1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

online videos don't play

Discussion in 'Windows Vista' started by Chewbaca, Jan 14, 2013.

Thread Status:
Not open for further replies.
  1. Chewbaca

    Chewbaca Thread Starter

    Joined:
    Jan 10, 2013
    Messages:
    15
    Hi,after malwarebytes unlocked my laptop (thank them!) from fbi-ransomware virus online videos won't play!not even the tech guy guide!:mad: i hope find hijackthis Big Thankslog:Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:25:25 PM, on 1/14/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\WINDOWS\System32\WLTRAY.EXE
    C:\Program Files\Immunet\3.0.8\iptray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\Tom\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=11...HP_ss&mntrId=5447d1bf00000000000000225f9e05bd
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe"
    O4 - HKLM\..\Run: [Immunet Protect] "C:\Program Files\Immunet\3.0.8\iptray.exe"
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\Components\scheduler\Launcher.exe
    O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat"
    O4 - HKLM\..\RunOnce: [Del19130433] cmd.exe /Q /D /c del "C:\Users\Tom\AppData\Local\Temp\0.del"
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Best Codec Pack803588.exe] "C:\Users\Tom\AppData\Local\Temp\Best Codec Pack803588.exe" /XML="C:\Users\Tom\AppData\Local\Temp\EE40.tmp" /STP=0:2
    O4 - HKCU\..\RunOnce: [Del19130433] cmd.exe /Q /D /c del "C:\Users\Tom\AppData\Local\Temp\0.del"
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4124381C-B242-47A0-AFA5-E58A7974602E}: NameServer = 8.26.56.26,156.154.70.22
    O17 - HKLM\System\CCS\Services\Tcpip\..\{91499509-0A46-4386-A7FF-C92B41C972C9}: NameServer = 8.26.56.26,156.154.70.22
    O17 - HKLM\System\CS1\Services\Tcpip\..\{4124381C-B242-47A0-AFA5-E58A7974602E}: NameServer = 8.26.56.26,156.154.70.22
    O17 - HKLM\System\CS2\Services\Tcpip\..\{4124381C-B242-47A0-AFA5-E58A7974602E}: NameServer = 8.26.56.26,156.154.70.22
    O20 - AppInit_DLLs: c:\PROGRA~1\WXDOWN~1\sprotector.dll
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
    O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: Immunet 3.0 (ImmunetProtect) - Sourcefire, Inc. - C:\Program Files\Immunet\3.0.8\agent.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\WINDOWS\SMINST\sftservice.EXE
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

    --
    End of file - 8948 bytes
     
  2. Chewbaca

    Chewbaca Thread Starter

    Joined:
    Jan 10, 2013
    Messages:
    15
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
    Run by Tom at 21:52:09 on 2013-01-14
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2010.1093 [GMT -5:00]
    .
    AV: Immunet 3.0 *Enabled/Updated* {065276D9-6EBF-968C-B5ED-7B8B1DCF4059}
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
    C:\Windows\system32\SLsvc.exe
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Immunet\3.0.8\agent.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\SMINST\sftservice.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\RUNDLL32.EXE
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\windows\SMINST\Components\scheduler\STService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\WINDOWS\System32\WLTRAY.EXE
    C:\Program Files\Immunet\3.0.8\iptray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\WINDOWS\SMINST\DataSafe.exe
    C:\Windows\System32\vds.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\sminst\Components\FileBackup\BackupPlg.exe
    C:\Windows\sminst\Components\PSTImageExt\STImageExtPlg.exe
    C:\Windows\system32\wuauclt.exe
    C:\Users\Tom\AppData\Local\Temp\DM\windows-media-player_085\DomaIQ.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft\BingBar\BingBar.exe
    C:\Program Files\Microsoft\BingBar\BingApp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k secsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.babylon.com/?affID=118658&tt=0113_3&babsrc=HP_ss&mntrId=5447d1bf00000000000000225f9e05bd
    uWindow Title = Internet Explorer provided by Dell
    uSearch Bar = Preserve
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
    BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>
    BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files\funmoods\1.5.23.22\bh\escort.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\program files\funmoods\1.5.23.22\escorTlbr.dll
    uRun: [ares] "c:\program files\ares\Ares.exe" -h
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [Best Codec Pack803588.exe] "c:\users\tom\appdata\local\temp\best codec pack803588.exe" /xml="c:\users\tom\appdata\local\temp\EE40.tmp" /STP=0:2
    uRunOnce: [Del19130433] cmd.exe /Q /D /c del "c:\users\tom\appdata\local\temp\0.del"
    uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"
    mRun: [Immunet Protect] "c:\program files\immunet\3.0.8\iptray.exe"
    mRunOnce: [Launcher] c:\windows\sminst\components\scheduler\Launcher.exe
    mRunOnce: [DSUpdateLauncher] "c:\program files\dell datasafe local backup\components\dsupdate\runhstart.bat"
    mRunOnce: [Del19130433] cmd.exe /Q /D /c del "c:\users\tom\appdata\local\temp\0.del"
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{4124381C-B242-47A0-AFA5-E58A7974602E} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{4124381C-B242-47A0-AFA5-E58A7974602E} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{91499509-0A46-4386-A7FF-C92B41C972C9} : NameServer = 8.26.56.26,156.154.70.22
    Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs= c:\progra~1\wxdown~1\sprotector.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\tom\appdata\roaming\mozilla\firefox\profiles\yhkw72d6.default\
    FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - ExtSQL: 2012-11-25 04:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - ExtSQL: 2013-01-09 18:18; [email protected]; c:\users\tom\appdata\roaming\mozilla\firefox\profiles\yhkw72d6.default\extensions\[email protected]
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.funmoods.hmpg - false
    FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=aln&ir=aln&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtAyCyD0CtC0C0DtC0B0FtN0D0Tzu0CtAzztDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1122121890
    FF - user.js: extensions.funmoods.dfltSrch - false
    FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
    FF - user.js: extensions.funmoods.dnsErr - true
    FF - user.js: extensions.funmoods_i.newTab - false
    FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=aln&ir=aln&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtAyCyD0CtC0C0DtC0B0FtN0D0Tzu0CtAzztDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1122121890
    FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=aln&ir=aln&cd=2XzuyEtN2Y1L1QzutDtDtBtA0A0EtAyCyD0CtC0C0DtC0B0FtN0D0Tzu0CtAzztDtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1122121890&q=
    FF - user.js: extensions.funmoods.id - 0023AE365C1CD1BF
    FF - user.js: extensions.funmoods.instlDay - 15719
    FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
    FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
    FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2217:35:6
    FF - user.js: extensions.funmoods.prtnrId - funmoods
    FF - user.js: extensions.funmoods.prdct - funmoods
    FF - user.js: extensions.funmoods.aflt - aln
    FF - user.js: extensions.funmoods_i.smplGrp - none
    FF - user.js: extensions.funmoods.tlbrId - base
    FF - user.js: extensions.funmoods.instlRef - aln
    FF - user.js: extensions.funmoods.dfltLng -
    FF - user.js: extensions.funmoods.excTlbr - false
    FF - user.js: extensions.funmoods.autoRvrt - false
    FF - user.js: extensions.funmoods.envrmnt - production
    FF - user.js: extensions.funmoods.isdcmntcmplt - true
    FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
    R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-11-17 36552]
    R1 ImmunetProtectDriver;ImmunetProtectDriver;c:\windows\system32\drivers\ImmunetProtect.sys [2013-1-14 51528]
    R1 ImmunetSelfProtectDriver;ImmunetSelfProtectDriver;c:\windows\system32\drivers\ImmunetSelfProtect.sys [2013-1-14 35016]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\AEstSrv.exe [2009-5-13 81920]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-11-17 83432]
    R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
    R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 ImmunetNetworkMonitorDriver;ImmunetNetworkMonitorDriver;c:\windows\system32\drivers\ImmunetNetworkMonitor.sys [2013-1-14 103880]
    R2 ImmunetProtect;Immunet 3.0;c:\program files\immunet\3.0.8\agent.exe [2013-1-14 872824]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-12 398184]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-12 682344]
    R2 SftService;SoftThinks Agent Service;c:\windows\sminst\SftService.exe [2009-5-13 632048]
    R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-12 21104]
    S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
    S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-11-17 84256]
    S2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-11-17 108320]
    S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\dellsu~1\hwdiag\bin\PCD5SRVC.pkms [2008-11-4 22904]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2013-01-14 22:35:21 -------- d-----w- c:\users\tom\appdata\roaming\Funmoods
    2013-01-14 22:35:06 -------- d-----w- c:\program files\Funmoods
    2013-01-14 15:58:04 -------- d-----w- c:\programdata\Immunet
    2013-01-14 15:57:07 103880 ----a-w- c:\windows\system32\drivers\ImmunetNetworkMonitor.sys
    2013-01-14 15:57:06 35016 ----a-w- c:\windows\system32\drivers\ImmunetSelfProtect.sys
    2013-01-14 15:57:04 51528 ----a-w- c:\windows\system32\drivers\ImmunetProtect.sys
    2013-01-14 15:56:56 304712 ----a-w- c:\windows\system32\drivers\Trufos.sys
    2013-01-14 15:56:50 -------- d-----w- c:\program files\Immunet
    2013-01-13 03:05:06 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-01-11 23:57:32 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7db9eddb-d428-4332-bd45-79122741cd7e}\mpengine.dll
    2013-01-10 19:50:59 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-01-09 15:32:28 2048000 ----a-w- c:\windows\system32\win32k.sys
    2013-01-09 15:18:49 204288 ----a-w- c:\windows\system32\ncrypt.dll
    2013-01-09 15:17:27 1400832 ----a-w- c:\windows\system32\msxml6.dll
    2013-01-01 04:46:43 -------- d-----w- c:\users\tom\appdata\roaming\player
    2013-01-01 04:46:08 -------- d-----w- c:\program files\Tuguu SL
    2013-01-01 04:20:15 -------- d-----w- c:\users\tom\appdata\local\Babylon
    2013-01-01 04:20:08 -------- d-----w- c:\users\tom\appdata\roaming\Babylon
    2013-01-01 04:20:08 -------- d-----w- c:\programdata\Babylon
    2012-12-31 18:14:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-31 18:14:35 404920 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-12-30 03:43:27 -------- d-----w- c:\programdata\Package Cache
    2012-12-26 13:10:45 -------- d-----w- c:\program files\Comodo
    2012-12-26 13:08:31 1700352 ----a-w- c:\windows\system32\gdiplus.dll
    2012-12-20 19:34:15 34304 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-20 19:34:15 293376 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-20 05:06:29 754688 ----a-w- c:\windows\system32\webservices.dll
    2012-12-20 01:32:06 -------- d-----w- C:\Temp
    2012-12-18 17:14:22 -------- d-----w- c:\users\tom\appdata\roaming\OpenCandy
    2012-12-18 08:02:41 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2012-12-17 02:59:59 -------- d-----w- c:\program files\VideoLAN
    2012-12-16 06:08:59 -------- d-----w- c:\users\tom\appdata\local\Macromedia
    .
    ==================== Find3M ====================
    .
    2012-12-02 05:09:24 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-12-02 05:09:24 746984 ----a-w- c:\windows\system32\deployJava1.dll
    2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-11-13 01:29:51 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-11-07 22:03:24 83432 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-11-07 22:03:24 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
    2012-11-02 10:18:17 376320 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-02 08:26:06 23040 ----a-w- c:\windows\system32\dpnsvr.exe
    2012-10-22 18:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
    .
    ============= FINISH: 21:53:30.62 ===============
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1085237

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice