Solve : Unknown logon entries into my Yahoo account - any ideas?? – InterviewSolution

1.	Solve : Unknown logon entries into my Yahoo account - any ideas??
Answer» Was checking my yahoo log on entries and noticed a log on about a week ago from Pakistan. Also, tried to buy an itunes song and payment was rejected because "they do not allow payments from a foreign country"?? What gives? Something might be wrong here. I also have been getting IM messages from unknown people that arrive when I am logged off Yahoo . . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 5/8/2010 2:57:36 PM System Uptime: 4/13/2012 5:04:05 AM (12 hours ago) . Motherboard: ASUSTeK Computer INC. \| \| CM5571 Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz \| LGA775 \| 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 924 GiB total, 769.285 GiB free. D: is CDROM () G: is FIXED (NTFS) - 1397 GiB total, 566.681 GiB free. H: is FIXED (FAT32) - 466 GiB total, 268.387 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {a12a4c5a-e1a3-4151-9927-7f724ca5dc92} Description: Garmin USB GPS Device ID: ROOT\GARMIN_DEVICES\0000 Manufacturer: Garmin Name: Garmin USB GPS PNP Device ID: ROOT\GARMIN_DEVICES\0000 Service: grmnusb . ==== System Restore Points =================== . RP351: 4/1/2012 2:00:15 AM - Windows Backup RP352: 4/8/2012 2:00:17 AM - Windows Backup RP353: 4/11/2012 5:42:01 AM - Restore Operation RP354: 4/11/2012 7:02:56 AM - Removed HiJackThis RP355: 4/11/2012 7:07:07 AM - Installed HiJackThis RP356: 4/12/2012 3:00:17 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent Acrobat.com Add or Remove Adobe Creative Suite 3 Design Premium Adobe Acrobat 8 Professional Adobe Acrobat 8.3.1 - CPSID_83708 Adobe Acrobat 8.3.1 Professional Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Creative Suite 3 Design Premium Adobe Default Language CS3 Adobe Device Central CS3 Adobe Dreamweaver CS3 Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Flash CS3 Adobe Flash Player Plugin Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe MotionPicture Color FILES Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader 9.5.0 Adobe Setup Adobe SING CS3 Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Version Cue CS3 Server {ko_KR} Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Advertising Center AHV content for Acrobat and Flash AI Manager Apple Application Support Apple Software Update ASUSUpdate Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver Atheros Ethernet Utility AviSynth 2.5 Belkin 54Mbps Wireless Network Adapter Big Fish Games: Game Manager Bing Rewards Client Installer Chicken Invaders 3 Compatibility Pack for the 2007 Office system Conduit Engine Cradle of Rome 2 Crayon Physics Deluxe - release 51 D3DX10 DNA EPU-4 Engine ESET Online Scanner v3 Express Burn Disc Burning Software Farmscapes Freecorder 5 Freecorder Toolbar Garmin Communicator Plugin Garmin USB Drivers Garmin WebUpdater Google Toolbar for Internet Explorer Google Update Helper HappyVille: Quest for Utopia Heroes of Hellas 2: Olympia Heroes of Hellas 3: Athens Heroes of Kalevala Hidden Expedition ®: Titanic HiJackThis ImagXpress iPod To Computer Transfer 6.1 Java Auto Updater Java(TM) 6 Update 31 Jewel Quest II Junk Mail filter update Magic FLAC to MP3 Converter 3.72 Malwarebytes Anti-Malware version 1.61.0.1400 Memeo AutoSync Memeo Instant Backup Memeo Send Memeo Share Mesh Runtime Messenger Companion Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel 2007 Help Actualización (KB963678) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office Excel MUI (Spanish) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office OneNote MUI (French) 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office OneNote MUI (Spanish) 2007 Microsoft Office Outlook Connector Microsoft Office Powerpoint 2007 Help Actualización (KB963669) Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office PowerPoint MUI (Spanish) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Edition 2003 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Basque) 2007 Microsoft Office Proof (Catalan) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Galician) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing (Spanish) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Shared MUI (Spanish) 2007 Microsoft Office Shared Setup METADATA MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word 2007 Help Actualización (KB963665) Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Office Word MUI (Spanish) 2007 Microsoft Outlook Web Access S/MIME Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mise à jour Microsoft Office Excel 2007 Help (KB963678) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) Mise à jour Microsoft Office Word 