessToJobObject @ 0x8220DB32 -> HOOKED (Unknown @ 0x876D4890) SSDT[67] : NtCreateMutant @ 0x822709A3 -> HOOKED (Unknown @ 0x876D4E38) SSDT[77] : NtCreateSymbolicLinkObject @ 0x82210349 -> HOOKED (Unknown @ 0x876D45B0) SSDT[78] : NtCreateThread @ 0x822E1DC8 -> HOOKED (Unknown @ 0x878F0840) SSDT[116] : NtDebugActiveProcess @ 0x822B4F04 -> HOOKED (Unknown @ 0x876D4970) SSDT[129] : NtDuplicateObject @ 0x82248581 -> HOOKED (Unknown @ 0x8754FD98) SSDT[147] : NtFreeVirtualMemory @ 0x820D4F6D -> HOOKED (Unknown @ 0x8754F9E0) SSDT[156] : NtImpersonateAnonymousToken @ 0x8220AF3F -> HOOKED (Unknown @ 0x876D4F28) SSDT[158] : NtImpersonateThread @ 0x82220584 -> HOOKED (Unknown @ 0x8754F0F0) SSDT[165] : NtLoadDriver @ 0x821BBE12 -> HOOKED (Unknown @ 0x86F75158) SSDT[177] : NtMapViewOfSection @ 0x8226099C -> HOOKED (Unknown @ 0x8754F8E0) SSDT[184] : NtOpenEvent @ 0x82249DFF -> HOOKED (Unknown @ 0x876D4D58) SSDT[194] : NtOpenProcess @ 0x8227113F -> HOOKED (Unknown @ 0x8754FF38) SSDT[195] : NtOpenProcessToken @ 0x82251A60 -> HOOKED (Unknown @ 0x8754FCD8) SSDT[197] : NtOpenSection @ 0x82261794 -> HOOKED (Unknown @ 0x876D4B98) SSDT[201] : NtOpenThread @ 0x8226C63B -> HOOKED (Unknown @ 0x8754FE68) SSDT[210] : NtProtectVirtualMemory @ 0x8226A3F2 -> HOOKED (Unknown @ 0x876D47A0) SSDT[282] : NtResumeThread @ 0x8226BC5A -> HOOKED (Unknown @ 0x8754F390) SSDT[289] : NtSetContextThread @ 0x822E325F -> HOOKED (Unknown @ 0x8754F630) SSDT[305] : NtSetInformationProcess @ 0x822649EE -> HOOKED (Unknown @ 0x8754F710) SSDT[317] : NtSetSystemInformation @ 0x82236F18 -> HOOKED (Unknown @ 0x876D4A50) SSDT[330] : NtSuspendProcess @ 0x822E36EF -> HOOKED (Unknown @ 0x876D4C78) SSDT[331] : NtSuspendThread @ 0x821EA945 -> HOOKED (Unknown @ 0x8754F470) SSDT[334] : NtTerminateProcess @ 0x82241173 -> HOOKED (Unknown @ 0x878F0920) SSDT[335] : NtTerminateThread @ 0x8226C670 -> HOOKED (Unknown @ 0x8754F550) SSDT[348] : NtUnmapViewOfSection @ 0x82260C5F -> HOOKED (Unknown @ 0x8754F800) SSDT[358] : NtWriteVirtualMemory @ 0x8225DA2F -> HOOKED (Unknown @ 0x8754FAD0) SSDT[382] : NtCreateThreadEx @ 0x8226C125 -> HOOKED (Unknown @ 0x876D46A0) S_SSDT[317] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x87C60C50) S_SSDT[397] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x87BC9C58) S_SSDT[428] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x87C5FE00) S_SSDT[430] : NtUserGetKeyState -> HOOKED (Unknown @ 0x87BFCAB0) S_SSDT[442] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x87C5B7C8) S_SSDT[479] : NtUserMessageCall -> HOOKED (Unknown @ 0x87B26D00) S_SSDT[497] : NtUserPostMessage -> HOOKED (Unknown @ 0x87B62AF0) S_SSDT[498] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x87BF8600) S_SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x87BC7220) S_SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x87C7BDE8) ¤¤¤ Extern Hives: ¤¤¤ -> D:\windows\system32\config\SOFTWARE -> D:\windows\system32\config\SYSTEM -> D:\Users\Default\NTUSER.DAT ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3500620AS ATA Device +++++ --- User --- [MBR] ca6002ba82b20997bc29482bcf82d541 [bSP] bdf99326810b3ea5b3c85f61013cb3ba : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 112640 | Size: 15360 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31569920 | Size: 461524 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 9b3f6d8ddb678ba37cc78adf1474c8ef [bSP] a0f6aeb9f8234c1b802849bc35b47691 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 112640 | Size: 15360 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31569920 | Size: 461524 Mo +++++ PhysicalDrive1: Seagate FreeAgent USB Device +++++ --- User --- [MBR] e02f7e4b6c3df38515e676a217e2986a [bSP] 35f96d7df730eef269b2e15a73e04a48 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_06032013_02d1832.txt >> RKreport[1]_S_06032013_02d1832.txt
  6. Andheesen
    # AdwCleaner v2.301 - Logfile created 06/03/2013 at 18:16:47 # Updated 16/05/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (32 bits) # User : Heesen's Computer - HEESENSCOMPU-PC # Boot Mode : Normal # Running from : C:\Users\Heesen's Computer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2ZGWT8SG\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720 Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16483 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\Heesen's Computer\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean.
