online videos don't play

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Chewbaca

Thread Starter
Joined
Jan 10, 2013
Messages
15
Hi,after malwarebytes unlocked my laptop (thank them!) from fbi-ransomware virus online videos won't play!not even the tech guy guide!:mad: i hope find hijackthis Big Thankslog:Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:25:25 PM, on 1/14/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\system32\igfxsrvc.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\System32\WLTRAY.EXE
C:\Program Files\Immunet\3.0.8\iptray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=11...HP_ss&mntrId=5447d1bf00000000000000225f9e05bd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe"
O4 - HKLM\..\Run: [Immunet Protect] "C:\Program Files\Immunet\3.0.8\iptray.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\Components\scheduler\Launcher.exe
O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat"
O4 - HKLM\..\RunOnce: [Del19130433] cmd.exe /Q /D /c del "C:\Users\Tom\AppData\Local\Temp\0.del"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Best Codec Pack803588.exe] "C:\Users\Tom\AppData\Local\Temp\Best Codec Pack803588.exe" /XML="C:\Users\Tom\AppData\Local\Temp\EE40.tmp" /STP=0:2
O4 - HKCU\..\RunOnce: [Del19130433] cmd.exe /Q /D /c del "C:\Users\Tom\AppData\Local\Temp\0.del"
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4124381C-B242-47A0-AFA5-E58A7974602E}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{91499509-0A46-4386-A7FF-C92B41C972C9}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{4124381C-B242-47A0-AFA5-E58A7974602E}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{4124381C-B242-47A0-AFA5-E58A7974602E}: NameServer = 8.26.56.26,156.154.70.22
O20 - AppInit_DLLs: c:\PROGRA~1\WXDOWN~1\sprotector.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Immunet 3.0 (ImmunetProtect) - Sourcefire, Inc. - C:\Program Files\Immunet\3.0.8\agent.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\WINDOWS\SMINST\sftservice.EXE
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 8948 bytes
 

