Jump to content

vitaminz

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by vitaminz

  1. Thanks for the heads up. Am I good to go as far as any malware that may be on my computer?
  2. Hi Maniac. In my last post I pasted the logs for the Junkware Removal Tool logAdwCleaner logs Malwarebytes' Anti-Malware logAfter uninstalling uTorrent I have not had any more notification of blocking malicious sites. Is it possible MBAM recognizes various peers my torrent client is trying to connect to as malicious?
  3. Junkware Removal tool log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.7 (07.08.2013:2)OS: Windows 8 Pro x64Ran by Andrew on Mon 07/08/2013 at 13:03:56.10~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider ~~~ Files ~~~ Folders ~~~ Chrome Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 07/08/2013 at 13:11:24.51End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~AdwCleaner Log# AdwCleaner v2.304 - Logfile created 07/08/2013 at 13:32:10# Updated 03/07/2013 by Xplode# Operating system : Windows 8 Pro (64 bits)# User : Andrew - ANDREWPC# Boot Mode : Normal# Running from : C:\Users\Andrew\Downloads\AdwCleaner.exe# Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Users\Andrew\AppData\Local\Temp\Uninstall.exe ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.116 File : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1780 octets] - [08/07/2013 13:32:10] ########## EOF - C:\AdwCleaner[R1].txt - [1840 octets] ########## MBAM log Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2013.07.08.06 Windows 8 x64 NTFSInternet Explorer 10.0.9200.16599Andrew :: ANDREWPC [administrator] Protection: Enabled 7/8/2013 1:35:26 PMmbam-log-2013-07-08 (13-35-26).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 209068Time elapsed: 1 minute(s), 52 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\$Recycle.Bin\S-1-5-21-3532869950-721322929-2121029236-1001\$RHWOVW3.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. (end)
  4. Hi Maniac, Thanks for the help. Attach.txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8 ProBoot Device: \Device\HarddiskVolume1Install Date: 6/25/2013 12:21:10 PMSystem Uptime: 6/30/2013 4:40:16 PM (187 hours ago).Motherboard: Dell Inc. | | 0W61J1Processor: Intel® Core i5 CPU M 430 @ 2.27GHz | U2E1 | 2267/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 233 GiB total, 158.843 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: Description: Base System DeviceDevice ID: PCI\VEN_1180&DEV_E230&SUBSYS_04191028&REV_01\4&7C64D95&0&01E4Manufacturer: Name: Base System DevicePNP Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_04191028&REV_01\4&7C64D95&0&01E4Service: .Class GUID: Description: Base System DeviceDevice ID: PCI\VEN_1180&DEV_E852&SUBSYS_04191028&REV_01\4&7C64D95&0&02E4Manufacturer: Name: Base System DevicePNP Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_04191028&REV_01\4&7C64D95&0&02E4Service: .==== System Restore Points ===================.RP1: 6/25/2013 2:04:19 PM - Installed RICOH R5U8xx Media Driver ver.3.62.02RP2: 6/25/2013 2:17:13 PM - 1st DayRP3: 6/26/2013 5:29:11 PM - Installed 7-Zip 9.20 (x64 edition)RP4: 6/29/2013 11:53:35 PM - Windows UpdateRP5: 7/3/2013 12:09:43 AM - avast! Free Antivirus Setup.==== Installed Programs ======================.µTorrent7-Zip 9.20 (x64 edition)Apple Application SupportApple Mobile Device SupportApple Software Updateavast! Free AntivirusAVG SafeGuard toolbarBonjourDota 2F.luxFacebook Video Calling 1.2.0.287Google ChromeGoogle Talk PluginGoogle Update HelperiTunesJava 7 Update 25Java Auto UpdaterMalwarebytes Anti-Malware version 1.75.0.1300Microsoft Office Professional Plus 2013 - en-usMicrosoft SilverlightMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentRICOH R5U8xx Media Driver ver.3.62.02Steam.==== Event Viewer Messages From Past Week ========.7/8/2013 9:59:58 AM, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.7/7/2013 2:34:03 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.7/5/2013 10:13:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895).7/5/2013 10:13:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Pointing Drawing - Microsoft Hardware USB Wireless Mouse.7/4/2013 7:31:25 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}. The master browser is stopping or an election is being forced.7/3/2013 12:49:59 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.7/3/2013 12:49:59 PM, Error: Schannel [36884] - The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.7/3/2013 10:25:41 AM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105..==== End Of File =========================== DDS.txtDDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2Run by Andrew at 11:51:24 on 2013-07-08Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.4021.884 [GMT -4:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\dwm.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\Windows\system32\dashost.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\Explorer.EXEC:\Windows\system32\taskhostex.exeC:\Windows\system32\SearchIndexer.exeC:\Users\Andrew\Local Settings\Apps\F.lux\flux.exeC:\Program Files (x86)\Steam\Steam.exeC:\Users\Andrew\AppData\Roaming\uTorrent\uTorrent.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Microsoft Office 15\root\office15\winword.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\iTunes\iTunes.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEC:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [F.lux] "C:\Users\Andrew\Local Settings\Apps\F.lux\flux.exe" /noshowuRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silentuRun: [Facebook Update] "C:\Users\Andrew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserveruRun: [Google Update] "C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [uTorrent] "C:\Users\Andrew\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZEDuRun: [GoogleChromeAutoLaunch_AF2E2510EC2DA94726BF08BC757DFE33] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-windowmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentmRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptmPolicies-System: PromptOnSecureDesktop = dword:0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllTCP: NameServer = 141.211.125.17 141.211.144.17TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1} : DHCPNameServer = 141.211.125.17 141.211.144.17TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\3557E602C416260275966496 : DHCPNameServer = 141.211.125.17 141.211.144.17TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\6656E676 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\7456F62776563702960586F6E65602 : DHCPNameServer = 8.8.8.8TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\84F4D454D263731383 : DHCPNameServer = 75.75.76.76 75.75.75.75TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\944535 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\D47457563747 : DHCPNameServer = 141.211.125.17 141.211.144.17Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-mPolicies-System: PromptOnSecureDesktop = dword:0x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-7-3 189936]R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-7-3 378944]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-7-3 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-7-3 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-3 46808]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-1 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-1 701512]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-6-25 1900728]R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-7-1 25928]R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]S0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-7-3 65336]S1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-7-3 1030952]S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248].=============== Created Last 30 ================.2013-07-03 20:10:12 237744 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10209.bin2013-07-03 04:10:43 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-07-03 04:10:41 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-07-03 04:10:41 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-07-03 04:10:41 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-07-03 04:10:41 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-07-03 04:10:14 41664 ----a-w- C:\Windows\avastSS.scr2013-07-03 04:09:50 -------- d-----w- C:\Program Files\AVAST Software2013-07-03 04:09:28 -------- d-----w- C:\ProgramData\AVAST Software2013-07-02 18:40:05 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{357EA6CA-FA19-4FA7-83D5-EE1F6E3D3343}\mpengine.dll2013-07-01 18:22:17 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Malwarebytes2013-07-01 18:21:59 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-01 18:21:57 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-07-01 18:21:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-01 18:21:47 -------- d-----w- C:\Users\Andrew\AppData\Local\Programs2013-07-01 15:14:34 9552976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-06-30 20:41:00 -------- d-----w- C:\Users\Andrew\AppData\Roaming\PowerISO2013-06-29 23:11:58 84992 ----a-w- C:\Windows\SysWow64\wbem\PolicMan.dll2013-06-29 23:10:54 3245568 ----a-w- C:\Windows\System32\rdpcorets.dll2013-06-29 23:09:59 573440 ----a-w- C:\Windows\System32\WinSATAPI.dll2013-06-29 20:32:15 -------- d-----w- C:\Users\Andrew\AppData\Local\Monster Savings2013-06-29 20:31:27 -------- d-----w- C:\Users\Andrew\AppData\Roaming\uTorrent2013-06-27 02:25:07 -------- d-----w- C:\Users\Andrew\AppData\Local\Facebook2013-06-26 21:44:41 -------- d-----w- C:\Users\Andrew\AppData\Local\AVG SafeGuard toolbar2013-06-26 21:44:33 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-06-26 21:44:31 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar2013-06-26 21:44:30 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search2013-06-26 21:44:29 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar2013-06-26 21:44:10 -------- d--h--w- C:\ProgramData\Common Files2013-06-26 21:43:53 -------- d-----w- C:\Program Files (x86)\PowerISO2013-06-26 18:58:18 17271808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll2013-06-26 18:58:17 16642560 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll2013-06-26 17:52:17 