Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bprotector..? Where did it come from? Is it whats causing my issues with FF + IE


  • This topic is locked This topic is locked
11 replies to this topic

#1 WhatTheWhatever

WhatTheWhatever

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 31 October 2013 - 07:23 AM

Program just showed up in my programs list, dont know where it came from. I have been having alot of trouble with Mozilla and IE, failure to load, cannot find server, etc. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 10.45.2
Run by Roy at 6:08:44 on 2013-10-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7782.4101 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
C:\windows\system32\atieclxx.exe
C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\CxAudMsg64.exe
C:\windows\system32\lxdncoms.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\windows\system32\mfevtps.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Pinger\Pinger.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Headwind SMS\Headwind SMS Communicator\hsmscomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.facebook.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: {db61f672-0d05-4997-bec6-96eaab7c4106} - <orphaned>
uURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
mURLSearchHooks: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: BitTorrentControl_v12 Toolbar: {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: BitTorrentControl_v12 Toolbar: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [0DC49B374D01BCEE186A7330E589EDD463D42B89._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [Facebook Update] "C:\Users\Roy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Sprint Web Texter] C:\Program Files\Sprint Web Texter\Sprint Web Texter.lnk
uRun: [Google Update] "C:\Users\Roy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [googletalk] C:\Users\Roy\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run
mRun: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [MessengerPlusLiveUninstall] "C:\Users\Roy\AppData\Local\Temp\MsgPlusUninstall.exe" /Cleanup
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0C51277A-9A0F-4226-A996-4FB82554BEBF} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{0C51277A-9A0F-4226-A996-4FB82554BEBF}\3586F6774796D65633331313 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{0C51277A-9A0F-4226-A996-4FB82554BEBF}\75169707F62747F5143636563737 : DHCPNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{0C51277A-9A0F-4226-A996-4FB82554BEBF}\B416E6371637F534964797F5D416272796F64747 : DHCPNameServer = 4.2.2.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261519~1.190\{c16c1~1\mngr.dll 
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\w7f0lmds.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3225824&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Users\Roy\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\Roy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Roy\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\Roy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Roy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Roy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Roy\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-16 09:31; {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}; C:\Users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\w7f0lmds.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
FF - ExtSQL: 2013-10-28 03:14; gvoice@elijahclark.com; C:\Users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\w7f0lmds.default\extensions\gvoice@elijahclark.com.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e8416ef90000000000009439e546f424&q=
FF - user.js: extensions.BabylonToolbar.id - e8416ef90000000000009439e546f424
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15676
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.815:43:08
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-9-25 57952]
R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2011-9-25 39008]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2012-11-9 781312]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2012-11-9 343568]
R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-9-25 13408]
R1 EgisTecFF;EgisTecFF;C:\windows\System32\drivers\EgisTecFF.sys [2011-9-25 55880]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2012-1-29 66040]
