NarrowMeade
-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by NarrowMeade
-
-
As of now MSE functioning yet browser still seems to hang when commands, clicks, or URLs are entered. Both Firefox and Chrome.
-
Uninstalled MSE and reinstalled. Seems to be working now. Also DLing all updates for Windows.
-
Restarted and Firefox started now. Microsoft Security Essentials is still NOT functioning .
Error code: 0x80070424
I forgot to mention this from the start.
Logs below.
-
Here it is. Thank you.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2012 (ATTENTION: FRST version is 8 days old)
Ran by SYSTEM at 01-12-2012 10:17:23
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [] [x]
HKLM\...\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x]
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [x]
HKLM\...\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [x]
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [x]
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [x]
HKLM\...\Run: [ThpSrv] "C:\windows\system32\thpsrv" /logon [x]
HKLM\...\Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [709976 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] %ProgramFiles%\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [x]
HKLM\...\Run: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [x]
HKLM\...\Run: [TosVolRegulator] "C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [x]
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [x]
HKLM\...\Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1931024 2010-07-19] (Intel® Corporation)
HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [TUSBSleepChargeSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" [x]
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-07-12] ()
HKLM-x32\...\Run: [iAStorIcon] "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2454840 2009-11-21] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKU\Micah L Mathis\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-01] (Google Inc.)
HKU\Micah L Mathis\...\Run: [Google Update] "C:\Users\Micah L Mathis\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-12] (Google Inc.)
HKU\Micah L Mathis\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{91CEC3AD-FAD1-47E8-9225-72EC3A31E65A}: [NameServer]0.0.0.0
Startup: C:\Users\Default\Start Menu\Programs\Startup\Best Buy Software Installer.lnk
ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\Best Buy Software Installer.lnk
ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®)
==================== Services (Whitelisted) ===================
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] ()
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] ()
==================== Drivers (Whitelisted) =====================
3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation)
3 RTL8187Se; C:\Windows\System32\Drivers\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-12-01 10:16 - 2012-12-01 10:16 - 00000000 ____D C:\FRST
2012-12-01 07:50 - 2012-12-01 07:50 - 01461039 ____A (Farbar) C:\Users\Micah L Mathis\Downloads\FRST64.exe
2012-12-01 07:36 - 2012-12-01 07:43 - 00002331 ____A C:\Users\Micah L Mathis\Downloads\index.php.txt
2012-12-01 04:47 - 2012-12-01 04:47 - 00000146 ____A C:\Users\Micah L Mathis\Desktop\Virus.url
2012-12-01 03:56 - 2012-12-01 03:56 - 00023612 ____A C:\Users\Micah L Mathis\Desktop\DDS.txt
2012-12-01 03:55 - 2012-12-01 03:55 - 00010117 ____A C:\Users\Micah L Mathis\Desktop\Attach.txt
2012-11-27 15:53 - 2012-11-27 15:53 - 00006884 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121127.175303.txt
2012-11-26 02:58 - 2012-11-26 02:58 - 00000000 ____A C:\Users\Micah L Mathis\Documents\ts3_clientui-win64-1351504843-2012-11-26 04_58_26.096821.dmp
2012-11-25 14:51 - 2012-11-25 14:51 - 00006789 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121125.165134.txt
2012-11-23 22:02 - 2012-11-23 22:16 - 764790473 ____A C:\Users\Micah L Mathis\Desktop\_Episodes 5&6_ - Battlestar Galactica_ Blood & Chrome.mp4
2012-11-20 17:25 - 2012-11-20 17:25 - 23921701 ____A (Igor Pavlov) C:\Users\Micah L Mathis\Downloads\tor-browser-2.2.39-5_en-US.exe
2012-11-15 08:45 - 2012-11-15 08:45 - 00006791 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121115.104552.txt
2012-11-09 13:44 - 2012-11-09 13:51 - 401298517 ____A C:\Users\Micah L Mathis\Desktop\_Episode 2_ - Battlestar Galactica_ Blood and Chrome.mp4
2012-11-09 13:25 - 2012-11-09 13:34 - 492040389 ____A C:\Users\Micah L Mathis\Desktop\_Episode 1_ - Battlestar Galactica_ Blood and Chrome.mp4
2012-11-09 12:11 - 2012-11-09 12:11 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\New folder
2012-11-03 17:59 - 2012-11-03 17:59 - 16450830 ____A C:\Users\Micah L Mathis\Desktop\Daren Bates' Nasty Stiff Arm.mp4
==================== One Month Modified Files and Folders =======
2012-12-01 10:16 - 2012-12-01 10:16 - 00000000 ____D C:\FRST
2012-12-01 08:04 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-01 08:04 - 2009-07-13 20:51 - 00153072 ____A C:\Windows\setupact.log
2012-12-01 07:52 - 2011-12-12 18:03 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\TS3Client
2012-12-01 07:50 - 2012-12-01 07:50 - 01461039 ____A (Farbar) C:\Users\Micah L Mathis\Downloads\FRST64.exe
2012-12-01 07:50 - 2011-12-29 09:49 - 00787590 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-01 07:43 - 2012-12-01 07:36 - 00002331 ____A C:\Users\Micah L Mathis\Downloads\index.php.txt
2012-12-01 07:18 - 2010-08-23 10:37 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-01 07:11 - 2012-07-03 05:47 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-01 07:06 - 2011-12-12 16:40 - 00000944 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-892447014-2351559839-3818858411-1000UA.job
2012-12-01 07:06 - 2011-12-12 16:40 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-892447014-2351559839-3818858411-1000Core.job