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-06-26 17:37:46 94208 ----a-w- C:\Windows\System32\synceng.dll2013-06-26 17:37:45 72192 ----a-w- C:\Windows\SysWow64\synceng.dll2013-06-26 17:37:31 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll2013-06-26 17:37:31 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll2013-06-26 17:37:30 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-06-26 17:26:53 888320 ----a-w- C:\Windows\System32\autochk.exe2013-06-25 20:17:53 -------- d-----w- C:\Windows\Panther2013-06-25 20:08:51 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-06-25 20:08:51 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-06-25 20:08:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-06-25 19:18:36 0 ----a-w- C:\Windows\ativpsrm.bin2013-06-25 19:03:00 2094592 ----a-w- C:\Windows\System32\mmc.exe2013-06-25 19:03:00 1964544 ----a-w- C:\Windows\System32\wlidsvc.dll2013-06-25 19:03:00 1120768 ----a-w- C:\Windows\System32\msctf.dll2013-06-25 19:01:05 1161728 ----a-w- C:\Windows\System32\sppobjs.dll2013-06-25 19:01:02 1933312 ----a-w- C:\Windows\System32\wbem\cimwin32.dll2013-06-25 19:01:02 1627648 ----a-w- C:\Windows\System32\WindowsCodecs.dll2013-06-25 19:01:00 5978624 ----a-w- C:\Windows\System32\mstscax.dll2013-06-25 19:01:00 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll2013-06-25 18:34:38 -------- d-----w- C:\Program Files (x86)\Steam2013-06-25 18:31:36 -------- d-----w- C:\Users\Andrew\AppData\Local\Apple Computer2013-06-25 18:31:34 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys2013-06-25 18:31:15 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-06-25 18:31:15 -------- d-----w- C:\Program Files\iTunes2013-06-25 18:31:15 -------- d-----w- C:\Program Files\iPod2013-06-25 18:31:15 -------- d-----w- C:\Program Files (x86)\iTunes2013-06-25 18:31:07 -------- d-----w- C:\Users\Andrew\AppData\Local\Apple2013-06-25 18:30:52 -------- d-----w- C:\Program Files\Bonjour2013-06-25 18:30:52 -------- d-----w- C:\Program Files (x86)\Bonjour2013-06-25 18:25:44 -------- d-----w- C:\Program Files (x86)\Common Files\Steam2013-06-25 18:04:14 -------- d-----w- C:\dell2013-06-25 18:02:41 -------- d-----w- C:\Users\Andrew\AppData\Local\Apps2013-06-25 17:55:04 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll2013-06-25 17:55:03 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll2013-06-25 17:49:26 564432 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe2013-06-25 17:48:03 -------- d-----w- C:\Program Files\Microsoft Office 152013-06-25 17:39:37 -------- d-----w- C:\Users\Andrew\AppData\Local\Google2013-06-25 17:38:39 144384 ----a-w- C:\Windows\System32\tssdisai.dll2013-06-25 17:38:39 135680 ----a-w- C:\Windows\System32\appserverai.dll2013-06-25 17:38:39 126976 ----a-w- C:\Windows\System32\RDWebAI.dll2013-06-25 17:38:39 122880 ----a-w- C:\Windows\System32\VmHostAI.dll2013-06-25 17:38:38 148480 ----a-w- C:\Windows\System32\poqexec.exe2013-06-25 17:38:38 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe2013-06-25 16:32:22 70144 ----a-w- C:\Windows\System32\appinfo.dll2013-06-25 16:32:22 112872 ----a-w- C:\Windows\System32\consent.exe2013-06-25 16:31:32 2851840 ----a-w- C:\Windows\System32\esent.dll2013-06-25 16:31:32 2382336 ----a-w- C:\Windows\SysWow64\esent.dll2013-06-25 16:28:49 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin2013-06-25 16:28:47 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin.==================== Find3M ====================.2013-06-04 22:09:22 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-04 22:09:22 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-05-23 23:01:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll2013-05-23 22:27:05 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll2013-05-15 02:25:44 542208 ----a-w- C:\Windows\System32\untfs.dll2013-05-15 02:24:10 793088 ----a-w- C:\Windows\SysWow64\autochk.exe2013-05-15 02:24:01 482816 ----a-w- C:\Windows\SysWow64\untfs.dll2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll2013-05-04 06:57:31 820736 ----a-w- C:\Windows\System32\gpprefcl.dll2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll2013-05-04 04:56:35 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe.============= FINISH: 11:51:43.76 ===============
  5. Another poster had a similar problem to mine back in April but I am hesitant to follow the instructions you led him through without direct assistance because of warnings given about the tools used to help resolve her issue. The problem I am having is about every 4-6 minutes, I get a pop-up box on my screen that stays for about 15-25 seconds (and then fades off) that indicates Malwarebytes Anti-malware has successfully blocked a potentially malicious website 213.163.64.23 (Type: outgoing, Port: 44347, Process: utorrent.exe) Of course I would like to remove the nuisance of this pop-up but more than that, I would like whatever is guiding my computer to reach out to this site to be removed permanently. Previous to this problem occuring, I had Monster Coupons adware installed which I removed through the uninstall programs feature on Control Panel Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.