R1 mwlPSDFilter;mwlPSDFilter;C:\windows\System32\drivers\mwlPSDFilter.sys [2011-9-25 22912]
R1 mwlPSDNServ;mwlPSDNServ;C:\windows\System32\drivers\mwlPSDNserv.sys [2011-9-25 20328]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\windows\System32\drivers\mwlPSDVDisk.sys [2011-9-25 62584]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-8-14 204288]
R2 CxAudMsg;Conexant Audio Message Service;C:\windows\System32\CxAudMsg64.exe [2011-9-25 198784]
R2 EgisTec Service Help;EgisTec Service Help;C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-10-22 327024]
R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe [2010-12-13 703856]
R2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-12-13 650096]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-1-4 328928]
R2 lxdn_device;lxdn_device;C:\windows\System32\lxdncoms.exe -service --> C:\windows\System32\lxdncoms.exe -service [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-11-8 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-1-4 178048]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-1-4 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-1-4 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-1-4 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-1-4 328928]
R2 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2013-9-26 74560]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2013-1-4 1017016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2013-1-4 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-1-4 182752]
R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-8-14 115216]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2012-11-9 70112]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2013-10-9 31216]
R3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);C:\windows\System32\drivers\FPSensor.sys [2011-4-21 36656]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2012-11-9 310224]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2012-11-9 519192]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2013-9-20 390552]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\drivers\netr28x.sys [2011-9-25 1353280]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-9-25 307304]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2011-9-25 47232]
R3 vm331avs;Digital Camera 1;C:\windows\System32\drivers\vm331avs.sys [2011-9-25 250752]
R3 vmuvcflt;Vimicro USB Camera Filter;C:\windows\System32\drivers\vmuvcflt.sys [2011-9-25 8320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2013-10-16 197704]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2013-9-20 95984]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-2 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-10-31 11:50:06 -------- d-----w- C:\Users\Roy\AppData\Roaming\Headwind SMS
2013-10-31 11:50:06 -------- d-----w- C:\Program Files (x86)\Headwind SMS
2013-10-31 11:42:16 -------- d-----w- C:\Users\Roy\AppData\Local\{A7597394-6993-4CF5-88F8-DDF573D0BB5D}
2013-10-31 11:41:15 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{435122F7-4090-4C54-840D-2632706438F6}\offreg.dll
2013-10-31 11:26:47 -------- d-----w- C:\Program Files (x86)\IntelliSoftware
2013-10-31 11:26:05 306688 ----a-w- C:\windows\IsUninst.exe
2013-10-31 11:12:42 -------- d-----w- C:\ProgramData\Informer Technologies, Inc
2013-10-31 11:11:13 -------- d-----w- C:\Users\Roy\AppData\Roaming\Software Informer
2013-10-30 18:36:05 -------- d-----w- C:\Users\Roy\AppData\Local\{AC52B5D9-E37E-4129-97A7-E4DA03731B40}
2013-10-29 23:27:59 -------- d-----w- C:\Users\Roy\AppData\Local\{E910885A-CC58-4701-BC78-775ACB1288D9}
2013-10-29 23:02:49 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{435122F7-4090-4C54-840D-2632706438F6}\mpengine.dll
2013-10-29 05:17:15 -------- d-----w- C:\windows\SysWow64\images
2013-10-29 05:17:14 -------- d-----w- C:\windows\SysWow64\modules
2013-10-29 05:17:14 -------- d-----w- C:\windows\SysWow64\js
2013-10-29 05:17:14 -------- d-----w- C:\windows\SysWow64\html
2013-10-29 05:17:14 -------- d-----w- C:\windows\SysWow64\css
2013-10-29 05:16:31 -------- d-----w- C:\Users\Roy\AppData\Roaming\OpenCandy
2013-10-29 05:07:30 -------- d-----w- C:\Program Files (x86)\Media Player Classic - Home Cinema
2013-10-28 22:33:28 -------- d-----w- C:\Users\Roy\AppData\Local\{A396F23D-0D07-452A-8F38-AC8147D71862}