  7. Andheesen
    Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.03.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Heesen's Computer :: HEESENSCOMPU-PC [administrator] Protection: Enabled 6/3/2013 5:40:35 PM mbam-log-2013-06-03 (17-40-35).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 249445 Time elapsed: 9 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Heesen's Computer\AppData\Local\Temp\AA46.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully. (end)
  8. Andheesen
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows Vista Home Premium x86 Ran by Heesen's Computer on Mon 06/03/2013 at 17:29:53.30 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{76E6421C-D46D-4069-B6B5-F5C95EA77942} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{D40EB38D-982D-458B-8CD2-CCFFCC8D3DC5} Successfully deleted: [Registry Key] "hkey_current_user\software\apn" Successfully deleted: [Registry Key] "hkey_local_machine\software\apn" Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0cfe535c35f99574e8340bfa75bf92c2" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\120dfadeb50841f408f04d2a278f9509" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf" Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e" ~~~ Files Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\ProgramData\ask" Successfully deleted: [Folder] "C:\Users\Heesen's Computer\appdata\locallow\asktoolbar" Successfully deleted: [Folder] "C:\Program Files\ask.com" ~~~ Chrome Successfully deleted: [Folder] C:\Users\Heesen's Computer\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 06/03/2013 at 17:37:50.26 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. Andheesen
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 5/11/2009 7:12:43 PM System Uptime: 6/3/2013 1:35:12 PM (1 hours ago) . Motherboard: Dell Inc. | | 0M017G Processor: Pentium® Dual-Core CPU E5200 @ 2.50GHz | CPU 1 | 2500/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 175.837 GiB free. D: is FIXED (NTFS) - 15 GiB total, 8.239 GiB free. E: is CDROM (CDFS) F: is FIXED (NTFS) - 466 GiB total, 121.951 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 123 Movies2IPOD 2008 123 Movies2iPod uninstall Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.5 Age of Mythology Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Print Creations ArcSoft Print Creations - Album Page ArcSoft Print Creations - Funhouse ArcSoft Print Creations - Greeting Card ArcSoft Print Creations - Photo Book ArcSoft Print Creations - Photo Calendar ArcSoft Print Creations - Scrapbook ArcSoft Print Creations - Slimline Card Ask Toolbar Ask Toolbar Updater AviSynth 2.5 Big Fish Games: Game Manager Bing Bar Bonjour CCScore Choice Guard CinemaNow Media Manager Click'N Design 3D (V5) Dell-eBay Dell Dock Dell Edoc Viewer Dell Getting Started Guide Dell Video Chat DELL0703 Dropbox ESSBrwr ESSCDBK ESScore ESSgui ESSini ESSPCD ESSPDock ESSTOOLS essvatgt Evernote v. 4.5 Farm Mania Flash Player Pro V5.4 Google Chrome Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 GoToMeeting 5.1.0.880 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) iCloud Inbox Toolbar Intel® Graphics Media Accelerator Driver iPhone Configuration Utility iTunes Java 7 Update 13 Java Auto Updater Java 6 Update 35 Junk Mail filter update Kodak EasyShare software Lexmark Z700-P700 Series Malwarebytes Anti-Malware version 1.75.0.1300 Medieval II Total War Medieval II Total War : Kingdoms : Americas Medieval II Total War : Kingdoms : Britannia Medieval II Total War : Kingdoms : Crusades Medieval II Total War : Kingdoms : Teutonic Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Age of Empires II Microsoft Age of Empires II: The Conquerors Expansion Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Meeting 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual J# .NET Redistributable Package 1.1 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML4 Parser My Dell netbrdg Norton Internet Security Norton Utilities OfotoXMI OGA Notifier 2.0.0048.0 Pando Media Booster Plants vs. Zombies Play Pickle PowerDVD QuickTime Realtek Ethernet Network Card Diagnostic tool for Windows Vista Realtek High Definition Audio Driver Roxio Burn Manager Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Express Labeler 3 Roxio Update Manager Roxio Venue Safari Seagate Manager Installer Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SFR SHASTA skin0001 SKINXSDK Spelling Dictionaries Support For Adobe Reader 9 Star Wars Empire at War Star Wars Empire at War Forces of Corruption staticcr The Lord of the Rings - Conquest™ The Sims Deluxe Edition The Sims™ 2 Deluxe The Sims™ 2 Teen Style Stuff The Sims™ 2 University Life Collection tooltips Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Installer for WildTangent Games App VoiceOver Kit VPRINTOL Wajam WildTangent Games WildTangent Games App (Dell Games) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Player Firefox Plugin WIRELESS Wizard101 Yontoo 1.12.02 Zoo Tycoon: Complete Collection . ==== End Of File ===========================
  10. Andheesen
    DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.13.2 Run by Heesen's Computer at 14:55:25 on 2013-06-03 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3292.1412 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\SLsvc.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe C:\Program Files\Play Pickle\playpickle32.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Users\Heesen's Computer\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Windows\system32\AERTSrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Windows\system32\lxblcoms.exe C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files\Wajam\Updater\WajamUpdater.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files\Seagate\SeagateManager\Sync\MaxSync.exe C:\Windows\system32\taskeng.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.DotMacSync.client.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.verizon.net/central/vzc.portal?_nfpb=true&_pageLabel=customer uWindow Title = Internet Explorer provided by Dell uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Play Pickle Text: {02F0243C-2E71-4a1a-A790-6C30888119D0} - c:\program files\play pickle\pptl.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\19.9.1.14\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Play Pickle: {AEB04B5E-C981-47a9-B847-33EE4C92F6B9} - c:\program files\play pickle\playpicklelib32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - c:\program files\inbox toolbar\Inbox.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - c:\program files\inbox toolbar\Inbox.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - c:\program files\inbox toolbar\Inbox.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [NortonUtilities] c:\program files\norton utilities 14\RMTray.exe /H uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [Play Pickle] c:\program files\play pickle\playpickle32.exe a mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [inboxToolbar] "c:\program files\inbox toolbar\Inbox.exe" /STARTUP mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jaureg.exe" -u auto-update mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\heesen's computer\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe StartupFolder: c:\users\heesen~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204 IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204 Trusted Zone: teleflex.com DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://usbportal.usbank.com/,DSID=3b88aac5d73b5f7493620b8a20dd4727,DanaInfo=ccem515.us.bank-dns.com,ST=1+/dwa8W.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{366684F8-A93A-485E-A6F7-D334DCF28FC6} : DHCPNameServer = 192.168.1.1 71.242.0.12 Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\program files\inbox toolbar\Inbox.dll Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll Notify: igfxcui - igfxdev.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.94\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309010.00e\symds.sys [2013-2-5 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309010.00e\symefa.sys [2013-2-5 924320] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20130515.001\BHDrvx86.sys [2013-5-20 1000024] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309010.00e\ccsetx86.sys [2013-2-5 132768] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20130531.001\IDSvix86.sys [2013-6-3 386720] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309010.00e\ironx86.sys [2013-2-5 149624] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1309010.00e\symtdiv.sys [2013-2-5 345208] R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2009-5-12 73728] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648] R2 CinemaNow Service;CinemaNow Service;c:\program files\cinemanow\cinemanow media manager\CinemaNowSvc.exe [2009-1-15 125304] R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736] R2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe -service --> c:\windows\system32\lxblcoms.exe -service [?] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-3 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-3 701512] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272] R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2009-5-11 27648] R2 WajamUpdater;WajamUpdater;c:\program files\wajam\updater\WajamUpdater.exe [2012-10-5 109064] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-5-12 112128] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-3 22856] S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-03 18:09:12 -------- d-----w- c:\users\heesen's computer\appdata\roaming\Malwarebytes 2013-06-03 17:59:57 -------- d-----w- c:\programdata\Malwarebytes 2013-06-03 17:59:53 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-03 17:59:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2013-06-03 15:03:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2013-06-03 14:55:59 -------- d-----w- c:\program files\iPod 2013-06-03 14:55:57 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-05-22 13:54:18 -------- d-----w- c:\programdata\PC-Doctor for Windows 2013-05-22 13:53:14 -------- d-----w- c:\program files\My Dell 2013-05-16 12:51:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-16 12:34:25 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-05-16 12:34:25 37376 ----a-w- c:\windows\system32\cdd.dll 2013-05-16 12:33:44 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-05-08 07:12:56 106088 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2013-05-15 03:33:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-15 03:33:53 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-01 07:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2013-05-01 07:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-03-11 13:25:50 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-11 13:25:50 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-09 03:45:04 49152 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-09 01:28:08 64000 ----a-w- c:\windows\system32\smss.exe 2013-03-08 03:53:50 376320 ----a-w- c:\windows\system32\winsrv.dll 2013-03-08 03:52:22 2067968 ----a-w- c:\windows\system32\mstscax.dll . ============= FINISH: 14:56:35.78 ===============
  11. Andheesen
    I am having continual pop-ups of this notice after dowloading, purchasing, and scanning anti-Malware. My DDS.txt and Attach.text will follow.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.