Chewbaca

Thread Starter
Joined
Jan 10, 2013
Messages
15
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by Tom at 21:52:09 on 2013-01-14
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2010.1093 [GMT -5:00]
.
AV: Immunet 3.0 *Enabled/Updated* {065276D9-6EBF-968C-B5ED-7B8B1DCF4059}
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Immunet\3.0.8\agent.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\SMINST\sftservice.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\windows\SMINST\Components\scheduler\STService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\system32\igfxsrvc.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\System32\WLTRAY.EXE
C:\Program Files\Immunet\3.0.8\iptray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\SMINST\DataSafe.exe
C:\Windows\System32\vds.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\sminst\Components\FileBackup\BackupPlg.exe
C:\Windows\sminst\Components\PSTImageExt\STImageExtPlg.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Tom\AppData\Local\Temp\DM\windows-media-player_085\DomaIQ.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\BingBar\BingBar.exe
C:\Program Files\Microsoft\BingBar\BingApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=118658&tt=0113_3&babsrc=HP_ss&mntrId=5447d1bf00000000000000225f9e05bd
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = Preserve
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>
BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files\funmoods\1.5.23.22\bh\escort.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\program files\funmoods\1.5.23.22\escorTlbr.dll
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Best Codec Pack803588.exe] "c:\users\tom\appdata\local\temp\best codec pack803588.exe" /xml="c:\users\tom\appdata\local\temp\EE40.tmp" /STP=0:2
uRunOnce: [Del19130433] cmd.exe /Q /D /c del "c:\users\tom\appdata\local\temp\0.del"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"
mRun: [Immunet Protect] "c:\program files\immunet\3.0.8\iptray.exe"
mRunOnce: [Launcher] c:\windows\sminst\components\scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "c:\program files\dell datasafe local backup\components\dsupdate\runhstart.bat"
mRunOnce: [Del19130433] cmd.exe /Q /D /c del "c:\users\tom\appdata\local\temp\0.del"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4124381C-B242-47A0-AFA5-E58A7974602E} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{4124381C-B242-47A0-AFA5-E58A7974602E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{91499509-0A46-4386-A7FF-C92B41C972C9} : NameServer = 8.26.56.26,156.154.70.22
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\wxdown~1\sprotector.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tom\appdata\roaming\mozilla\firefox\profiles\yhkw72d6.default\
FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - ExtSQL: 2012-11-25 04:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-01-09 18:18; [email protected]; c:\users\tom\appdata\roaming\mozilla\firefox\profiles\yhkw72d6.default\extensions\[email protected]
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.funmoods.hmpg - false
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=aln&ir=aln&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtAyCyD0CtC0C0DtC0B0FtN0D0Tzu0CtAzztDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1122121890
FF - user.js: extensions.funmoods.dfltSrch - false
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=aln&ir=aln&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtAyCyD0CtC0C0DtC0B0FtN0D0Tzu0CtAzztDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1122121890
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=aln&ir=aln&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtAyCyD0CtC0C0DtC0B0FtN0D0Tzu0CtAzztDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1122121890&q=
FF - user.js: extensions.funmoods.id - 0023AE365C1CD1BF
FF - user.js: extensions.funmoods.instlDay - 15719
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2217:35:6
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - aln
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - aln
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-11-17 36552]
R1 ImmunetProtectDriver;ImmunetProtectDriver;c:\windows\system32\drivers\ImmunetProtect.sys [2013-1-14 51528]
R1 ImmunetSelfProtectDriver;ImmunetSelfProtectDriver;c:\windows\system32\drivers\ImmunetSelfProtect.sys [2013-1-14 35016]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\AEstSrv.exe [2009-5-13 81920]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-11-17 83432]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 ImmunetNetworkMonitorDriver;ImmunetNetworkMonitorDriver;c:\windows\system32\drivers\ImmunetNetworkMonitor.sys [2013-1-14 103880]
R2 ImmunetProtect;Immunet 3.0;c:\program files\immunet\3.0.8\agent.exe [2013-1-14 872824]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-12 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-12 682344]
R2 SftService;SoftThinks Agent Service;c:\windows\sminst\SftService.exe [2009-5-13 632048]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-12 21104]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-11-17 84256]
S2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-11-17 108320]
S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\dellsu~1\hwdiag\bin\PCD5SRVC.pkms [2008-11-4 22904]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-01-14 22:35:21 -------- d-----w- c:\users\tom\appdata\roaming\Funmoods
2013-01-14 22:35:06 -------- d-----w- c:\program files\Funmoods
2013-01-14 15:58:04 -------- d-----w- c:\programdata\Immunet
2013-01-14 15:57:07 103880 ----a-w- c:\windows\system32\drivers\ImmunetNetworkMonitor.sys
2013-01-14 15:57:06 35016 ----a-w- c:\windows\system32\drivers\ImmunetSelfProtect.sys
2013-01-14 15:57:04 51528 ----a-w- c:\windows\system32\drivers\ImmunetProtect.sys
2013-01-14 15:56:56 304712 ----a-w- c:\windows\system32\drivers\Trufos.sys
2013-01-14 15:56:50 -------- d-----w- c:\program files\Immunet
2013-01-13 03:05:06 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-11 23:57:32 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7db9eddb-d428-4332-bd45-79122741cd7e}\mpengine.dll
2013-01-10 19:50:59 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-09 15:32:28 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 15:18:49 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 15:17:27 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-01 04:46:43 -------- d-----w- c:\users\tom\appdata\roaming\player
2013-01-01 04:46:08 -------- d-----w- c:\program files\Tuguu SL
2013-01-01 04:20:15 -------- d-----w- c:\users\tom\appdata\local\Babylon
2013-01-01 04:20:08 -------- d-----w- c:\users\tom\appdata\roaming\Babylon
2013-01-01 04:20:08 -------- d-----w- c:\programdata\Babylon
2012-12-31 18:14:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-31 18:14:35 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-30 03:43:27 -------- d-----w- c:\programdata\Package Cache
2012-12-26 13:10:45 -------- d-----w- c:\program files\Comodo
2012-12-26 13:08:31 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-12-20 19:34:15 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 19:34:15 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-20 05:06:29 754688 ----a-w- c:\windows\system32\webservices.dll
2012-12-20 01:32:06 -------- d-----w- C:\Temp
2012-12-18 17:14:22 -------- d-----w- c:\users\tom\appdata\roaming\OpenCandy
2012-12-18 08:02:41 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-12-17 02:59:59 -------- d-----w- c:\program files\VideoLAN
2012-12-16 06:08:59 -------- d-----w- c:\users\tom\appdata\local\Macromedia
.
==================== Find3M ====================
.
2012-12-02 05:09:24 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-02 05:09:24 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-13 01:29:51 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-07 22:03:24 83432 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-07 22:03:24 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-11-02 10:18:17 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26:06 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-22 18:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
.
============= FINISH: 21:53:30.62 ===============
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top