SpyWare BeWare! ASAP
December 17, 2014, 09:24:23 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
   Home   Help Search Calendar Donations Login Register Chat  

Google It!
Pages: 1 ... 8 9 [10]
 on: December 05, 2013, 08:30:54 PM 
Started by hayc59 - Last post by hayc59
Webroot SecureAnywhere 2014 v8.0.4.42 Released
December 4th 2013

Whats New
• Updating the language file.
• Password management support in Internet Explorer 11.
• Executing new agent commands sent from Management Console.
• CPU usage is reduced during scans.
• Registry reading performance when under high contention.
• Detection of script viruses.
Speed of uninstallation.
• Automatic cleanup of old rollback data.
• Days remaining under My Account are hidden when the keycode is hidden.
Download: SecureAnywhere 
Changelog: Webroot SecureAnywhere® 8.0

 on: December 02, 2013, 09:31:44 PM 
Started by hayc59 - Last post by hayc59
WinPatrol v29.1 Released
Date: December 02 2013

Artificial Intelligence Security
This new feature will increase WinPatrol's value exponentially over time. It will also be accessible for our future apps like Task Catcher "Extreme" and other partners interested in licensing the technology. Unlike the Optional sharing of choices used on our Community Info pages, all A.I. Security data is kept private on your machine.

Testing of Task Catcher Extreme is restricted to current Task Catcher customers and/or BillP Studio Associates who agree to a strict NDA. Still in development our WinPatrol-Powered A.I.S.provides the 3rd generation of unique ideas created by BillP Studios to detect and stop dangerous new threats without crippling your computer.
We believe a passive approach can still be used to detect and shut down instant attacks like Cryptolocker. We're seeing a trend in threats that remain in memory instead of becoming resident in the Windows registry or hard drive. These attacks will not be detected by most traditional Anti-Virus programs.

Improvements and Bug Reports
• Semi-Transparent Alert messages on Windows 8 make Scotty less intrusive.
• Manifest file updated to support presistant WinPatrol window size and positions when using alternate DPI settings.
• Improvements to our Active Task List and more success Killing of active tasks using multi-selection standards.
• Introduction of new triggers to increase performance by reducing redundant monitoring(PLUS Only)
• Improved performance of change detection on our free version.
• Improved screen UI and description when a change is detected for the Windows Update settings.
• ( Did you know WinPatrol monitored changes to the Windows Update? )
• The default setting for File Explorer integration is now disabled. It's been pointed out that a large number of programs
taking advantage of the right-click context menu wthout asking.
• We also don't want to seem like we're nagging users to upgrade to WinPatrol PLUS.

More Info l Download: WinPatrol 2013

 on: November 30, 2013, 08:55:51 AM 
Started by safeman - Last post by MrCharlie
Good.....you had a lot of adware/spyware on the system. I can't tell exactly what caused it.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum,  MrC

 on: November 30, 2013, 12:26:56 AM 
Started by safeman - Last post by safeman
Thanks so much Mr Charlie. I have not seen the Jolly Wallet banner again nor the other pop up page.

You have an idea what it was?

- Here are the logs you wanted:

# AdwCleaner v3.013 - Report created 29/11/2013 at 22:51:40
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WarrenM - CPLPPRO
# Running from : C:\Users\WarrenM\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DriverCure
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\FreeHDSport.TV
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Users\WarrenM\AppData\Local\eSupport.com
Folder Deleted : C:\Users\WarrenM\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\WarrenM\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\WarrenM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
File Deleted : C:\Users\WarrenM\AppData\Roaming\Mozilla\Firefox\Profiles\2ny4sn4x.default-1377007780438\Extensions\fhdp3@freehdsp.tv.xpi
File Deleted : C:\Users\WarrenM\AppData\Roaming\Mozilla\Firefox\Profiles\2ny4sn4x.default-1377007780438\Extensions\gophoto@gophoto.it.xpi
File Deleted : C:\END
File Deleted : C:\Users\WarrenM\AppData\Roaming\Mozilla\Firefox\Profiles\2ny4sn4x.default-1377007780438\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASUS_ScreenSaver_GSeries
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\WarrenM\AppData\Roaming\Mozilla\Firefox\Profiles\2ny4sn4x.default-1377007780438\prefs.js ]


AdwCleaner[R0].txt - [3673 octets] - [29/11/2013 22:46:07]
AdwCleaner[S0].txt - [3342 octets] - [29/11/2013 22:51:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3402 octets] ##########

