Results 1 to 3 of 3

Thread: Regarding Tool Bar Proxy

  1. #1
    Junior Member
    Join Date
    Apr 2014
    Posts
    3

    Post Regarding Tool Bar Proxy

    Any assistant with this scan report?

    SpyBot free edition.
    version 2.2.18.0
    update 2.2.18.91

    ------------------------------------------------------------------------------------/
    Search results from Spybot - Search & Destroy

    4/23/2014 2:30:03 PM
    Scan took 00:50:19.
    21 items found.

    Tencent.AdressBar: [SBI $58261404] Program directory (Directory, nothing done)
    C:\Program Files\Tencent\
    Directory.subfile=C:\Program Files\Tencent\QQIntl\.~lock.QQWhatsnew.txt#
    Directory.subfile.size=91
    Directory.subfile.md5=E82A032FF69C42B6C710195E7A5C7949
    Directory.subfile.filedate=1393100710
    Directory.subfile.filedatetext=2014-02-22 22:25:10
    Directory.subfile=C:\Program Files\Tencent\QQIntl\af.xml.txd
    Directory.subfile.size=91220
    Directory.subfile.md5=03FA5681DD786121C48F8A376603528C
    Directory.subfile.filedate=1393100510
    Directory.subfile.filedatetext=2014-02-22 22:21:50
    Directory.subfile=C:\Program Files\Tencent\QQIntl\app.xml.txd
    Directory.subfile.size=414100
    Directory.subfile.md5=CD099B3C03426EEA720B1DC4A71B7D96
    Directory.subfile.filedate=1393100511
    Directory.subfile.filedatetext=2014-02-22 22:21:50
    Directory.subfile=C:\Program Files\Tencent\QQIntl\common.xml.txd
    Directory.subfile.md5=EEA8272955F65BF4B0493C88F491EB9F

