evto18

It's running great. I really appreciate all your help.

Good morning. Here are the results. Results of screen317's Security Check version 0.99.54 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.65.1.1000 Java 7 Update 9 Adobe Flash Player 11.5.502.110 Adobe Reader X (10.1.4) Mozilla Firefox (16.0.2) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

MrC: Here are my results from my scan. # AdwCleaner v2.008 - Logfile created 11/20/2012 at 23:44:17 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Mine - MINE-PC # Boot Mode : Normal # Running from : C:\Users\Mine\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\ProgramData\Tarma Installer ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Software ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Mine\AppData\Roaming\Mozilla\Firefox\Profiles\sq40nc7n.default\prefs.js C:\Users\Mine\AppData\Roaming\Mozilla\Firefox\Profiles\sq40nc7n.default\user.js ... Deleted ! [OK] File is clean. -\\ Google Chrome v [unable to get version] File : C:\Users\Mine\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1242 octets] - [20/11/2012 23:04:44] AdwCleaner[R2].txt - [1302 octets] - [20/11/2012 23:43:43] AdwCleaner[s2].txt - [1342 octets] - [20/11/2012 23:44:17] ########## EOF - C:\AdwCleaner[s2].txt - [1402 octets] ########## I will also be back in the am. Thanks for all your help!

Here's the results of AdwCleaner. # AdwCleaner v2.008 - Logfile created 11/20/2012 at 23:04:44 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Mine - MINE-PC # Boot Mode : Normal # Running from : C:\Users\Mine\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\ProgramData\Tarma Installer ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Software ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Mine\AppData\Roaming\Mozilla\Firefox\Profiles\sq40nc7n.default\prefs.js [OK] File is clean. -\\ Google Chrome v [unable to get version] File : C:\Users\Mine\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1115 octets] - [20/11/2012 23:04:44] ########## EOF - C:\AdwCleaner[R1].txt - [1175 octets] ##########

MrC: I just finished ComboFix and I am attaching my results. ComboFix.zip

These are the second and third logs. Thanks again for all your help. TDSSKiller.2.8.15.0_20.11.2012_20.27.16_log.zip TDSSKiller.2.8.15.0_20.11.2012_20.34.01_log.zip

Hi MrC: Here are the results of my scan. 20:24:06.0591 4968 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 20:24:07.0200 4968 ============================================================ 20:24:07.0200 4968 Current date / time: 2012/11/20 20:24:07.0200 20:24:07.0200 4968 SystemInfo: 20:24:07.0200 4968 20:24:07.0200 4968 OS Version: 6.1.7601 ServicePack: 1.0 20:24:07.0200 4968 Product type: Workstation 20:24:07.0200 4968 ComputerName: MINE-PC 20:24:07.0200 4968 UserName: Mine 20:24:07.0200 4968 Windows directory: C:\windows 20:24:07.0200 4968 System windows directory: C:\windows 20:24:07.0200 4968 Running under WOW64 20:24:07.0200 4968 Processor architecture: Intel x64 20:24:07.0200 4968 Number of processors: 8 20:24:07.0200 4968 Page size: 0x1000 20:24:07.0200 4968 Boot type: Normal boot 20:24:07.0200 4968 ============================================================ 20:24:07.0855 4968 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:24:07.0855 4968 ============================================================ 20:24:07.0855 4968 \Device\Harddisk0\DR0: 20:24:07.0855 4968 MBR partitions: 20:24:07.0855 4968 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x55436000 20:24:07.0855 4968 ============================================================ 20:24:07.0886 4968 C: <-> \Device\Harddisk0\DR0\Partition1 20:24:07.0886 4968 ============================================================ 20:24:07.0886 4968 Initialize success 20:24:07.0886 4968 ============================================================ 20:24:51.0442 6212 Deinitialize success

I'm not sure why it's not letting me attach the other log but here it is again. system-log.txt

The other log did not attach. Here it is.

I just ran the scan and it says everything is clean. I am attaching the logs. Is there anything else that needs to be done? Thank you for all your help! mbar-log-2012-11-19 (20-19-55).txt

Thanks. Doing it now and will post when it's done.

Thanks for your response. How do I create a new system restore point?

Hello: I am having trouble with Trojans in svchost. I have scanned with MBAM all day and the results come up with the same two Trojans. I reboot after each of these scans and when I rescan it comes up with the same issue. Please help! I am attaching my logs. Thank you so much! mbam-log-2012-11-18 (21-01-22).txt attach.zip dds.txt