Malwarebytes Anti-Malware (Trial)

Database version: v2013.11.30.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
WarrenM :: CPLPPRO [administrator]

Protection: Enabled

11/29/2013 11:03:13 PM
mbam-log-2013-11-29 (23-03-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244728
Time elapsed: 9 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Users\WarrenM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ATDheNetTVApp.com (PUP.Optional.ATDheNetTVAp.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 15
C:\Users\WarrenM\AppData\Local\Temp\9m1acBsN.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\mA9VWglA.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\puTpOLQ_.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\QlmZZOEE.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\tB1nBRFP.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\Vi7qHHRg.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\WC0kQ1BU.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\Y_RxQVyy.exe.part (PUP.Optional.Coolmirage) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ATDheNetTVApp.com\ATDheNetTVApp.lnk (PUP.Optional.ATDheNetTVAp.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ATDheNetTVApp.com\Uninstall.lnk (PUP.Optional.ATDheNetTVAp.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\WarrenM\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.


 on: November 29, 2013, 09:26:06 PM 
Started by safeman - Last post by MrCharlie
Welcome to the forum and sorry for the delay.

Please download and install Malwarebytes: (don't run it yet)



Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder:  C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

 on: November 29, 2013, 12:56:08 AM 
Started by safeman - Last post by safeman
Hi - A few days ago I started noticing a "jollywallet" banner across the top of several pages. Even on Ancestry.com! I use "AdBlock Plus" so was annoyed I was getting a banner message.

Today I have noticed that when I click in a field to type in information the following page pops up. Not sure what the content is because AdBlock Plus is turned on. That is when I decided enough is enough and turned to the only site I can trust to fix this!


