Jump to content

Lenis M. Vega Lamberty

Members
  • Content Count

    12
  • Joined

  • Last visited

About Lenis M. Vega Lamberty

  • Rank
    Member
  1. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Thank you, the problem stopped.
  2. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Well... these are just photoshop brushes to produce a kind of cracked and decayed effect... not cracked as in the computer sense Scanned them... Nothing.
  3. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Well, damn it. I did download some stuff needed to make Kinect work in the computer... never knew there was a trojan within the files. Here is the ckfiles.txt info CKScanner - Additional Security Risks - These are not necessarily bad c:program files (x86)adobeadobe photoshop cs3presetsbrushescrackdecaybrushes_byfunerals0ng.abr c:program files (x86)adobeadobe photoshop cs3presetsbrushesss-cracks.abr c:userslady mansondownloadscracks_photoshop_brushes_by_redheadstock.zip c:userslady mansondownloadscrack_effect_brushes_by_funerals0ng.rar scanner sequence 3.CA.11.HKNANX ----- EOF ----- Why are my photoshop brushes a security risk?
  4. Lenis M. Vega Lamberty

    URL Mal infection, please help

    C:UsersLady MansonDesktopKinectVmdReductionTool_v052.zip a variant of MSIL/Packed.CodeFort.A application deleted - quarantined C:UsersLady MansonDownloadsKinect.zip a variant of MSIL/Packed.CodeFort.A application deleted - quarantined C:UsersLady MansonDownloadsMK.exe Win32/InstallCore application cleaned by deleting - quarantined
  5. Lenis M. Vega Lamberty