2012-12-01 04:58 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-01 04:58 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-01 04:57 - 2010-08-23 10:37 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-01 04:49 - 2009-12-01 19:00 - 00373438 ____A C:\Windows\PFRO.log
2012-12-01 04:47 - 2012-12-01 04:47 - 00000146 ____A C:\Users\Micah L Mathis\Desktop\Virus.url
2012-12-01 03:58 - 2012-01-06 04:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-01 03:56 - 2012-12-01 03:56 - 00023612 ____A C:\Users\Micah L Mathis\Desktop\DDS.txt
2012-12-01 03:56 - 2012-01-22 20:55 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\Skype
2012-12-01 03:55 - 2012-12-01 03:55 - 00010117 ____A C:\Users\Micah L Mathis\Desktop\Attach.txt
2012-11-28 20:40 - 2012-03-05 21:44 - 00000000 ____D C:\Program Files (x86)\Steam
2012-11-28 18:27 - 2011-12-15 20:47 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\Mumble
2012-11-27 18:09 - 2012-03-22 04:43 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\vlc
2012-11-27 15:53 - 2012-11-27 15:53 - 00006884 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121127.175303.txt
2012-11-26 03:13 - 2010-08-22 14:43 - 00000000 ____D C:\Users\Micah L Mathis\Documents\Outlook Files
2012-11-26 02:58 - 2012-11-26 02:58 - 00000000 ____A C:\Users\Micah L Mathis\Documents\ts3_clientui-win64-1351504843-2012-11-26 04_58_26.096821.dmp
2012-11-25 14:51 - 2012-11-25 14:51 - 00006789 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121125.165134.txt
2012-11-23 22:16 - 2012-11-23 22:02 - 764790473 ____A C:\Users\Micah L Mathis\Desktop\_Episodes 5&6_ - Battlestar Galactica_ Blood & Chrome.mp4
2012-11-20 17:25 - 2012-11-20 17:25 - 23921701 ____A (Igor Pavlov) C:\Users\Micah L Mathis\Downloads\tor-browser-2.2.39-5_en-US.exe
2012-11-20 11:35 - 2009-12-01 18:51 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-20 10:56 - 2012-04-14 01:28 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-20 10:56 - 2011-07-07 16:41 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-15 08:45 - 2012-11-15 08:45 - 00006791 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121115.104552.txt
2012-11-11 10:13 - 2012-08-30 06:00 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\The Fall Of Hyperion
2012-11-09 13:51 - 2012-11-09 13:44 - 401298517 ____A C:\Users\Micah L Mathis\Desktop\_Episode 2_ - Battlestar Galactica_ Blood and Chrome.mp4
2012-11-09 13:34 - 2012-11-09 13:25 - 492040389 ____A C:\Users\Micah L Mathis\Desktop\_Episode 1_ - Battlestar Galactica_ Blood and Chrome.mp4
2012-11-09 12:11 - 2012-11-09 12:11 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\New folder
2012-11-08 13:52 - 2012-01-20 09:40 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\battlestar galactica
2012-11-05 04:47 - 2012-05-09 07:26 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\Hyperion
2012-11-03 17:59 - 2012-11-03 17:59 - 16450830 ____A C:\Users\Micah L Mathis\Desktop\Daren Bates' Nasty Stiff Arm.mp4
ZeroAccess:
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\00000004.@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\201d3dde
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\4cce1f70
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\55490ac4
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\00000004.@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\00000008.@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\000000cb.@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\80000000.@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\80000032.@
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\80000064.@
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
ZeroAccess:
C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}
C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}\@
C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}\L
C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}\U
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-11-25 02:16:33
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 3894.78 MB
Available physical RAM: 3323.61 MB
Total Pagefile: 3892.93 MB
Available Pagefile: 3314.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: (TI105512W0E) (Fixed) (Total:456.78 GB) (Free:59.36 GB) NTFS ==>[system with boot components (obtained from reading drive)]
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from reading drive)]
4 Drive f: (USB20FD) (Removable) (Total:3.8 GB) (Free:3.79 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3894 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 456 GB 1501 MB
Partition 3 Primary 7701 MB 458 GB
==================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System NTFS Partition 1500 MB Healthy Hidden
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI105512W0E NTFS Partition 456 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No
There is no volume associated with this partition.
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3894 MB 28 KB
==================================================================================
Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F USB20FD FAT32 Removable 3894 MB Healthy
=========================================================
Last Boot: 2012-11-25 02:09
==================== End Of Log =============================
-
Hi. I was wondering if i could get some help with this. 2 of my browsers redirect on searches and have become very slow and stagnant. These hits on malware will not go away after cleaning.
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.12.01.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Micah L Mathis :: TROJANXHORSEACT [administrator]
12/1/2012 06:05:32
mbam-log-2012-12-01 (06-05-32).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213483
Time elapsed: 12 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
(end)
Hijacked Browsers and malware will not go away.
in Resolved Malware Removal Logs
Posted
Done. I think it is clean now. Nothing alerting. Browsers still hanging. Yet there are a lot of windows updates now. Assuming it wasn't accepting Windows updates during infection time.