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by WarrenM at 23:38:19 on 2013-11-28
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6077.3048 [GMT -6:00]
AV: Panda Cloud Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
SP: Panda Cloud Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Cloud Antivirus Firewall *Enabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbed.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Quicken\bagent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
============== Pseudo HJT Report ===============
uStart Page = about:blank
uDefault_Page_URL = hxxp://asus.msn.com
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [QuickenScheduledUpdates] C:\Program Files (x86)\Quicken\bagent.exe
uRun: [Akamai NetSession Interface] "C:\Users\WarrenM\AppData\Local\Akamai\netsession_win.exe"
uRun: [CrossLoop] "C:\Users\WarrenM\AppData\Local\CrossLoop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server  -minimize
uRun: [AdobeBridge] <no file>
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Norton Ghost 15.0] "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [ppbeuser] C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\WarrenM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\WarrenM\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHOTOF~1.LNK - C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer =
TCP: Interfaces\{725CF21A-3458-465A-A3B5-E58855579931}\4416679616E63702821392 : DHCPNameServer =
TCP: Interfaces\{725CF21A-3458-465A-A3B5-E58855579931}\4656661657C647 : DHCPNameServer =
TCP: Interfaces\{725CF21A-3458-465A-A3B5-E58855579931}\E4544574541425 : DHCPNameServer =
TCP: Interfaces\{760B3476-9C57-4B12-B6BC-34168CBC60B2} : DHCPNameServer =
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
================= FIREFOX ===================
FF - ProfilePath - C:\Users\WarrenM\AppData\Roaming\Mozilla\Firefox\Profiles\2ny4sn4x.default-1377007780438\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Earth Resource Mapping\Image Web Server\Firefox Plug-in\NP_NCS6.dll
FF - plugin: C:\Program Files (x86)\Earth Resource Mapping\Image Web Server\Firefox Plug-in\NP_NCSPB6.dll
FF - plugin: C:\Program Files (x86)\Earth Resource Mapping\Image Web Server\Firefox Plug-in\NP_NCSTB6.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\WarrenM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\WarrenM\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files\HWiNFO64\HWiNFO64A.SYS [2012-6-6 30592]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2013-5-28 91368]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2013-5-28 122088]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2013-5-28 109288]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2013-5-28 114920]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\Windows\System32\drivers\NNSNAHSL.sys [2013-5-7 36584]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2013-5-28 95464]
R1 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2013-5-28 69864]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2013-5-28 119016]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2013-5-28 305896]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2013-5-28 118504]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2013-5-28 114920]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2013-5-28 246504]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2013-5-28 106216]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2013-10-11 206056]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2010-4-7 14904]
R2 CrossLoopService;CrossLoop Service;C:\Users\WarrenM\AppData\Local\CrossLoop\CrossLoopService.exe [2012-8-28 569072]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 NanoServiceMain;Panda Cloud Antivirus Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-10-3 140768]
R2 ppbed;PowerPanel Business Edition Service;C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbed.exe [2013-2-18 184320]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2013-10-17 169192]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2013-10-11 122600]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2013-10-11 124648]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2013-10-11 137960]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-10-18 37344]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2010-4-7 60416]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2010-4-7 55808]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-20 378472]
R2 ubsbm;Unibrain 1394 SBM Driver;C:\Windows\System32\drivers\UBSBM.sys [2011-9-13 24064]
R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\Windows\System32\drivers\UBUMAPI.sys [2011-9-13 92160]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-7 2533400]
R3 GenericMount;Generic Mount Driver;C:\Windows\System32\drivers\GenericMount.sys [2009-9-21 66608]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-7 56344]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-28 58368]
R3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-11-5 58808]
R3 SymSnapService;SymSnapService;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2010-2-11 2963960]
R3 ubohci;Unibrain 1394 OHCI Driver;C:\Windows\System32\drivers\ubohci.sys [2011-9-13 132608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-4-7 35104]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-4-7 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-4-7 79360]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-24 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GenericMount Helper Service;GenericMount Helper Service;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2010-2-12 2227216]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-12 111616]
S3 PSINReg;PSINReg;C:\Windows\System32\drivers\PSINReg.sys [2013-10-11 105704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-30 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;C:\Windows\System32\dllhost.exe [2009-7-13 9728]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-30 57856]
S3 tvnserver;TightVNC Server;C:\Users\WarrenM\AppData\Local\CrossLoop\tvnserver.exe [2012-8-28 814080]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 UsbGps;LGE CDMA USB GPS NMEA Port;C:\Windows\System32\drivers\lgx64gps.sys [2010-10-17 27136]
S3 usbrndis6;USB RNDIS6 Adapter;C:\Windows\System32\drivers\usb80236.sys [2013-3-25 19968]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-4 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-4-7 359552]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
=============== File Associations ===============
FileExt: .reg: Applications\wordpad.exe="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
ShellExec: FrameMaker10.exe: Edit="C:\Program Files (x86)\Adobe\AdobeFrameMaker10\FrameMaker.exe" -ie "%1"
=============== Created Last 30 ================
2013-11-26 12:41:32   10285968   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AC8CA3A-7939-4DDB-A74C-F4EBDB9AA2A6}\mpengine.dll
2013-11-26 04:39:48   --------   d-----w-   C:\Program Files (x86)\TurboTax
2013-11-25 22:27:11   --------   d-----w-   C:\Users\WarrenM\AppData\Local\Movavi
2013-11-25 22:23:46   --------   d-----w-   C:\Program Files (x86)\Movavi Screen Capture Studio 4
2013-11-13 04:43:50   1474048   ----a-w-   C:\Windows\System32\crypt32.dll
2013-11-08 05:03:07   --------   d-----w-   C:\Program Files\iPod
2013-11-08 05:03:04   --------   d-----w-   C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 05:03:04   --------   d-----w-   C:\Program Files\iTunes
2013-11-05 17:40:39   58808   ----a-w-   C:\Windows\System32\drivers\PSKMAD.sys
2013-10-31 00:57:48   --------   d-----w-   C:\Users\WarrenM\AppData\Roaming\chc