    Files\Tencent\QQIntl\I18N\1036\AFPreLoadStringBundle.xml
    Directory.subfile.size=466
    Directory.subfile.md5=1BD8BC24D5CB1CB66A4F0C630028923B
    Directory.subfile.filedate=1393100473
    Directory.subfile.filedatetext=2014-02-22 22:21:12
    Directory.subfile=C:\Program Files\Tencent\QQIntl\I18N\1036\AFStringBundle.xml
    Directory.subfile.size=79696
    Directory.subfile.md5=3532D7828A6C613A1B30F98EBAC2FE34
    Directory.subfile.filedate=1393100473
    Directory.subfile.filedatetext=2014-02-22 22:21:13
    Directory.subfile=C:\Program Files\Tencent\QQIntl\I18N\1036\BaseStringBundle.xml
    Directory.subfile.size=21770
    Directory.subfile.md5=C48BD216D73E17D11839E1187A4CC406
    Directory.subfile.filedate=1393100474
    Directory.subfile.filedatetext=2014-02-22 22:21:13
    Directory.subfile=C:\Program Files\Tencent\QQIntl\I18N\1036\BaseUrlBundle.xml.enc
    Directory.subfile.size=5112
    Directory.subfile.md5=EDD511417EACBA679578942C655E4270
    Directory.subfile.filedate=1393100492
    Directory.subfile.filedatetext=2014-02-22 22:21:31
    Directory.subfile=C:\Program Files\Tencent\QQIntl\I18N\1036\CommonString.xml
    Directory.subfile.size=1129
    Directory.subfile.md5=F61A00513ABB8F73C9921544BE4D1BA9
    Directory.subfile.filedate=1393100474
    Directory.subfile.filedatetext=2014-02-22 22:21:13
    Directory.subfile=C:\Program Directory.subfile.size=513
    Directory.subfile.md5=03850FC0FA789AB4B2ECF2F08F908784
    Directory.subfile.filedate=1393100415
    Directory.subfile.filedatetext=2014-02-22 22:20:15
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\5\1
    Directory.subfile.size=4775
    Directory.subfile.md5=0E4CA7E3FD77D2E12FCBFD61B9EF7EB9
    Directory.subfile.filedate=1393100416
    Directory.subfile.filedatetext=2014-02-22 22:20:16
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\5\2
    Directory.subfile.size=974
    Directory.subfile.md5=13D8A695C9CF6680B970F61497E1F85C
    Directory.subfile.filedate=1393100438
    Directory.subfile.filedatetext=2014-02-22 22:20:38
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\1
    Directory.subfile.size=1849
    Directory.subfile.md5=C035D876922C3EA791D6AFF4071442D0
    Directory.subfile.filedate=1393100423
    Directory.subfile.filedatetext=2014-02-22 22:20:22
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\10
    Directory.subfile.size=843
    Directory.subfile.md5=3E92B4368D5488D1C99BDB42AEF03DDC
    Directory.subfile.filedate=1393100429
    Directory.subfile.filedatetext=2014-02-22 22:20:29
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\11
    Directory.subfile.size=366
    Directory.subfile.md5=17F130F45BD0C026C625F71206D7F3B3
    Directory.subfile.filedate=1393100430
    Directory.subfile.filedatetext=2014-02-22 22:20:29
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\13
    Directory.subfile.size=459
    Directory.subfile.md5=499632B3BC17ACE4E768AEE2CCDD7066
    Directory.subfile.filedate=1393100430
    Directory.subfile.filedatetext=2014-02-22 22:20:30
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\14
    Directory.subfile.size=1002
    Directory.subfile.md5=E357511C4F7ACEA204E785461ED67B1A
    Directory.subfile.filedate=1393100431
    Directory.subfile.filedatetext=2014-02-22 22:20:30
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\15
    Directory.subfile.size=450
    Directory.subfile.md5=3A7BE6D9BEE4C7B582FD22FBD54AC27F
    Directory.subfile.filedate=1393100433
    Directory.subfile.filedatetext=2014-02-22 22:20:33
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\16
    Directory.subfile.size=3043
    Directory.subfile.md5=4F790AD4253FB91B494D6FFE98E2DA5D
    Directory.subfile.filedate=1393100434
    Directory.subfile.filedatetext=2014-02-22 22:20:34
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\17
    Directory.subfile.size=5414
    Directory.subfile.md5=A1533AC0F07BEB8DAC2664301DC03D0D
    Directory.subfile.filedate=1393100435
    Directory.subfile.filedatetext=2014-02-22 22:20:34
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\18
    Directory.subfile.size=2124
    Directory.subfile.md5=6A95E82E939CEC7B3FF31D7A8F13BAD6
    Directory.subfile.filedate=1393100436
    Directory.subfile.filedatetext=2014-02-22 22:20:36
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\2
    Directory.subfile.size=2036
    Directory.subfile.md5=C880F9EA9E1488C9FDF9B83B8CE344C5
    Directory.subfile.filedate=1393100439
    Directory.subfile.filedatetext=2014-02-22 22:20:38
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\20
    Directory.subfile.size=3801
    Directory.subfile.md5=C934224C32A432E582E5C9021F1980B5
    Directory.subfile.filedate=1393100442
    Directory.subfile.filedatetext=2014-02-22 22:20:41
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\3
    Directory.subfile.size=1717
    Directory.subfile.md5=6C75582C33C4484A62942117B07D49ED
    Directory.subfile.filedate=1393100443
    Directory.subfile.filedatetext=2014-02-22 22:20:43
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\5
    Directory.subfile.size=8166
    Directory.subfile.md5=E6362DD0D29F6A8090C72C9B52145FC7
    Directory.subfile.filedate=1393100447
    Directory.subfile.filedatetext=2014-02-22 22:20:46
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\7\6
    Directory.subfile.size=1578
    Directory.subfile.md5=687971C991F573EB6A546C48006E14DD
    Directory.subfile.filedate=1393100448
    Directory.subfile.filedatetext=2014-02-22 22:20:48
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\1
    Directory.subfile.size=4366
    Directory.subfile.md5=3DA5E010C9FC69F5D769D99B41ED45A1
    Directory.subfile.filedate=1393100423
    Directory.subfile.filedatetext=2014-02-22 22:20:23
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\3
    Directory.subfile.size=2612
    Directory.subfile.md5=BFEC212C3DA90F85D7EB8F8BF0D48010
    Directory.subfile.filedate=1393100443
    Directory.subfile.filedatetext=2014-02-22 22:20:43
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\4
    Directory.subfile.size=1859
    Directory.subfile.md5=6588864D4859821379DDEB8E55760F26
    Directory.subfile.filedate=1393100445
    Directory.subfile.filedatetext=2014-02-22 22:20:44
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\5
    Directory.subfile.size=4340
    Directory.subfile.md5=AFB8C201CD0724923A4569EFF2C7CE9F
    Directory.subfile.filedate=1393100447
    Directory.subfile.filedatetext=2014-02-22 22:20:46
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\8\6
    Directory.subfile.size=4906
    Directory.subfile.md5=4A8B4C9CE53B437BA73CA9360CFB9946
    Directory.subfile.filedate=1393100448
    Directory.subfile.filedatetext=2014-02-22 22:20:48
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\1
    Directory.subfile.size=257
    Directory.subfile.md5=76B6FFD0C9DFF333829D492D4614F65F
    Directory.subfile.filedate=1393100423
    Directory.subfile.filedatetext=2014-02-22 22:20:23
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\10
    Directory.subfile.size=236
    Directory.subfile.md5=E4171D2D6819CA0C1360EEF5527F7B81
    Directory.subfile.filedate=1393100429
    Directory.subfile.filedatetext=2014-02-22 22:20:29
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\12
    Directory.subfile.size=296
    Directory.subfile.md5=E14B63C43BE5A7D43AE3A2C4BFABEB34
    Directory.subfile.filedate=1393100430
    Directory.subfile.filedatetext=2014-02-22 22:20:30
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\13
    Directory.subfile.size=14578
    Directory.subfile.md5=AAE8882987F87A8256773CDA28D484B1
    Directory.subfile.filedate=1393100430
    Directory.subfile.filedatetext=2014-02-22 22:20:30
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\15
    Directory.subfile.size=1124
    Directory.subfile.md5=F59FC0772E396C6DAB6C46F1D7A6B33C
    Directory.subfile.filedate=1393100434
    Directory.subfile.filedatetext=2014-02-22 22:20:33
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\17
    Directory.subfile.size=1901
    Directory.subfile.md5=515FDE8445C527C2A8FE83C6A9D5F491
    Directory.subfile.filedate=1393100435
    Directory.subfile.filedatetext=2014-02-22 22:20:34
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\18
    Directory.subfile.size=15059
    Directory.subfile.md5=3B8DADD64280E7735B9AD1387EE14047
    Directory.subfile.filedate=1393100436
    Directory.subfile.filedatetext=2014-02-22 22:20:36
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\19
    Directory.subfile.size=13952
    Directory.subfile.md5=3C2D8B884250DE0BFABB6AC44832E9DF
    Directory.subfile.filedate=1393100437
    Directory.subfile.filedatetext=2014-02-22 22:20:37
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\3
    Directory.subfile.size=290
    Directory.subfile.md5=9DBC5012509C946799C0699C3B98748D
    Directory.subfile.filedate=1393100443
    Directory.subfile.filedatetext=2014-02-22 22:20:43
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\4
    Directory.subfile.size=752
    Directory.subfile.md5=2F69CEF1A630B89ED45E8F67CF4A1664
    Directory.subfile.filedate=1393100446
    Directory.subfile.filedatetext=2014-02-22 22:20:45
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\5
    Directory.subfile.size=3206
    Directory.subfile.md5=B296E34D1BEB8E3B40C60D5791EA93B4
    Directory.subfile.filedate=1393100447
    Directory.subfile.filedatetext=2014-02-22 22:20:47
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\6
    Directory.subfile.size=6292
    Directory.subfile.md5=DB5CD7B839589D01060BF7CA897665C4
    Directory.subfile.filedate=1393100449
    Directory.subfile.filedatetext=2014-02-22 22:20:48
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\7
    Directory.subfile.size=411
    Directory.subfile.md5=38AE07BF922AA677AD2280693AA765D2
    Directory.subfile.filedate=1393100450
    Directory.subfile.filedatetext=2014-02-22 22:20:49
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\8
    Directory.subfile.size=332
    Directory.subfile.md5=4C3CD33BDB57140876A0FE32731D2E7E
    Directory.subfile.filedate=1393100451
    Directory.subfile.filedatetext=2014-02-22 22:20:50
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1033\9\9
    Directory.subfile.size=1312
    Directory.subfile.md5=F2DD620D74636B025AD1F133CDB79E02
    Directory.subfile.filedate=1393100452
    Directory.subfile.filedatetext=2014-02-22 22:20:52
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1\3
    Directory.subfile.size=1992
    Directory.subfile.md5=A91DA3DDF5BBF9E8C9B7976CB831A168
    Directory.subfile.filedate=1393100443
    Directory.subfile.filedatetext=2014-02-22 22:20:43
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1\5
    Directory.subfile.size=1174
    Directory.subfile.md5=C49E8349EF65B024E865ABD0A56CA0F0
    Directory.subfile.filedate=1393100447
    Directory.subfile.filedatetext=2014-02-22 22:20:46
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\1\7
    Directory.subfile.size=1011
    Directory.subfile.md5=D3E14514760956D3536F87CC7AF74A76
    Directory.subfile.filedate=1393100450
    Directory.subfile.filedatetext=2014-02-22 22:20:49
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Misc\CSC\1036\10\1
    Directory.subfile.size=4140
    Directory.subfile.md5=7DB2978E940D766AA89C1F31D730AAF2
    Directory.subfile.filedate=1393100423
    Directory.subfile.filedatetext=2014-02-22 22:20:23
    Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\StringState.xml
    Directory.subfile.size=215
    Directory.subfile.md5=BA18F637E7A8EF8D67B25385DED57661
    Directory.subfile.filedate=1393100479
    Directory.subfile.filedatetext=2014-02-22 22:21:18
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\Xtml\flashplayerwnd.xml.gmd
    Directory.subfile.size=3007
    Directory.subfile.md5=1D0F6F4E11B91464876D95C8F5C886B9
    Directory.subfile.filedate=1393100494
    Directory.subfile.filedatetext=2014-02-22 22:21:33
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\blog
    Directory.subfile.size=39752
    Directory.subfile.md5=479096D2887F5E8EEBB7FD6FA1077A57
    Directory.subfile.filedate=1393100453
    Directory.subfile.filedatetext=2014-02-22 22:20:53
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\common
    Directory.subfile.size=438464
    Directory.subfile.md5=0984C73320D7838E4B9601B05E3BF4C9
    Directory.subfile.filedate=1393100456
    Directory.subfile.filedatetext=2014-02-22 22:20:55
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\notepad
    Directory.subfile.size=43475
    Directory.subfile.md5=3C22C028B5CD1B9132F2A486790CBCF2
    Directory.subfile.filedate=1393100461
    Directory.subfile.filedatetext=2014-02-22 22:21:00
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\Misc\qzonepackage\photo
    Directory.subfile.size=38289
    Directory.subfile.md5=CBBD1AF828427A69FC5FD4CF4586A8B5
    Directory.subfile.filedate=1393100463
    Directory.subfile.filedatetext=2014-02-22 22:21:02
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1028\GFStringBundle.xml
    Directory.subfile.size=3022
    Directory.subfile.md5=BA88DD8B4F799EDF6AD7ED53020DE1D7
    Directory.subfile.filedate=1393100475
    Directory.subfile.filedatetext=2014-02-22 22:21:14
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1028\StringBundle.xml
    Directory.subfile.size=89
    Directory.subfile.md5=A2B4649D5C354179CFE3218568B146CF
    Directory.subfile.filedate=1393100478
    Directory.subfile.filedatetext=2014-02-22 22:21:17
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1033\GFStringBundle.xml
    Directory.subfile.size=2911
    Directory.subfile.md5=196CA1B1FF74C7277AD7E779D338CD6F
    Directory.subfile.filedate=1393100475
    Directory.subfile.filedatetext=2014-02-22 22:21:15
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\1033\StringBundle.xml
    Directory.subfile.size=89
    Directory.subfile.md5=A2B4649D5C354179CFE3218568B146CF
    Directory.subfile.filedate=1393100478
    Directory.subfile.filedatetext=2014-02-22 22:21:17
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\2052\GFStringBundle.xml
    Directory.subfile.size=3118
    Directory.subfile.md5=BDEE84E4F73C6B38D0C2E616776B3C7F
    Directory.subfile.filedate=1393100475
    Directory.subfile.filedatetext=2014-02-22 22:21:15
    Directory.subfile=C:\Program Files\Tencent\QQIntl\Plugin\Com.Tencent.Qzone\FlashPlayer\I18N\2052\StringBundle.xml
    Directory.subfile.size=183
    Directory.subfile.md5=50B11DFAE4946AE4580CF59EC4356E53
    Directory.subfile.filedate=1393100478
    Directory.subfile.filedatetext=2014-02-22 22:21:17