2013-10-28 11:07:39 -------- d-----w- C:\Users\Roy\AppData\Roaming\GetRightToGo
2013-10-28 11:06:35 -------- d-----w- C:\Users\Roy\AppData\Roaming\paywin
2013-10-28 11:06:35 -------- d-----w- C:\Program Files (x86)\PayWindow Payroll
2013-10-28 05:14:43 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-10-28 05:14:40 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-10-28 05:14:39 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-10-28 05:14:38 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-10-28 05:14:37 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-10-28 05:14:35 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-10-28 05:14:33 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-10-28 04:39:21 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync
2013-10-28 03:26:21 -------- d-----w- C:\ProgramData\BlueStacksSetup
2013-10-28 03:15:32 -------- d-----w- C:\Users\Roy\AppData\Local\pinger.com
2013-10-28 03:15:28 -------- d-----w- C:\Users\Roy\AppData\Local\Caphyon
2013-10-28 03:14:54 -------- d-----w- C:\Program Files (x86)\Pinger
2013-10-28 03:13:23 -------- d-----w- C:\Users\Roy\AppData\Roaming\Pinger Inc
2013-10-28 02:38:51 -------- d-----w- C:\Program Files (x86)\Yuna Software
2013-10-28 02:28:41 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2013-10-28 02:28:25 -------- d-----r- C:\Users\Roy\SkyDrive
2013-10-28 02:27:03 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2013-10-28 02:26:54 -------- d-----w- C:\Users\Roy\AppData\Local\{B1C1076E-C9AC-47B3-937A-1C44669C1765}
2013-10-25 12:06:45 -------- d-----w- C:\Users\Roy\AppData\Local\{4CA8BA1A-4E33-4143-BA04-DC3450DF1E61}
2013-10-24 09:44:09 -------- d-----w- C:\Users\Roy\AppData\Roaming\KeePass
2013-10-24 09:43:18 -------- d-----w- C:\Users\Roy\AppData\Local\KeePass
2013-10-24 09:42:19 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2
2013-10-24 09:42:18 -------- d-----w- C:\Users\Roy\AppData\Local\Programs
2013-10-23 17:26:04 15944 ----a-w- C:\windows\System32\drivers\sscdwh.sys
2013-10-23 17:26:04 15432 ----a-w- C:\windows\System32\drivers\sscdcm.sys
2013-10-23 17:25:41 -------- d-----w- C:\Program Files\SAMSUNG
2013-10-23 17:22:14 -------- d-----w- C:\ProgramData\Samsung
2013-10-23 17:20:57 -------- d-----w- C:\Program Files (x86)\Telecom Logic
2013-10-23 15:37:39 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-23 13:55:29 -------- d-----w- C:\Users\Roy\AppData\Local\{C7D87F6D-B526-4808-8EF3-3EB1B1E03E1A}
2013-10-23 13:55:09 -------- d-----w- C:\Users\Roy\Tracing
2013-10-20 00:38:34 -------- d-----w- C:\Users\Roy\AppData\Local\{317F5606-4F91-470F-87BF-6A1BC1D01005}
2013-10-16 15:31:31 -------- d-----w- C:\Users\Roy\AppData\Roaming\SearchProtect
2013-10-16 11:53:38 -------- d-----w- C:\windows\SysWow64\Samsung_USB_Drivers
2013-10-16 07:06:13 197704 ----a-w- C:\windows\System32\drivers\HipShieldK.sys
2013-10-13 06:15:14 -------- d-----w- C:\Users\Roy\AppData\Local\{FEAAE4B8-B8FD-49D6-B5AE-33C5690CC688}
2013-10-12 09:20:20 -------- d-----w- C:\Users\Roy\.swt
2013-10-12 09:19:57 -------- d-----w- C:\Users\Roy\.zipwhip
2013-10-12 08:31:42 655872 ----a-w- C:\windows\SysWow64\msvcr90.dll
2013-10-12 08:31:42 568832 ----a-w- C:\windows\SysWow64\msvcp90.dll
2013-10-12 08:31:42 1156600 ----a-w- C:\windows\SysWow64\MFC90.dll
2013-10-12 01:27:28 -------- dc-h--w- C:\ProgramData\{37EC31B8-ED4C-4A55-8784-278FE3A64349}
2013-10-12 01:27:06 -------- dc-h--w- C:\ProgramData\{2BF6C479-CE8D-4B51-889B-3B996C6320FC}
2013-10-12 01:26:42 -------- d-----w- C:\Users\Roy\AppData\Local\PackageAware
2013-10-12 01:20:06 -------- d-----w- C:\ProgramData\ExamForce
2013-10-12 01:20:06 -------- d-----w- C:\Program Files (x86)\CramMaster 10
2013-10-12 01:19:31 -------- dc-h--w- C:\ProgramData\{EBC2CB8D-EC3E-4E7D-9B44-89FF140D15B6}
2013-10-11 21:02:59 -------- d-----w- C:\ProgramData\Oracle
2013-10-11 14:54:20 -------- d-----w- C:\Program Files (x86)\Notation
2013-10-11 14:49:23 -------- d-----w- C:\Users\Roy\AppData\Roaming\Recolored
2013-10-11 09:03:59 148992 ----a-w- C:\Program Files\Internet Explorer\jsdebuggeride.dll
2013-10-11 05:54:29 -------- d-----w- C:\Users\Roy\AppData\Local\{B1A20B73-FB87-4A91-9D9A-B6BDF854445C}
2013-10-10 09:13:03 -------- d-----w- C:\41bd819d578df6e566de
2013-10-10 09:08:27 633856 ----a-w- C:\windows\System32\comctl32.dll
2013-10-10 09:08:26 530432 ----a-w- C:\windows\SysWow64\comctl32.dll
2013-10-10 09:08:20 33280 ----a-w- C:\windows\System32\drivers\usbser.sys
2013-10-10 09:08:13 185344 ----a-w- C:\windows\System32\drivers\usbvideo.sys
2013-10-10 09:08:13 100864 ----a-w- C:\windows\System32\drivers\usbcir.sys
2013-10-10 09:08:07 785624 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2013-10-10 09:08:02 368128 ----a-w- C:\windows\System32\atmfd.dll
2013-10-10 09:08:02 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2013-10-10 09:08:01 41472 ----a-w- C:\windows\System32\lpk.dll
2013-10-10 09:08:01 14336 ----a-w- C:\windows\System32\dciman32.dll
2013-10-10 09:08:00 25600 ----a-w- C:\windows\SysWow64\lpk.dll
2013-10-10 09:08:00 10240 ----a-w- C:\windows\SysWow64\dciman32.dll
2013-10-10 09:06:58 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
2013-10-10 09:06:55 243712 ----a-w- C:\windows\System32\wow64.dll
2013-10-10 09:06:40 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2013-10-10 09:06:40 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2013-10-10 09:06:39 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-10-10 09:06:39 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2013-10-10 09:06:38 2048 ----a-w- C:\windows\SysWow64\user.exe
2013-10-10 09:05:40 102608 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 09:05:39 124112 ----a-w- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 09:05:32 983488 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-10-10 09:05:21 461312 ----a-w- C:\windows\System32\scavengeui.dll
2013-10-09 21:17:54 31216 ----a-w- C:\windows\System32\drivers\clwvd.sys
2013-10-09 20:49:16 -------- d-----w- C:\ProgramData\install_clap
2013-10-09 19:49:01 -------- d-----w- C:\Users\Roy\AppData\Local\{4434560D-131A-46FF-A175-BD9B5869A0DF}
2013-10-09 19:46:19 -------- d-----w- C:\Program Files\McAfee Security Scan
2013-10-09 16:58:02 4879744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 16:58:02 4879744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 08:18:56 -------- d-----w- C:\Users\Roy\AppData\Local\Facebook
2013-10-09 04:48:32 -------- d-----w- C:\Users\Roy\AppData\Local\{405920DA-8CAA-4012-8F29-E68386A26E2B}
2013-10-09 03:40:07 741480 ------w- C:\windows\System32\HPDiscoPMB111.dll
2013-10-08 05:26:52 -------- d-----w- C:\Users\Roy\AppData\Local\{EFCD3F8F-C850-41E0-BF9E-07101EE002AF}
2013-10-04 06:21:16 -------- d-----w- C:\Users\Roy\AppData\Local\{7DA6E72B-0CAF-4CC2-AA52-E66445D2ACD5}
2013-10-04 05:51:59 -------- d-----w- C:\ProgramData\lx_Cats
2013-10-04 05:51:37 177152 ----a-w- C:\windows\System32\Spool\prtprocs\x64\lxdndrpp.dll
2013-10-03 07:36:40 -------- d-----w- C:\Users\Roy\AppData\Local\{CC84EC59-2C23-4228-9550-681B9BA38332}
.
==================== Find3M  ====================
.
2013-10-08 22:01:51 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 22:01:51 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-09-25 02:29:46 70112 ----a-w- C:\windows\System32\drivers\cfwids.sys
2013-09-25 02:25:40 343568 ----a-w- C:\windows\System32\drivers\mfewfpk.sys
2013-09-25 02:25:24 182752 ----a-w- C:\windows\System32\mfevtps.exe
2013-09-25 02:22:48 781312 ----a-w- C:\windows\System32\drivers\mfehidk.sys
2013-09-25 02:21:32 519192 ----a-w- C:\windows\System32\drivers\mfefirek.sys
2013-09-25 02:20:28 310224 ----a-w- C:\windows\System32\drivers\mfeavfk.sys
2013-09-25 02:19:56 179664 ----a-w- C:\windows\System32\drivers\mfeapfk.sys
2013-09-22 23:28:06 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-20 15:38:30 10856 ----a-w- C:\windows\System32\drivers\mfeclnrk.sys
2013-09-20 15:38:14 95984 ----a-w- C:\windows\System32\drivers\mfencrk.sys
2013-09-20 15:37:56 390552 ----a-w- C:\windows\System32\drivers\mfencbdc.sys
2013-09-14 01:10:19 497152 ----a-w- C:\windows\System32\drivers\afd.sys
2013-09-09 17:11:58 74560 ----a-w- C:\windows\System32\drivers\McPvDrv.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
2013-09-03 20:35:10 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-08-29 02:17:48 5549504 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\windows\System32\ntdll.dll
2013-08-29 02:16:14 859648 ----a-w- C:\windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:16 619520 ----a-w- C:\windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2013-08-28 01:21:06 3155968 ----a-w- C:\windows\System32\win32k.sys
2013-08-05 02:25:45 155584 ----a-w- C:\windows\System32\drivers\ataport.sys
.
============= FINISH:  6:11:31.37 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:29 PM