==================== Find3M  ====================
2013-11-23 15:30:02   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-23 15:30:02   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-13 15:19:24   45056   ----a-w-   C:\Windows\System32\acovcnt.exe
2013-11-11 11:50:16   267936   ------w-   C:\Windows\System32\MpSigStub.exe
2013-10-17 19:31:26   169192   ----a-w-   C:\Windows\System32\drivers\PSINAflt.sys
2013-10-15 20:26:36   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-12 02:30:42   830464   ----a-w-   C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21   859648   ----a-w-   C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08   324096   ----a-w-   C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08   656896   ----a-w-   C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25   216576   ----a-w-   C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-11 09:46:22   137960   ----a-w-   C:\Windows\System32\drivers\PSINProt.sys
2013-10-11 09:46:22   124648   ----a-w-   C:\Windows\System32\drivers\PSINProc.sys
2013-10-11 09:46:22   105704   ----a-w-   C:\Windows\System32\drivers\PSINReg.sys
2013-10-11 09:46:21   206056   ----a-w-   C:\Windows\System32\drivers\PSINKNC.sys
2013-10-11 09:46:21   122600   ----a-w-   C:\Windows\System32\drivers\PSINFile.sys
2013-10-05 19:57:25   1168384   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31   190464   ----a-w-   C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17   197120   ----a-w-   C:\Windows\System32\credui.dll
2013-10-04 02:24:49   1930752   ----a-w-   C:\Windows\System32\authui.dll
2013-10-04 01:58:50   152576   ----a-w-   C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25   168960   ----a-w-   C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00   1796096   ----a-w-   C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48   404480   ----a-w-   C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44   311808   ----a-w-   C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10   497152   ----a-w-   C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40   154560   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33   28672   ----a-w-   C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33   135680   ----a-w-   C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01   28160   ----a-w-   C:\Windows\System32\secur32.dll
2013-09-25 02:22:59   340992   ----a-w-   C:\Windows\System32\schannel.dll
2013-09-25 02:21:50   307200   ----a-w-   C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07   1447936   ----a-w-   C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24   247808   ----a-w-   C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42   220160   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24   30720   ----a-w-   C:\Windows\System32\lsass.exe
2013-09-08 02:30:37   1903552   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14   327168   ----a-w-   C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58   231424   ----a-w-   C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11   343040   ----a-w-   C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51   325120   ----a-w-   C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49   99840   ----a-w-   C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43   52736   ----a-w-   C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43   30720   ----a-w-   C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42   25600   ----a-w-   C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40   7808   ----a-w-   C:\Windows\System32\drivers\usbd.sys
============= FINISH: 23:39:39.00 ===============
DDS (Ver_2012-11-20.01)
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/4/2010 2:45:14 PM
System Uptime: 11/23/2013 9:25:01 AM (134 hours ago)
Processor: Intel(R) Core(TM) i7 CPU       Q 720  @ 1.60GHz | Socket 989 | 1600/533mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 446 GiB total, 176.086 GiB free.
E: is CDROM ()
F: is Removable
J: is FIXED (NTFS) - 1863 GiB total, 1489.437 GiB free.
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP421: 11/26/2013 6:41:12 AM - Windows Update
==== Installed Programs ======================
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 5 Design Standard
Adobe Creative Suite 6 Design Standard
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe FrameMaker 10.0.1
Adobe Help Manager
Adobe Help Viewer 2
Adobe Media Player
Adobe® Content Viewer
Akamai NetSession Interface
Alice Greenfingers
Amazon MP3 Downloader 1.0.17
Amazon Music Importer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Articulate Storyline
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
Atheros Client Installation Program
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATK Generic Function Service
ATK Hotkey
ATK Media
Avery Wizard 4.0
Chicken Invaders 2
Classic Menu for Office Professional 2010 v3.05
ClipMate 7
Creative MediaSource 5
CrossLoop 2.82
Crystal Reports 2008 Runtime SP1
CyberLink LabelPrint
CyberLink Power2Go
CyberPower PowerPanel Business Edition 2.3.1
Data Lifeguard Diagnostic for Windows 1.24
DDP Player
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DHTML Editing Component
DivX Setup
Dream Day Wedding Married in Manhattan
EaseUS Data Recovery Wizard 6.1
ER Mapper ECW JPEG 2000 Plug-in for Firefox []
ER Mapper ECW JPEG 2000 Plug-in for Internet Explorer []
Express Gate
Family Matters 97
Fast Boot
FastStone Image Viewer 4.3
FileZilla Client
Free CD to WAV MP3 WMA AMR AC3 AAC Ripper 3.6
Game Park Console
Google Earth
Google Update Helper
Guitar and Drum Trainer v4
Huffyuv AVI lossless video codec (Remove Only)
HWiNFO64 Version 3.96
ImTOO MOV Converter 6
Intel(R) Management Engine Components
iSEEK AnswerWorks English Runtime
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
LG USB Modem driver
LiveUpdate 3.2 (Symantec Corporation)
LUMIX Map Tool
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Store Download Manager
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Office Runtime
Movavi Screen Capture Studio 4
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
Mp3 My Mp3 3.1
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Norton Ghost
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 275.33
NVIDIA 3D Vision Driver 275.33
NVIDIA Control Panel 275.33
NVIDIA Graphics Driver 275.33
NVIDIA HD Audio Driver
NVIDIA Install Application
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.3.5
NVIDIA Update Components
Octoshape add-in for Adobe Flash Player
Oxygen XML Editor 12.1
PageBreeze Free HTML Editor
Panda Cloud Antivirus
PDF Settings CS5
PDF Settings CS6
Peachtree Signature Ready Forms
Picasa 3
Piggly FREE
Quicken 2011
Quicken 2012
Quicken 2013
Realtek High Definition Audio Driver
RICOH R5U230 Media Driver ver.
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.7
Smileyville FREE
Sound Blaster Audigy HD
Synaptics Pointing Device Driver
System Requirements Lab
System Requirements Lab for Intel
TurboTax 2013
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wrapper
ubCore64 5.80
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
USB 2.0 2.0M UVC WebCam
VC80CRTRedist - 8.0.50727.6195
VideoLAN VLC media player 0.8.6f
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
WIDCOMM Bluetooth Software
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinUndelete 3.50
Wireless Console 3
Zlon 1.0
==== Event Viewer Messages From Past Week ========
11/28/2013 9:02:26 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR3.
11/25/2013 10:34:24 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk3\DR4.
11/23/2013 9:27:26 AM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/23/2013 1:13:42 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
==== End Of File ===========================

 on: November 17, 2013, 10:46:47 AM 
Started by hayc59 - Last post by hayc59
hpHOSTS - UPDATED Sunday 17th November 2013
The hpHOSTS Hosts file has been updated. There is now a total of 343,717 listed hostsnames.
 If you are NOT using the installer, please read the included Readme.txt file for installation instructions.
• Latest Updated: 17/11/2013 09:00
• Last Verified: 14/11/2013 00:00
hpHOSTS is a community managed hosts file. What that means to you is that you have a key role to play in improving hpHOSTS by submitting undesirable sites you think should be listed or by requesting removal of sites you think may have been added in error. This process is performed in our public forums and all decisions to add or remove sites are subject to public criticism and ongoing re-evaluation. If you would like to get involved, please register* at the hpHOSTS Hosts File Support Forum.
 * Registration is free and is not required to download the hpHOSTS hosts file.

Download: hpHOSTS
More Info: hpHost Forum

Alternative hosts file providers:
MVPS - http://mvps.org/winhelp2002/hosts.htm
Peter - http://pgl.yoyo.org/as/
Malware Domain List - http://www.malwaredomainlist.com/hostslist/hosts.txt

 on: November 13, 2013, 09:06:40 PM 
Started by hayc59 - Last post by hayc59
Microsoft security bulletin for November 12 2013
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:


Critical (3)

Microsoft Security Bulletin MS13-088 - Critical
Cumulative Security Update for Internet Explorer (2888505)
Published: Tuesday, November 12, 2013

Microsoft Security Bulletin MS13-089 - Critical

Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331)
Published: Tuesday, November 12, 2013

Microsoft Security Bulletin MS13-090 - Critical
Cumulative Security Update of ActiveX Kill Bits (2900986)
Published: Tuesday, November 12, 2013

Important (5)

Microsoft Security Bulletin MS13-091 - Important
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093)
Published: Tuesday, November 12, 2013

Microsoft Security Bulletin MS13-092 - Important

Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986)
Published: Tuesday, November 12, 2013

Microsoft Security Bulletin MS13-093 - Important
Vulnerability in Windows Ancillary Function Driver Could Allow Information Disclosure (2875783)
Published: Tuesday, November 12, 2013

Microsoft Security Bulletin MS13-094 - Important
Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514)
Published: Tuesday, November 12, 2013

Microsoft Security Bulletin MS13-095 - Important
Vulnerability in Digital Signatures Could Allow Denial of Service (2868626)
Published: Tuesday, November 12, 2013

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact For home users, no-charge support for security updates (only!) is available by calling 800-MICROSOFT (800-642-7676) in the US or 877-568-2495 in Canada.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

 on: November 13, 2013, 06:44:06 PM 
Started by hayc59 - Last post by hayc59
Microsoft® Windows® Malicious Software Removal Tool (KB890830)
The updated version of Windows Malicious Software Removal Tool is available.

Version: 5.6
Knowledge Base (KB) KB890830-V5.3
Date Published: 11.12.2013
Language: English
Download Size: 20.9 MB

Please review KB890830 for the list of malicious software that the current version of the tool is capable of removing as well as usage instructions. Also, please be aware that this tool reports anonymous information back to Microsoft in the event that an infection is found or an error is encountered. The above KB article contains information on how to disable this functionality and what specific information is sent to Microsoft.

Download: Microsoft Download Center.

Pages: 1 ... 8 9 [10]

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!