    IronInstall.Toolbar.Amazon: [SBI $3146A941] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AlxTB2.ToolBarProxy

    IronInstall.Toolbar.Amazon: [SBI $3146A941] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1

    IronInstall.Toolbar.Amazon: [SBI $3146A941] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1

    IronInstall.Toolbar.Amazon: [SBI $3146A941] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AlxTB2.ToolBarProxy

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Alan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LYV92WZY\kiks.yandex.ru\fuid01.sol
    Properties.size=188
    Properties.md5=CC6B224275AF31EDB8D61CBBCCBB1834
    Properties.filedate=1398198561
    Properties.filedatetext=2014-04-22 22:29:21

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Alan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LYV92WZY\s.ytimg.com\soundData.sol
    Properties.size=49
    Properties.md5=874FA172BA034A513BA28A20F7E85E79
    Properties.filedate=1398123815
    Properties.filedatetext=2014-04-22 01:43:35

    Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
    C:\Users\Alan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LYV92WZY\skype.com\#ui\preferences.sol
    Properties.size=216
    Properties.md5=00EB036FA11C6A8F6A6D99DFFC2F6FF7
    Properties.filedate=1398108573
    Properties.filedatetext=2014-04-21 21:29:32

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-2539571941-1062829864-63335017-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2539571941-1062829864-63335017-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2539571941-1062829864-63335017-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2539571941-1062829864-63335017-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-2539571941-1062829864-63335017-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (48) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (20) (Browser: History, nothing done)


    History: [SBI $49804B54] Browser: History (35) (Browser: History, nothing done)