2007 Help (KB963665) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser (KB973685) Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml PDF Settings PhotoPad Image Editor PhotoStage Slideshow Producer Pixillion Image Converter Purrfect Pet Shop QuickTime Realtek High Definition Audio Driver Seagate Dashboard Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Snagit 11 Sparkle Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy Subway Scramble Totem Treasure 2 TuneUp Companion 2.4.2.2 Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VideoPad Video Editor Videora iPod touch Converter 6 VirtualLab Client 5.7.5 Visual Studio 2008 x64 Redistributables VLC media player 1.1.9 Wild West Story: The Beginning Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MOVIE Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Install Manager Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 4/9/2012 6:45:18 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR23. 4/13/2012 5:02:45 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 4/12/2012 3:05:26 AM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect. 4/12/2012 3:05:26 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 4/11/2012 7:16:53 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Donald-PC\Donald SID (S-1-5-21-1907144279-1290808827-3386520796-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 4/11/2012 7:16:53 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Donald-PC\Donald SID (S-1-5-21-1907144279-1290808827-3386520796-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Donald at 17:25:33 on 2012-04-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5885.2754 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 Disabled/Updated {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 Disabled/Updated {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\AsHookDevice.exe C:\Program Files (x86)\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe C:\Program Files\LTONHIS\Touch Manager\SKDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Users\Donald\FLVSrvc.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Program Files (x86)\Memeo\AutoSync\MemeoAutoSync.exe C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll BHO: Adobe PDF LINK Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui mRun: [Freecorder FLV Service] "C:\Users\Donald\FLVSrvc.exe" /run mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{66CA6864-F977-4097-89DC-636CFB69C68E} : DhcpNameServer = 10.0.0.1 TCP: Interfaces\{6818D4A9-D632-4E51-960F-A852A00D0D1E} : DhcpNameServer = 209.18.47.61 209.18.47.62 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO-X64: 0x1 - No File BHO-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll BHO-X64: Freecorder - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll TB-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun-x64: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui mRun-x64: [Freecorder FLV Service] "C:\Users\Donald\FLVSrvc.exe" /run mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" Hosts: 127.0.0.1www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2010-1-21 196608] R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-7-24 517632] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-9 1153368] R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?] R3 netr7364;Belkin Wireless 54G USB Network Adapter Driver;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-25 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 253600] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-25 136176] S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?] S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-04-13 10:14:04--------d-----w-C:\Program Files (x86)\ESET 2012-04-12 23:19:01--------d-----w-C:\Users\Donald\AppData\Roaming\Malwarebytes 2012-04-12 23:18:5324904----a-w-C:\Windows\System32\drivers\mbam.sys 2012-04-12 23:18:53--------d-----w-C:\ProgramData\Malwarebytes 2012-04-12 23:18:53--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-12 08:00:3681408----a-w-C:\Windows\System32\imagehlp.dll 2012-04-12 08:00:3623408----a-w-C:\Windows\System32\drivers\fs_rec.sys 2012-04-12 08:00:36159232----a-w-C:\Windows\SysWow64\imagehlp.dll 2012-04-12 08:00:355120----a-w-C:\Windows\SysWow64\wmi.dll 2012-04-12 08:00:355120----a-w-C:\Windows\System32\wmi.dll 2012-04-12 08:00:35220672----a-w-C:\Windows\System32\wintrust.dll 2012-04-12 08:00:35172544----a-w-C:\Windows\SysWow64\wintrust.dll 2012-04-11 12:07:30388096----a-r-C:\Users\Donald\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-04-09 10:47:17--------d-----w-C:\ProgramData\Spybot - Search & Destroy 2012-04-09 10:47:17--------d-----w-C:\Program Files (x86)\Spybot - Search & Destroy 2012-04-04 10:46:03--------d-----w-C:\Users\Donald\AppData\Local\CrashDumps 2012-04-03 17:02:01--------d--h--w-C:\$AVG 2012-04-03 02:07:30--------d-----w-C:\Program Files (x86)\Wild West Story - The Beginning 2012-04-01 23:02:05418464----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-01 16:39:00--------d-----w-C:\Program Files\iPod 2012-04-01 16:38:59--------d-----w-C:\Program Files\iTunes 2012-03-29 23:46:54716800----a-w-C:\Windows\System32\drivers\netr7364.sys 2012-03-29 23:46:54305152----a-w-C:\Windows\System32\RaCoInstx.dll 2012-03-29 23:46:54200704----a-w-C:\Windows\SysWow64\UpdateDriver.exe 2012-03-29 23:46:31--------d-----w-C:\Program Files (x86)\Belkin 2012-03-25 16:04:29--------d-----w-C:\Users\Donald\AppData\Local\assembly 2012-03-25 16:03:51--------d-----w-C:\Users\Donald\AppData\Local\TechSmith 2012-03-24 22:54:34--------d-----w-C:\GameHouse Games 2012-03-24 22:54:11--------d-----w-C:\Program Files (x86)\RealArcade 2012-03-17 14:32:54--------d-----w-C:\Users\Donald\AppData\Roaming\NexusFont 2012-03-16 00:31:58--------d-----w-C:\Users\Donald\AppData\Roaming\BigFish 2012-03-15 13:08:10--------d-----w-C:\Users\Donald\AppData\Roaming\Awem 2012-03-15 12:27:29--------d-----w-C:\Program Files (x86)\Cradle of Rome 2 2012-03-15 11:46:45--------d-----w-C:\Program Files (x86)\Hidden Expedition - Titanic 2012-03-15 11:38:19--------d-----w-C:\Program Files (x86)\DNA 2012-03-15 03:06:30--------d-----w-C:\Program Files (x86)\HappyVille - Quest for Utopia 2012-03-15 01:28:42--------d-----w-C:\Program Files (x86)\Subway Scramble 2012-03-15 01:25:45--------d-----w-C:\Program Files (x86)\Jewel Quest II 2012-03-15 00:22:36--------d-----w-C:\Program Files (x86)\Purrfect Pet Shop 2012-03-14 23:45:52--------d-----w-C:\Program Files (x86)\Totem Treasure 2 . ==================== Find3M ==================== . 2012-04-01 23:02:0570304----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-12 11:53:46472808----a-w-C:\Windows\SysWow64\deployJava1.dll 2012-03-06 06:53:375559152----a-w-C:\Windows\System32\ntoskrnl.exe 2012-03-06 05:59:473968368----a-w-C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-06 05:59:413913072----a-w-C:\Windows\SysWow64\ntoskrnl.exe 2012-02-28 06:56:482311168----a-w-C:\Windows\System32\jscript9.dll 2012-02-28 06:49:561390080----a-w-C:\Windows\System32\wininet.dll 2012-02-28 06:48:571493504----a-w-C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:552382848----a-w-C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:551799168----a-w-C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:211427456----a-w-C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:071127424----a-w-C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:162382848----a-w-C:\Windows\SysWow64\mshtml.tlb 2012-02-23 15:18:36279656------w-C:\Windows\System32\MpSigStub.exe 2012-02-17 06:38:261031680----a-w-C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22826880----a-w-C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24210944----a-w-C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:3223552----a-w-C:\Windows\System32\drivers\tdtcp.sys 2012-02-10 06:36:071544192----a-w-C:\Windows\System32\DWrite.dll 2012-02-10 05:38:431077248----a-w-C:\Windows\SysWow64\DWrite.dll 2012-02-03 04:34:343145728----a-w-C:\Windows\System32\win32k.sys 2012-01-25 06:38:3977312----a-w-C:\Windows\System32\rdpwsx.dll 2012-01-25 06:38:38149504----a-w-C:\Windows\System32\rdpcorekmts.dll 2012-01-25 06:33:309216----a-w-C:\Windows\System32\rdrmemptylst.exe . ============= FINISH: 17:26:07.91 =============== ThanksAny anonymous user can IM you on Yahoo... Who else uses this PC ? ? Teenager in the house ? ?No there aren't any teenagers...as for the IM it is suspiciously a spam or phishing attempt as the "message" is garbled, in color, and combines unrelated words into a sentence INCLUDING random upper and lower case characters. Thanks for you input.Well it's a known fact that phishers and spammers will use anything at their disposal including IM... I doubt he would be able to grab any of your sensitive data...unless you posted it in a reply.Just got another IM this morning. I have already changed my password. It isn't all that frequent (maybe twice a week) that when I check my email there is and instant message received while I was offline (always while I am offline). Can I make it stop. Is this related to the log on from Pakistan that showed up in my Yahoo Log On list? Thanks again for you thoughts.I personally don't use Yahoo IM...but i believe you can right clik the offending User and block it.Yes that's true...and I do click "Block Sender" each timwe this occurs - so it must somehow work around that function. Any ideas?Start a new account...that or report it to Yahoo...

Discussion

No Comment Found

Related InterviewSolutions