    URL Mal infection, please help

    No, there was a period of time on the weekend that it did not matter what I opened on the Chrome Browser the Avast Warning would come up 3 and 4 times for the same page. At the time I had only Google search, Deviantart and Facebook open. If I moved around facebook it did not go off. If I moved around Deviantart or opened a new tab on chrome it would go bonkers, and suddenly just as it started, it stopped. But I do think the problem started when I opened Gmail.
  6. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Scan completed and no infected files o_O
  7. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume2 Install Date: 5/22/2012 2:19:27 AM System Uptime: 9/19/2012 1:13:05 PM (0 hours ago) . Motherboard: Acer | | JE70-SB Processor: AMD A6-3400M APU with Radeon HD Graphics | Socket FS1 | 1400/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 450 GiB total, 215.408 GiB free. D: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP57: 9/4/2012 7:05:28 PM - Windows Update RP58: 9/7/2012 4:14:06 PM - Installed OpenNI 1.5.2.23 for Windows RP59: 9/7/2012 4:18:42 PM - Installed PrimeSense Sensor KinectMod 5.1.2.1 for Windows 64-bit RP60: 9/7/2012 4:34:30 PM - Installed PrimeSense Sensor KinectMod 5.1.2.1 for Windows 64-bit RP61: 9/7/2012 4:49:14 PM - Installed PrimeSense - NITE 1.5.2.21 for Windows RP62: 9/7/2012 4:58:26 PM - Removed OpenNI 1.5.2.23 for Windows 64-bit RP63: 9/11/2012 10:07:41 AM - Windows Update RP64: 9/12/2012 10:45:50 AM - Windows Update RP65: 9/13/2012 10:31:09 AM - Windows Update RP66: 9/18/2012 5:08:02 AM - Windows Update . ==== Installed Programs ====================== . µTorrent Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer Registration Acer ScreenSaver Acer Updater Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader X MUI Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Agatha Christie - Death on the Nile AMD System Monitor AMD VISION Engine Control Center Apple Application Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver aTube Catcher avast! Internet Security Babylon Backup Manager V3 Bejeweled 2 Deluxe Build-a-lot 4 - Power Source CamStudio OSS Desktop Recorder Canon Easy-WebPrint EX Canon MP Navigator EX 3.0 Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDex extraction audio Chronicles of Albian Chuzzle Deluxe clear.fi clear.fi Client Cradle of Rome 2 D3DX10 DAEMON Tools Lite Dolby Advanced Audio v2 Dora's World Adventure eBay Worldwide Facebook Messenger 2.1.4631.0 FATE: The Cursed King ffdshow v1.2.4422 [2012-04-09] Final Drive: Nitro Free FLAC to MP3 Converter 1.0 FreeKapture 2.00 - Freeware Galerie de photos Windows Live GoldWave v5.67 Google Chrome Google SketchUp 8 Governor of Poker 2 Premium Edition Identity Card iWisoft Flash SWF to Video Converter 3.4 Java Auto Updater Java 7 Update 4 JavaFX 2.1.0 Jewel Match 3 Jing Junk Mail filter update Last.fm 1.5.4.27091 Launch Manager Malwarebytes Anti-Malware version 1.65.0.1400 Mesh Runtime Microsoft Kinect Speech Recognition Language Pack (en-US) Microsoft Office 2010 Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Server Speech Platform Runtime (x86) Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mp3 Knife 3.2 MSVCRT MSVCRT_amd64 Mystery of Mortlake Mansion MyWinLocker 4 MyWinLocker Suite newsXpresso NOOK for PC Norton Online Backup NTI Media Maker 9 OpenNI 1.5.2.23 for Windows PDF Settings Penguins! Plants vs. Zombies - Game of the Year Polar Bowler Polar Golfer PrimeSense - NITE 1.5.2.21 for Windows PrimeSense Sensor 5.1.0.41 for Windows Python 2.7.3 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Shredder Skype™ 5.10 Times Reader Tixati Torchlight TunnelBear 1.0.32 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Virtual Villagers 5 - New Believers VLC media player 2.0.1 Webinaria 2.0 WebTablet FB Plugin WebTablet IE Plugin WebTablet Netscape Plugin Welcome Center WildTangent Games App (Acer Games) Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Movie Maker 2.6 Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 9/19/2012 7:09:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DsiWMIService service. 9/18/2012 8:48:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServicePen service. 9/15/2012 9:45:07 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TabletServicePen service. . ==== End Of File ===========================
  8. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Log from dds.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1 Run by Lady Manson at 13:22:53 on 2012-09-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3563.1535 [GMT -5:00] . AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k RPCSS C:Windowssystem32atiesrxx.exe C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32atieclxx.exe C:Program FilesTabletPenPen_TouchService.exe C:WindowsSYSTEM32WISPTIS.EXE C:Windowssystem32svchost.exe -k NetworkService C:WindowsSYSTEM32WISPTIS.EXE C:Program FilesCommon Filesmicrosoft sharedinkTabTip.exe C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:Program FilesAVAST SoftwareAvastafwServ.exe C:Program FilesTabletPenPen_TouchUser.exe C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32taskhost.exe C:Windowssystem32Dwm.exe C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe C:Program FilesBonjourmDNSResponder.exe C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe C:Program Files (x86)Launch Managerdsiwmis.exe C:Program FilesAcerAcer ePower ManagementePowerSvc.exe C:Program Files (x86)Launch ManagerLMworker.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program Files (x86)AcerRegistrationGREGsvc.exe C:WindowsExplorer.EXE C:Program FilesMicrosoft KinectServiceKinectManagementService.exe C:Program FilesAcerAcer UpdaterUpdaterService.exe C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe C:Program Files (x86)Launch ManagerLMutilps32.exe C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe C:Windowssystem32svchost.exe -k imgsvc C:Program FilesTabletPenPen_Tablet.exe C:WindowsSystem32rundll32.exe C:Program FilesTabletPenPen_TabletUser.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Program FilesTabletPenPen_Tablet.exe C:Program FilesElantechETDCtrl.exe C:Program FilesAcerAcer ePower ManagementePowerTray.exe C:Windowssystem32taskeng.exe C:Program Files (x86)Acerclear.fiMVPclear.fiAgent.exe C:Program FilesRealtekAudioHDARAVCpl64.exe C:Program FilesElantechETDCtrlHelper.exe C:Program FilesRealtekAudioHDARAVBg64.exe C:Program Files (x86)uTorrentuTorrent.exe C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe C:Windowssystem32SearchIndexer.exe C:Program Files (x86)Acerclear.fiMVP.KernelDMRDMREngine.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:Program Files (x86)Launch ManagerLManager.exe C:Windowssystem32wbemunsecapp.exe C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe C:Windowssystem32wbemwmiprvse.exe C:Dolby PCEE4pcee4.exe C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Program Files (x86)Launch ManagerMMDx64Fx.exe C:Program Files (x86)BabylonBabylon-ProBabylon.exe C:Program Files (x86)iTunesiTunesHelper.exe C:Program FilesAcerAcer ePower ManagementePowerEvent.exe C:Program FilesiPodbiniPodService.exe C:Program FilesBabylonBabylon-ProBabylonhelper64.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:Windowssystem32taskeng.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program FilesCommon FilesMicrosoft SharedInkInputPersonalization.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:UsersLady MansonAppDataLocalGoogleChromeApplicationchrome.exe C:Windowssystem32taskhost.exe C:WindowsSysWOW64ctfmon.exe C:Program FilesCommon Filesmicrosoft sharedinkTabTip.exe C:WindowsSystem32svchost.exe -k WerSvcGroup C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32SearchProtocolHost.exe C:Windowssystem32SearchFilterHost.exe C:Windowssystem32DllHost.exe C:Windowssystem32DllHost.exe C:WindowsSysWOW64cmd.exe C:Windowssystem32conhost.exe C:WindowsSysWOW64cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://acer.msn.com uDefault_Page_URL = hxxp://acer.msn.com mDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://acer.msn.com uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:Program Files (x86)CanonEasy-WebPrint EXewpexbho.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - C:Program Files (x86)BabylonBabylon-ProUtilsBabylonIEPI.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:Program Files (x86)CanonEasy-WebPrint EXewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:Program Files (x86)CanonEasy-WebPrint EXewpexhlp.dll uRun: [Google Update] "C:UsersLady MansonAppDataLocalGoogleUpdateGoogleUpdate.exe" /c uRun: [uTorrent] "C:Program Files (x86)uTorrentuTorrent.exe" /MINIMIZED uRun: [DAEMON Tools Lite] "C:Program Files (x86)DAEMON Tools LiteDTLite.exe" -autorun uRun: [Facebook Update] "C:UsersLady MansonAppDataLocalFacebookUpdateFacebookUpdate.exe" /c /nocrashserver mRun: [suiteTray] "C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe" mRun: [Norton Online Backup] C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe mRun: [backupManagerTray] "C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe" -h -k mRun: [LManager] C:Program Files (x86)Launch ManagerLManager.exe mRun: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun mRun: [ArcadeMovieService] "C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe" mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" mRun: [Dolby Advanced Audio v2] "C:Dolby PCEE4pcee4.exe" -autostart mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun: [babylon Client] C:Program Files (x86)BabylonBabylon-ProBabylon.exe -AutoStart mRun: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe" dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:PROGRA~2MICROS~4OFFICE11EXCEL.EXE/3000 IE: Translate this web page with Babylon - C:Program Files (x86)BabylonBabylon-ProUtilsBabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - C:Program Files (x86)BabylonBabylon-ProUtilsBabylonIEPI.dll/Action.htm IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:Program Files (x86)BabylonBabylon-ProUtilsBabylonIEPI.dll/ActionTU.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:PROGRA~2MICROS~4OFFICE11REFIEBAR.DLL TCP: DhcpNameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces{60BB8835-2F39-41E6-B233-C47D90C9B0BB} : DhcpNameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces{9873C273-04C3-4FF3-ABD5-345628476260} : DhcpNameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces{9873C273-04C3-4FF3-ABD5-345628476260}D697177756374743238383 : DhcpNameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces{9873C273-04C3-4FF3-ABD5-345628476260}E4564777F627B602E416D656F30275869702E6F64702A5F6964626562776F3 : DhcpNameServer = 192.168.0.1 205.171.3.25 TCP: Interfaces{DC1A4E10-CEC0-482B-B0DE-C815413B7E2F} : DhcpNameServer = 8.8.8.8 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:Program Files (x86)CanonEasy-WebPrint EXewpexbho.dll BHO-X64: Canon Easy-WebPrint EX BHO - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO-X64: Babylon IE plugin: {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:Program Files (x86)BabylonBabylon-ProUtilsBabylonIEPI.dll BHO-X64: Babylon IE plugin - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:Program Files (x86)CanonEasy-WebPrint EXewpexhlp.dll EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File mRun-x64: [suiteTray] "C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe" mRun-x64: [Norton Online Backup] C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe mRun-x64: [backupManagerTray] "C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe" -h -k mRun-x64: [LManager] C:Program Files (x86)Launch ManagerLManager.exe mRun-x64: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun mRun-x64: [ArcadeMovieService] "C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe" mRun-x64: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" mRun-x64: [Dolby Advanced Audio v2] "C:Dolby PCEE4pcee4.exe" -autostart mRun-x64: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" mRun-x64: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun-x64: [babylon Client] C:Program Files (x86)BabylonBabylon-ProBabylon.exe -AutoStart mRun-x64: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe" IE-X64: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:Program Files (x86)BabylonBabylon-ProUtilsBabylonIEPI.dll/ActionTU.htm . ============= SERVICES / DRIVERS =============== . R0 aswNdis;avast! Firewall NDIS Filter Service;C:Windowssystem32DRIVERSaswNdis.sys --> C:Windowssystem32DRIVERSaswNdis.sys [?] R0 aswNdis2;avast! Firewall Core Firewall Service;C:Windowssystem32driversaswNdis2.sys --> C:Windowssystem32driversaswNdis2.sys [?] R1 aswFW;avast! TDI Firewall driver;C:Windowssystem32driversaswFW.sys --> C:Windowssystem32driversaswFW.sys [?] R1 aswKbd;aswKbd;C:Windowssystem32driversaswKbd.sys --> C:Windowssystem32driversaswKbd.sys [?] R1 aswSnx;aswSnx;C:Windowssystem32driversaswSnx.sys --> C:Windowssystem32driversaswSnx.sys [?] R1 aswSP;aswSP;C:Windowssystem32driversaswSP.sys --> C:Windowssystem32driversaswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:Windowssystem32DRIVERSdtsoftbus01.sys --> C:Windowssystem32DRIVERSdtsoftbus01.sys [?] R1 mwlPSDFilter;mwlPSDFilter;C:Windowssystem32DRIVERSmwlPSDFilter.sys --> C:Windowssystem32DRIVERSmwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:Windowssystem32DRIVERSmwlPSDNServ.sys --> C:Windowssystem32DRIVERSmwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:Windowssystem32DRIVERSmwlPSDVDisk.sys --> C:Windowssystem32DRIVERSmwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:Windowssystem32DRIVERSvwififlt.sys --> C:Windowssystem32DRIVERSvwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:Windowssystem32atiesrxx.exe --> C:Windowssystem32atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:Windowssystem32driversaswFsBlk.sys --> C:Windowssystem32driversaswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;??C:Windowssystem32driversaswMonFlt.sys --> C:Windowssystem32driversaswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-8-26 44808] R2 avast! Firewall;avast! Firewall;C:Program FilesAVAST SoftwareAvastafwServ.exe [2012-8-26 133912] R2 DsiWMIService;Dritek WMI Service;C:Program Files (x86)Launch Managerdsiwmis.exe [2011-8-12 353360] R2 ePowerSvc;ePower Service;C:Program FilesAcerAcer ePower ManagementePowerSvc.exe [2012-5-22 872552] R2 GREGService;GREGService;C:Program Files (x86)AcerRegistrationGREGsvc.exe [2011-5-29 36456] R2 KinectManagement;Kinect Management;C:Program FilesMicrosoft KinectServiceKinectManagementService.exe [2012-1-11 161048] R2 Live Updater Service;Live Updater Service;C:Program FilesAcerAcer UpdaterUpdaterService.exe [2011-8-12 244624] R2 NOBU;Norton Online Backup;C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe [2010-6-1 2804568] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe [2011-4-23 256832] R2 TabletServicePen;TabletServicePen;C:Program FilesTabletPenPen_Tablet.exe [2012-5-31 6583160] R2 TouchServicePen;Wacom Consumer Touch Service;C:Program FilesTabletPenPen_TouchService.exe [2012-5-31 528760] R3 amdkmdag;amdkmdag;C:Windowssystem32DRIVERSatikmdag.sys --> C:Windowssystem32DRIVERSatikmdag.sys [?] R3 amdkmdap;amdkmdap;C:Windowssystem32DRIVERSatikmpag.sys --> C:Windowssystem32DRIVERSatikmpag.sys [?] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:Windowssystem32driversAtihdW76.sys --> C:Windowssystem32driversAtihdW76.sys [?] R3 ETD;ELAN PS/2 Port Input Device;C:Windowssystem32DRIVERSETD.sys --> C:Windowssystem32DRIVERSETD.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:Windowssystem32DRIVERSL1C62x64.sys --> C:Windowssystem32DRIVERSL1C62x64.sys [?] R3 usbfilter;AMD USB Filter Driver;C:Windowssystem32DRIVERSusbfilter.sys --> C:Windowssystem32DRIVERSusbfilter.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944] S3 EgisTec Ticket Service;EgisTec Ticket Service;C:Program Files (x86)Common FilesEgisTecServicesEgisTicketService.exe [2011-6-21 173424] S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072] S3 KinectCamera;Microsoft Kinect Camera Driver;C:Windowssystem32Driverskinectcamera.sys --> C:Windowssystem32Driverskinectcamera.sys [?] S3 psdrv3;PrimeSense Sensor Device Driver Service v3.x;C:Windowssystem32Driverspsdrv3.sys --> C:Windowssystem32Driverspsdrv3.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:Windowssystem32DriversRtsUStor.sys --> C:Windowssystem32DriversRtsUStor.sys [?] S3 TsUsbFlt;TsUsbFlt;C:Windowssystem32driverstsusbflt.sys --> C:Windowssystem32driverstsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:Windowssystem32driversTsUsbGD.sys --> C:Windowssystem32driversTsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:Windowssystem32Driversusbaapl64.sys --> C:Windowssystem32Driversusbaapl64.sys [?] S3 wacmoumonitor;Wacom Mode Helper;C:Windowssystem32DRIVERSwacmoumonitor.sys --> C:Windowssystem32DRIVERSwacmoumonitor.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:Windowssystem32WatWatAdminSvc.exe --> C:Windowssystem32WatWatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:Windowssystem32DRIVERSwdcsam64.sys --> C:Windowssystem32DRIVERSwdcsam64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-09-18 16:31:36 -------- d-----w- C:UsersLady Manson[ www.Torrenting.com ] - Resident.Evil.Damnation.2012.BDRiP.AC3-5.1.XviD-AXED 2012-09-18 10:10:25 69000 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{43B7FC73-D2B9-4532-81E1-B066642602CC}offreg.dll 2012-09-18 10:09:01 9310152 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{43B7FC73-D2B9-4532-81E1-B066642602CC}mpengine.dll 2012-09-12 15:54:43 950128 ----a-w- C:WindowsSystem32driversndis.sys 2012-09-12 15:54:43 41472 ----a-w- C:WindowsSystem32driversRNDISMP.sys 2012-09-12 15:54:40 574464 ----a-w- C:WindowsSystem32d3d10level9.dll 2012-09-12 15:54:39 490496 ----a-w- C:WindowsSysWow64d3d10level9.dll 2012-09-12 15:54:36 376688 ----a-w- C:WindowsSystem32driversnetio.sys 2012-09-12 15:54:36 1913200 ----a-w- C:WindowsSystem32driverstcpip.sys 2012-09-12 15:54:35 288624 ----a-w- C:WindowsSystem32driversFWPKCLNT.SYS 2012-09-08 17:59:06 -------- d-----w- C:Program Files (x86)Canon 2012-09-07 21:31:39 -------- d-----w- C:Program Files (x86)PrimeSense 2012-09-01 01:24:25 -------- d-----w- C:UsersLady MansonAppDataLocal{E690482A-2CBF-4033-97A4-5413E17050CB} 2012-08-30 00:36:45 -------- d-----w- C:UsersLady MansonSlave Maker 3.3 - Full Pack and MIA 2012-08-29 22:42:53 -------- d-----w- C:UsersLady MansonxKore (3 EP's) 2012-08-25 21:57:34 -------- d-----w- C:UsersLady MansonRat Race - 2001 (Dvdrip,Xvid) 2012-08-21 16:10:10 -------- d-----w- C:UsersLady MansonDaria . ==================== Find3M ==================== . 2012-09-07 22:04:46 25928 ----a-w- C:WindowsSystem32driversmbam.sys 2012-08-21 09:13:13 969200 ----a-w- C:WindowsSystem32driversaswSnx.sys 2012-08-21 09:13:12 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys 2012-08-21 09:13:12 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys 2012-08-21 09:13:12 266776 ----a-w- C:WindowsSystem32driversaswNdis2.sys 2012-08-21 09:13:11 19600 ----a-w- C:WindowsSystem32driversaswKbd.sys 2012-08-21 09:13:11 142128 ----a-w- C:WindowsSystem32driversaswFW.sys 2012-08-21 09:12:33 41224 ----a-w- C:WindowsavastSS.scr 2012-07-18 18:15:06 3148800 ----a-w- C:WindowsSystem32win32k.sys 2012-07-17 00:27:38 283200 ----a-w- C:WindowsSystem32driversdtsoftbus01.sys 2012-07-04 22:13:27 59392 ----a-w- C:WindowsSystem32browcli.dll 2012-07-04 22:13:27 136704 ----a-w- C:WindowsSystem32browser.dll 2012-07-04 21:14:34 41984 ----a-w- C:WindowsSysWow64browcli.dll 2012-06-29 03:56:34 2312704 ----a-w- C:WindowsSystem32jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:WindowsSystem32wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:WindowsSystem32ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:WindowsSystem32mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:WindowsSysWow64jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:WindowsSysWow64wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb . ============= FINISH: 13:24:49.99 ===============
  9. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Hi, I have a problem where my avast is going crazy telling me about a malicious url being blocked. The only thing I ran to see if I could stop it was Avast and Malwarebytes. It keeps happening. I started a thread in a different area and someone asked me to come here. Please help me, for now the thing is quiet but I know it will start being a pest again. I hate not taking care of it..One person told me to download DDS and followaprocess and then post here, but hvae no idea where to download DDS or the full name of the software for that matter. Please help
  10. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.09.17.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Lady Manson :: DEVIANT [administrator] 9/17/2012 8:32:25 PM mbam-log-2012-09-17 (20-32-25).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 206060 Time elapsed: 6 minute(s), 22 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:UsersPublicDesktopMP3 Downloader.lnk (Rogue.Link) -> Quarantined and deleted successfully. (end)
  11. Lenis M. Vega Lamberty

    URL Mal infection, please help

    Avast suddenly went crazy telling me it blocked some malicious site. I rana full scanand nothing was found. Ran a quick scan from Malware bites and only found one adware. Which I removed. I haven't done anything else. Please help me. Running Win 7 64
×