    --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

    2013-09-20 blindman.exe (2.2.18.151)
    2013-09-20 explorer.exe (2.2.18.177)
    2013-09-20 SDBootCD.exe (2.2.18.109)
    2013-09-20 SDCleaner.exe (2.2.18.110)
    2013-09-20 SDDelFile.exe (2.2.18.94)
    2013-06-18 SDDisableProxy.exe
    2013-09-20 SDFiles.exe (2.2.18.135)
    2013-09-20 SDFileScanHelper.exe (2.2.16.1)
    2013-10-15 SDFSSvc.exe (2.2.25.211)
    2013-10-10 SDHookHelper.exe (2.3.30.2)
    2013-10-10 SDHookInst32.exe (2.3.30.2)
    2013-09-20 SDImmunize.exe (2.2.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-10-14 SDOnAccess.exe (2.2.25.4)
    2013-09-20 SDPESetup.exe (2.2.18.3)
    2013-09-20 SDPEStart.exe (2.2.18.86)
    2013-09-20 SDPhoneScan.exe (2.2.18.28)
    2013-09-20 SDPRE.exe (2.2.18.22)
    2013-09-20 SDPrepPos.exe (2.2.18.10)
    2013-09-20 SDQuarantine.exe (2.2.18.103)
    2013-09-20 SDRootAlyzer.exe (2.2.18.116)
    2013-09-20 SDSBIEdit.exe (2.2.18.39)
    2013-09-20 SDScan.exe (2.2.18.177)
    2013-09-20 SDScript.exe (2.2.18.53)
    2013-10-15 SDSettings.exe (2.2.25.138)
    2013-09-20 SDShell.exe (2.2.18.2)
    2013-09-20 SDShred.exe (2.2.18.107)
    2013-09-20 SDSysRepair.exe (2.2.18.101)
    2013-09-20 SDTools.exe (2.2.18.150)
    2013-07-25 SDTray.exe (2.1.21.129)
    2013-09-20 SDUpdate.exe (2.2.18.91)
    2013-09-20 SDUpdSvc.exe (2.2.18.76)
    2013-09-20 SDWelcome.exe (2.2.21.129)
    2013-09-13 SDWSCSvc.exe (2.2.22.2)
    2013-06-19 spybotsd2-translation-frx.exe
    2014-01-29 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
    2013-10-10 SDHook32.dll (2.3.30.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2014-03-05 Includes\Adware-000.sbi (*)
    2014-01-08 Includes\Adware-001.sbi (*)
    2014-04-10 Includes\Adware-C.sbi (*)
    2014-01-13 Includes\Adware.sbi (*)
    2014-01-13 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2014-01-08 Includes\Dialer-000.sbi (*)
    2014-01-08 Includes\Dialer-001.sbi (*)
    2014-01-08 Includes\Dialer-C.sbi (*)
    2014-01-13 Includes\Dialer.sbi (*)
    2014-01-13 Includes\DialerC.sbi (*)
    2014-01-09 Includes\Fraud-000.sbi (*)
    2014-01-09 Includes\Fraud-001.sbi (*)
    2014-03-31 Includes\Fraud-002.sbi (*)
    2014-01-09 Includes\Fraud-003.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2014-01-08 Includes\Hijackers-000.sbi (*)
    2014-01-08 Includes\Hijackers-001.sbi (*)
    2014-01-08 Includes\Hijackers-C.sbi (*)
    2014-01-13 Includes\Hijackers.sbi (*)
    2014-01-13 Includes\HijackersC.sbi (*)
    2014-01-08 Includes\iPhone-000.sbi (*)
    2014-01-08 Includes\iPhone.sbi (*)
    2014-01-08 Includes\Keyloggers-000.sbi (*)
    2014-03-19 Includes\Keyloggers-C.sbi (*)
    2014-01-13 Includes\Keyloggers.sbi (*)
    2014-01-13 Includes\KeyloggersC.sbi (*)
    2014-01-09 Includes\Malware-001.sbi (*)
    2014-01-09 Includes\Malware-002.sbi (*)
    2014-02-05 Includes\Malware-003.sbi (*)
    2014-01-28 Includes\Malware-004.sbi (*)
    2014-01-09 Includes\Malware-005.sbi (*)
    2014-02-26 Includes\Malware-006.sbi (*)
    2014-01-09 Includes\Malware-007.sbi (*)
    2014-04-10 Includes\Malware-C.sbi (*)
    2014-01-13 Includes\Malware.sbi (*)
    2013-12-23 Includes\MalwareC.sbi (*)
    2014-01-15 Includes\PUPS-000.sbi (*)
    2014-01-15 Includes\PUPS-001.sbi (*)
    2014-01-15 Includes\PUPS-002.sbi (*)
    2014-04-10 Includes\PUPS-C.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2014-01-07 Includes\PUPSC.sbi (*)
    2014-01-08 Includes\Security-000.sbi (*)
    2014-01-08 Includes\Security-C.sbi (*)
    2014-01-21 Includes\Security.sbi (*)
    2014-01-21 Includes\SecurityC.sbi (*)
    2014-01-08 Includes\Spyware-000.sbi (*)
    2014-01-08 Includes\Spyware-001.sbi (*)
    2014-01-08 Includes\Spyware-C.sbi (*)
    2014-01-21 Includes\Spyware.sbi (*)
    2014-01-21 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2014-01-15 Includes\Trojans-000.sbi (*)
    2014-01-15 Includes\Trojans-001.sbi (*)
    2014-01-15 Includes\Trojans-002.sbi (*)
    2014-01-15 Includes\Trojans-003.sbi (*)
    2014-01-15 Includes\Trojans-004.sbi (*)
    2014-03-19 Includes\Trojans-005.sbi (*)
    2014-01-15 Includes\Trojans-006.sbi (*)
    2014-01-15 Includes\Trojans-007.sbi (*)
    2014-01-15 Includes\Trojans-008.sbi (*)
    2014-01-15 Includes\Trojans-009.sbi (*)
    2014-04-10 Includes\Trojans-C.sbi (*)
    2014-01-15 Includes\Trojans-OG-000.sbi (*)
    2014-01-15 Includes\Trojans-TD-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-001.sbi (*)
    2014-01-15 Includes\Trojans-VM-002.sbi (*)
    2014-01-15 Includes\Trojans-VM-003.sbi (*)
    2014-01-15 Includes\Trojans-VM-004.sbi (*)
    2014-01-15 Includes\Trojans-VM-005.sbi (*)
    2014-01-15 Includes\Trojans-VM-006.sbi (*)
    2014-01-15 Includes\Trojans-VM-007.sbi (*)
    2014-01-15 Includes\Trojans-VM-008.sbi (*)
    2014-01-15 Includes\Trojans-VM-009.sbi (*)
    2014-01-15 Includes\Trojans-VM-010.sbi (*)
    2014-01-15 Includes\Trojans-VM-011.sbi (*)
    2014-01-15 Includes\Trojans-VM-012.sbi (*)
    2014-01-15 Includes\Trojans-VM-013.sbi (*)
    2014-01-15 Includes\Trojans-VM-014.sbi (*)
    2014-01-15 Includes\Trojans-VM-015.sbi (*)
    2014-01-15 Includes\Trojans-VM-016.sbi (*)
    2014-01-15 Includes\Trojans-VM-017.sbi (*)
    2014-01-15 Includes\Trojans-VM-018.sbi (*)
    2014-01-15 Includes\Trojans-VM-019.sbi (*)
    2014-01-15 Includes\Trojans-VM-020.sbi (*)
    2014-01-15 Includes\Trojans-VM-021.sbi (*)
    2014-01-15 Includes\Trojans-VM-022.sbi (*)
    2014-01-15 Includes\Trojans-VM-023.sbi (*)
    2014-01-15 Includes\Trojans-VM-024.sbi (*)
    2014-01-15 Includes\Trojans-ZB-000.sbi (*)
    2014-01-15 Includes\Trojans-ZL-000.sbi (*)
    2014-01-09 Includes\Trojans.sbi (*)
    2014-01-16 Includes\TrojansC-01.sbi (*)
    2014-01-16 Includes\TrojansC-02.sbi (*)
    2014-01-16 Includes\TrojansC-03.sbi (*)
    2014-01-16 Includes\TrojansC-04.sbi (*)
    2014-01-16 Includes\TrojansC-05.sbi (*)
    2014-01-09 Includes\TrojansC.sbi (*)