Posted 31 October 2013 - 03:30 PM

Good evening. :)

Download Malwarebytes' Anti-Malware from here and save it to your Desktop - unless you already have it, in which case skip to the "updating" bit below.
 

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • Ensure a checkmark is placed next to both Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware and then click Finish.
  • If an update is found, it will download and install the latest version - you'll need to clear it with your firewall.
  • Once the program has loaded, select Perform full scan and then Scan.
  • When the scan has finished, click OK and then Show Results to view the results - no surprise there!
  • If MBAM finds anything, check the box(es) and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt

 

Will you post the contents of the MBAM log into your next reply please.


So long, and thanks for all the fish.

 

 


#3 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 04 November 2013 - 08:26 PM

ok


Edited by WhatTheWhatever, 05 November 2013 - 02:46 AM.


#4 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 05 November 2013 - 02:28 AM

I was running the malware bytes, when the damn thing froze...stuck in the firefox window full screen. I couldnt close it or change windows. the sound playing from the window kept repeating over and over. I couldnt get it to do anything so I shut it off. Now I cant log on normal. I am in safe mode now.... I got as far as it allowing me to log on then I got a black screen....and nothing for almost 20 minutes, so I shut it off again and thats where I am now. What do I do?...oh yeah also the malware had found like 25 things too...and wasnt done yet when it froze.


Edited by WhatTheWhatever, 05 November 2013 - 02:29 AM.


#5 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 05 November 2013 - 03:19 AM

HERE IS THE LOG FROM THE QUICK SCAN, NOT THE FULL SCAN. I AM STILL IN SAFEMODE. I AM GOING TO TRY AND RESTART AND LOG ON NORMAL AGAIN RIGHT NOW. AND TRY AGAIN.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.11.04.09
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16721
Roy :: ROY-PC [administrator]
 
Protection: Disabled
 
11/5/2013 12:48:12 AM
mbam-log-2013-11-05 (00-48-12).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239983
Time elapsed: 22 minute(s), 4 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 8
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://search.babylon.com/?affID=110803&tt=4812_8&babsrc=HP_ss&mntrId=e8416ef90000000000009439e546f424 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A1S1R1O0F1O1U1MtGtC0WtH2Y -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 8
C:\Users\Roy\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy\05587CE4BD194E12BBC3C1524BCD2B9A (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
Files Detected: 33
C:\Users\Roy\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy\05587CE4BD194E12BBC3C1524BCD2B9A\SliderCOTMv4.1.24.2_20131003.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\3567.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\63F.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\D857.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\F7DE.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\JfzBa6Sk.exe.part (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\setup_fsu_cid.exe (Trojan.Sefnit) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\Video Performer64196.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\ibtmpc810551\component_514 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\ibtmpc810551\component_600 (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\ibtmpc810551\component_613 (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\ibtmpc810551\component_634 (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Windows\Temp\Content.IE5\72ZOL9T6\pack[1].7z (PUP.Optional.PerformerSoft.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\7zip_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\CAM_Development_Print_Designer_GOLD_v10.2.0.0_Cracked-WaLMaRT_downloader_us_99303.exe (PUP.Optional.GoForFiles.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\FlashPlayer_11.3.dl.exe (PUP.Optional.OneClick) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\SoftonicDownloader_for_messenger-plus-for-skype.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\SwagBucks_brff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\TinyMediaPlayer_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy\05587CE4BD194E12BBC3C1524BCD2B9A\WeCare_COTM_ALL_p3v4.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\CT2260173.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)
 


#6 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 05 November 2013 - 03:46 AM

ok i had to restore the computer now i am downloading malwarebytes again and rerunning it again



#7 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 05 November 2013 - 05:55 AM

my computer wont load all the way in normal mode....wtf....i did exactly what you said and now it wont do anything.......i should have left it alone. im in safe mode again and here is your log.....for full scan

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.11.05.02
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16721
Roy :: ROY-PC [administrator]
 
Protection: Disabled
 
11/5/2013 2:02:52 AM
mbam-log-2013-11-05 (02-02-52).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 398039
Time elapsed: 1 hour(s), 26 minute(s), 46 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 8
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://search.babylon.com/?affID=110803&tt=4812_8&babsrc=HP_ss&mntrId=e8416ef90000000000009439e546f424 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A1S1R1O0F1O1U1MtGtC0WtH2Y -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 7
C:\Users\Roy\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy\05587CE4BD194E12BBC3C1524BCD2B9A (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
Files Detected: 17
C:\Users\Roy\AppData\Local\Temp\setup_fsu_cid.exe (Trojan.Sefnit) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\Video Performer64196.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy\05587CE4BD194E12BBC3C1524BCD2B9A\SliderCOTMv4.1.24.2_20131003.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Documents\Katie Saves\SkyDrive\GOODCARMA EBAY\Katie\~Get Your Software Here\Core\CORE10k.EXE (PUP.Keygen.Intro) -> Quarantined and deleted successfully.
C:\Users\Roy\Documents\Katie Saves\SkyDrive\Software\Notation_Composer_2_6_3_Patch_&_Serial.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\7zip_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\CAM_Development_Print_Designer_GOLD_v10.2.0.0_Cracked-WaLMaRT_downloader_us_99303.exe (PUP.Optional.GoForFiles.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\FlashPlayer_11.3.dl.exe (PUP.Optional.OneClick) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\SoftonicDownloader_for_messenger-plus-for-skype.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\SwagBucks_brff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Roy\Downloads\TinyMediaPlayer_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\OpenCandy\05587CE4BD194E12BBC3C1524BCD2B9A\WeCare_COTM_ALL_p3v4.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Roy\AppData\Local\Temp\CT2260173\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)

Edited by WhatTheWhatever, 05 November 2013 - 06:00 AM.


#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:29 PM

Posted 05 November 2013 - 03:48 PM

Good evening. :)

As you can at least partly boot your system I suggest you start with System Restore.

Navigate to the Start -> All Programs -> Accessories -> System Tools program group.

Click on the System Restore program icon.

Click Next > on the Restore system files and settings window.

Choose the restore point that you want to use.

 

Pick the latest one that you can find that is before the point that you ran MBAM.

 

If that doesn't resolve the issue then I need to know if you have the Windows installation disk or created a System repair disk.


So long, and thanks for all the fish.

 

 


#9 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 10 November 2013 - 05:53 AM

Well, thank you for your reply. 

:wizardball: 

I have already done so with safe mode and restored.

But, I found that it doesnt matter what I do... :smash: once I install MBAM :busy:  and try to run it... :tvhorror: the whole thing goes to :bubbles:!!!


Edited by WhatTheWhatever, 10 November 2013 - 05:54 AM.


#10 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 10 November 2013 - 05:56 AM

So, I have decided... that I would much rather just live  :hug:  with the infection, and deal with whatever side effects I have already been dealing with all along.... than to continue trying to resolve this issue,  just to simply keep repeating  the same...  :deadhorse: .... situation over and over again.



#11 WhatTheWhatever

WhatTheWhatever
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:29 PM

Posted 10 November 2013 - 05:58 AM

Its just not worth it.

I dont know what the major malfunction here is.... But, I do know, that what ever it... is, It really... DOESNT like  MBAM. :spam:

So...

I think it best if we just dont try and test its patience anymore,    :bowdown:  .

If you know what I mean.

:hello:



#12 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:29 PM

Posted 10 November 2013 - 02:13 PM

Good evening. :)

Just to be clear, once you restored the PC back to a time before the boot problem, you reinstalled MBAM and ran a scan again and the same thing happened?


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users