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,731

    Default

    Hello aasalem,

    From my response to your original post in this thread: http://forums.spybot.info/showthread...370#post452370

    Quote Originally Posted by tashi View Post
    Hello aasalem,

    For someone to take a look at the system please start a topic in the Malware Removal Forum and a volunteer analyst will advise when available.

    First see that forum's FAQ which also includes instructions in post #2 on how to provide DDS and aswMBR logs, which are used in the preliminary analysis.
    http://forums.spybot.info/showthread.php?t=288

    Best regards.
    Please see this forum's FAQ and start a new topic providing the DDS and aswMBR logs.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Apr 2014
    Posts
    3

    Default DDS Log

    Today's Spybot scan did not find any (Macromedia.FlashPlayer.Cookies which use to come-up with every-day scan result. Please find below today's DDS log file.
    ---------------------------------------------------/
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16540 BrowserJavaVersion: 11.0.2
    Run by Alan at 13:42:14 on 2014-04-25
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.307 [GMT 2:00]
    .
    AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
    AV: Rising Antivirus *Enabled/Updated* {C0AEEC5C-BBDB-2745-3E22-21BEC65323A5}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    SP: Rising Antivirus *Enabled/Updated* {7BCF0DB8-9DE1-28CB-0492-1ACCBDD46918}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    C:\Windows\system32\nvvsvc.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Program Files\Rising\RSD\RsMgrSvc.exe
    C:\Program Files\Rising\RAV\RavMonD.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files\Hotspot Shield\bin\hsswd.exe
    C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    C:\ProgramData\MobileBrServ\mbbservice.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Glary Utilities 4\SoftwareUpdate.exe
    C:\Program Files\SlimDrivers\SlimDrivers.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Glary Utilities 4\Integrator.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files\Rising\RAV\RsTray.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Google\Google Talk\googletalk.exe
    C:\Program Files\Google\Drive\googledrivesync.exe
    C:\Program Files\Rising\RSD\popwndexe.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Users\Alan\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler.exe
    C:\Program Files\Google\Drive\googledrivesync.exe
    C:\Windows\system32\sdclt.exe
    C:\Program Files\Microsoft\BingBar\7.3.117.0\SeaPort.exe
    C:\Program Files\Maxthon\Bin\Maxthon.exe
    C:\Program Files\Maxthon\Bin\Maxthon.exe
    C:\Program Files\Maxthon\Bin\Maxthon.exe
    C:\Program Files\Maxthon\Bin\Maxthon.exe
    C:\Program Files\Maxthon\Bin\Maxthon.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Tencent\QQIntl\Bin\QQ.exe
    C:\Program Files\Tencent\QQIntl\Bin\TXPlatform.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Maxthon\Bin\Maxthon.exe
    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
    C:\Windows\explorer.exe
    C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Alan\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k SDRSVC
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://ar.hao123.com/?tn=sft_pay_hp_01_hao123_ar
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uDefault_Page_URL = hxxp://isearch.glarysoft.com/?src=iehome
    mStart Page = hxxp://isearch.glarysoft.com/?src=iehome
    mDefault_Page_URL = hxxp://isearch.glarysoft.com/?src=iehome
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.130\McAfeeMSS_IE.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\users\alan\desktop\php\htdocs\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Rising PC Doctor: {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - c:\windows\system32\UrlFilter.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
    BHO: TBSB05810 Class: {A7AF277D-1466-4A7B-93AF-B043984A5671} - c:\program files\glarysoft toolbar\tbcore3.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.3.117.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\users\alan\desktop\php\htdocs\bin\jp2ssv.dll
    BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
    BHO: CallingID BHO: {FBF2401B-7447-4727-BE5D-C19B2075CA84} - c:\program files\callingid\toolbar\CallingIDIE.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: CallingID: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - c:\program files\callingid\toolbar\CallingIDIE.dll
    TB: Glarysoft Toolbar: {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - c:\program files\glarysoft toolbar\tbcore3.dll
    TB: &Rising Toolbar: {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - c:\windows\system32\KakaTool.dll
    TB: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll
    TB: CallingID: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - c:\program files\callingid\toolbar\CallingIDIE.dll
    TB: Glarysoft Toolbar: {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - c:\program files\glarysoft toolbar\tbcore3.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\microsoft\bingbar\7.3.117.0\BingExt.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Google Update] "c:\users\alan\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    uRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostart
    uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
    uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
    uRun: [QQ2009] "c:\program files\tencent\qqintl\bin\QQ.exe" /background
    mRun: [RavTRAY] "c:\program files\rising\rav\RSTRAY.EXE" -system
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRunOnce: [KKDelay] c:\program files\rising\antispyware\RunOnce.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\instal~1.lnk - c:\program files\common files\lpuninstall.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = FF
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &NeoTrace It! - c:\progra~1\neotra~1\NTXcontext.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
    TCP: NameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{42FE6710-2FC3-49D9-8DD0-13683FC5546A} : NameServer = 8.8.8.8
    TCP: Interfaces\{42FE6710-2FC3-49D9-8DD0-13683FC5546A} : DHCPNameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{4DE5AC89-1E2B-4646-9D94-C2D26FBADA8A} : NameServer = 77.88.8.88
    TCP: Interfaces\{4DE5AC89-1E2B-4646-9D94-C2D26FBADA8A} : DHCPNameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{53796AF4-2832-4971-9043-C67B81BF6F59} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{53796AF4-2832-4971-9043-C67B81BF6F59} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{818B207C-E14F-4DC9-8CCB-005DD98502C3} : DHCPNameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{E0F4C49B-7481-4C90-99CC-B60896FE65C9} : DHCPNameServer = 192.168.0.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: SDWinLogon - SDWinLogon.dll
    AppInit_DLLs= kmon.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\alan\appdata\roaming\mozilla\firefox\profiles\27quhgwo.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://fastestwebsearch.com/search?q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - prefs.js: keyword.URL - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&gu=f0d3c5e3241949ec88d5b8969c8795cb&tu=10GA0006w2B000v&sku=&tstsId=&ver=&&q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files\common files\tencent\npchrome\npchrome.dll
    FF - plugin: c:\program files\common files\tencent\npqscall\npqscall.dll
    FF - plugin: c:\program files\common files\tencent\txsso\1.2.2.1\bin\npSSOAxCtrlForPTLogin.dll
    FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
    FF - plugin: c:\program files\mcafee security scan\3.8.130\npMcAfeeMSS.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
    FF - plugin: c:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\users\alan\appdata\local\citrix\plugins\104\npappdetector.dll
    FF - plugin: c:\users\alan\appdata\local\google\update\1.3.23.9\npGoogleUpdate3.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\np-mswmp.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npo1d.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\nppdf32.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\nppl3260.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin2.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin3.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin4.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin5.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin6.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\npqtplugin7.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\nprjplug.dll
    FF - plugin: c:\users\alan\appdata\roaming\mozilla\plugins\nprpplugin.dll
    FF - plugin: c:\users\alan\desktop\php\htdocs\bin\dtplugin\npdeployJava1.dll
    FF - plugin: c:\users\alan\desktop\php\htdocs\bin\plugin2\npjp2.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=f0d3c5e3241949ec88d5b8969c8795cb&tu=10GA0006w2B000v&sku=&tstsId=&ver=&&q=
    FF - user.js: extensions.zonealarm.id - ec7cbbb6000000000000001a73e36541
    FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
    FF - user.js: extensions.zonealarm.instlDay - 15770
    FF - user.js: extensions.zonealarm.vrsn - 1.8.11.6
    FF - user.js: extensions.zonealarm.vrsni - 1.8.11.6
    FF - user.js: extensions.zonealarm.vrsnTs - 1.8.11.618:37:27
    FF - user.js: extensions.zonealarm.prtnrId - checkpoint
    FF - user.js: extensions.zonealarm.prdct - zonealarm
    FF - user.js: extensions.zonealarm.aflt - 1002
    FF - user.js: extensions.zonealarm.smplGrp - none
    FF - user.js: extensions.zonealarm.tlbrId - base2013
    FF - user.js: extensions.zonealarm.instlRef - ZLN117102988549993-1002
    FF - user.js: extensions.zonealarm.dfltLng - en
    FF - user.js: extensions.zonealarm.excTlbr - false
    FF - user.js: extensions.zonealarm.ffxUnstlRst - false
    FF - user.js: extensions.zonealarm.admin - false
    FF - user.js: extensions.zonealarm.autoRvrt - false
    FF - user.js: extensions.zonealarm.rvrt - false
    FF - user.js: extensions.zonealarm.dfltSrch - true
    FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
    FF - user.js: extensions.zonealarm.kw_url - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&gu=f0d3c5e3241949ec88d5b8969c8795cb&tu=10GA0006w2B000v&sku=&tstsId=&ver=&&q=
    FF - user.js: extensions.zonealarm.dnsErr - true
    FF - user.js: extensions.zonealarm.newTab - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 BootDefragDriver;BootDefragDriver;c:\windows\system32\drivers\BootDefragDriver.sys [2014-2-10 14528]
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
    R0 pavboot;Panda Boot Driver;c:\windows\system32\drivers\pavboot.sys [2011-8-25 28552]
    R1 hooksys;hooksys;c:\windows\system32\drivers\Hooksys.sys [2011-9-9 176088]
    R1 HookTdi;HookTdi;c:\windows\system32\drivers\HookTdi.sys [2011-9-9 22848]
    R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-10-25 35592]
    R1 HyperVM;HyperVM;c:\windows\system32\drivers\hvm.sys [2011-9-9 31896]
    R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2011-8-28 3045688]
    R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
    R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-12-21 95384]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-1-25 92216]
    R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-10-25 389488]
    R2 IceDragonUpdater;COMODO IceDragon Update Service;c:\program files\comodo\icedragon\icedragon_updater.exe [2013-12-19 1821384]
    R2 KSS;Kaspersky Security Scan Service;c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe [2012-4-26 202296]
    R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\mobilebrserv\mbbService.exe [2014-1-19 233344]
    R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-21 104768]
    R2 rsdsys;rsd protect;c:\windows\system32\drivers\protreg.sys [2011-9-9 21208]
    R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.117.0\SeaPort.EXE [2013-11-10 240288]
    R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [2008-3-26 34128]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
    S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.117.0\BBSvc.EXE [2013-11-10 193696]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 PavPrSrv;Panda Process Protection Service;"c:\program files\common files\panda software\pavshld\pavprsrv.exe" --> c:\program files\common files\panda software\pavshld\pavprsrv.exe [?]
    S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2011-8-28 51632]
    S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2014-1-19 103040]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.130\McCHSvc.exe [2013-9-6 235216]
    S3 OXUDIDRV;OXUDIDRV;c:\windows\system32\drivers\OXUDIDRV_x32.sys [2011-7-22 24880]
    S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2013-3-9 20080]
    S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-12-26 13464]
    S4 M4-Service;M4-Service;c:\users\alan\appdata\roaming\mikogo 4\M4-Service.exe [2013-1-14 1008984]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: soffice.StarWriterDocument.6="c:\program files\libreoffice 4\program\swriter.exe" -o "%1" [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2014-04-12 22:38:43 -------- d-----w- c:\users\alan\appdata\local\NetBeans
    2014-04-12 22:38:42 -------- d-----w- c:\users\alan\appdata\roaming\NetBeans
    2014-04-12 13:32:45 -------- d-----w- c:\users\alan\.nbi
    2014-04-12 10:19:11 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{495db9d0-3305-4561-992c-3ce5518a7dc1}\mpengine.dll
    2014-04-10 14:39:01 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2014-04-10 13:34:13 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c54f4a0f-d07c-4ec7-a081-2026e106bc22}\gapaengine.dll
    2014-04-02 22:07:42 194552 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
    2014-04-02 22:07:41 119408 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
    2014-04-02 22:07:40 647280 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2014-04-02 22:07:36 53360 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2014-04-02 22:07:33 5779568 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
    2014-04-02 22:07:32 307824 ----a-w- c:\program files\mozilla firefox\freebl3.dll
    2014-04-02 22:07:31 275568 ----a-w- c:\program files\mozilla firefox\firefox.exe
    2014-04-02 22:07:30 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
    2014-04-02 22:07:28 117360 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
    2014-04-02 22:07:22 46704 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
    2014-04-02 22:07:21 75376 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
    2014-04-02 22:07:21 20080 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
    .
    ==================== Find3M ====================
    .
    2014-04-25 10:03:18 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
    2014-04-12 16:17:10 96664 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2014-02-23 05:47:19 1806848 ----a-w- c:\windows\system32\jscript9.dll
    2014-02-23 05:40:18 1129472 ----a-w- c:\windows\system32\wininet.dll
    2014-02-23 05:39:28 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2014-02-23 05:38:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2014-02-23 05:37:49 421376 ----a-w- c:\windows\system32\vbscript.dll
    2014-02-23 05:36:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2014-02-17 08:40:56 101664 ----a-w- c:\windows\system32\BootDefrag.exe
    2014-02-17 08:36:18 14528 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
    2014-02-07 10:38:44 2050560 ----a-w- c:\windows\system32\win32k.sys
    2014-02-03 10:37:54 505344 ----a-w- c:\windows\system32\qedit.dll
    2014-01-30 07:46:58 876032 ----a-w- c:\windows\system32\wer.dll
    2013-01-29 19:46:04 11004488 ----a-w- c:\program files\common files\lpuninstall.exe
    2012-07-16 06:58:22 44 ---h--w- c:\program files\789343a3.tmp
    .
    ============= FINISH: 13:47:17.47 ===============

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •