Jump to content

mem

Members
  • Posts

    15
  • Joined

  • Last visited

Everything posted by mem

  1. The Protection History on the Dashboard is additive of all past scans, not for each time you scan. You may notice that the Items scanned count just keeps increasing as well.
  2. https://support.malwarebytes.com/customer/portal/articles/1835314?b_id=6438 click on "here" for 2.2.1
  3. https://www.malwarebytes.com/support/guides/mbam/ Look at PUP's and PUM's under Scan on the left and then scan results on the right may help.
  4. Is there a way to reset the Dashboard Protection History statistics? When items are quarantined and future scans are clear, this would allow a quick way to look at the dashboard to see new items detected instead of gong through scan reports.
  5. No issues now... everything seems fine. Thanks for the help and this thread can be closed.
  6. No issues remain. Thanks for the help...appreciate it. Results of screen317's Security Check version 0.99.6 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! ESET Online Scanner v3 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Adobe Flash Player 10.1.85.3 Adobe Reader 9.4.0 Mozilla Firefox (3.6.12) ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe Microsoft Security Essentials msseces.exe ```````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) ``````````End of Log````````````
  7. First, thanks for looking at the information. Also, I have uninstalled Java 6 update 22 from the PC after the MSE scan and do not intend to reinstall unless needed in the future. You may notice that I use IE9beta (latest) as well. While waiting for a response I also ran the ESET online scanner and no infection found. Nothing was found with the MBAM scan just now so I only included the header below. The "Attach" file did show up from DDS but said to attach as a zip only if requested so I just saved to disk in case you need it as well. ----------------------------------------------- Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4945 Windows 6.1.7600 Internet Explorer 9.0.7930.16406 10/26/2010 8:03:56 AM mbam-log-2010-10-26 (08-03-56).txt Scan type: Quick scan Objects scanned: 145879 Time elapsed: 3 minute(s), 52 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 ************************************************** DDS (Ver_10-10-21.02) - NTFS_AMD64 Run by Master at 17:15:41.89 on Tue 10/26/2010 Internet Explorer: 9.0.7930.16406 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4086.2916 [GMT -5:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1b92f8b399b096a3\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1b92f8b399b096a3\AESTSr64.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\OEM02Mon.exe C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe C:\Program Files (x86)\Dell\Dell Webcam Manager\DellWMgr.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\UCS\Virtual Account Numbers\CitiUCS.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Master\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: OToolbarHelper Class: {7aed0dc9-374e-440d-b966-be292971225b} - C:\Program Files (x86)\UCS\Virtual Account Numbers\CitiUCSHelper.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB: Virtual Account Numbers: {a1bdf46b-9de6-4090-8791-84f26e00934c} - C:\Program Files (x86)\UCS\Virtual Account Numbers\CitiUCSToolbar.dll mRun: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe" mRun: [DELL Webcam Manager] "C:\Program Files (x86)\Dell\Dell Webcam Manager\DellWMgr.exe" /s mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [uCS Virtual Account Numbers] C:\PROGRA~2\UCS\VIRTUA~1\CitiUCS.exe /lang=en_RG /dontopenmycards mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\Master\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe mRun-x64: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe mRun-x64: [Apoint] C:\Program Files\DellTPad\Apoint.exe mRun-x64: [igfxTray] C:\Windows\system32\igfxtray.exe mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe mRun-x64: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" ================= FIREFOX =================== FF - ProfilePath - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\05mqfukl.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - component: C:\Program Files (x86)\UCS\Virtual Account Numbers\components\SlimOrbAddonCitiUCS.dll FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npRLCT4Player.dll FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified ============= SERVICES / DRIVERS =============== R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-28 52856] R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);C:\Windows\System32\drivers\tdrpm258.sys [2009-11-3 1477728] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-6-18 173984] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1b92f8b399b096a3\AESTSr64.exe [2009-10-29 89600] R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-4-4 2480048] R2 CLDTVHNService;CLDTVHNService;C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe [2009-9-17 75048] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-5-2 304464] R2 ntk_dtv;ntk_dtv;C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys [2009-9-17 82416] R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2010-4-4 252512] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-7-10 139264] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2009-10-29 24664] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-6-18 40832] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-6-15 7689216] R3 pppop;PPPoP WAN Adapter;C:\Windows\System32\drivers\pppop64.sys [2009-7-21 42528] R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2010-1-25 7520256] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-30 1255736] =============== Created Last 30 ================ 2010-10-26 21:57:37 8006480 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{47448DFE-FC11-4DE0-A088-DFA54F412496}\mpengine.dll 2010-10-25 20:00:50 -------- d-----w- C:\Program Files (x86)\ESET 2010-10-24 16:15:26 899072 ----a-w- C:\Windows\System32\d2d1.dll 2010-10-24 16:15:26 737280 ----a-w- C:\Windows\SysWow64\d2d1.dll 2010-10-24 16:15:26 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll 2010-10-24 16:15:26 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2010-10-24 16:15:26 1844224 ----a-w- C:\Windows\System32\d3d10warp.dll 2010-10-24 16:15:26 1543168 ----a-w- C:\Windows\System32\DWrite.dll 2010-10-24 16:15:26 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2010-10-24 16:15:26 1137664 ----a-w- C:\Windows\System32\FntCache.dll 2010-10-24 16:15:26 1076224 ----a-w- C:\Windows\SysWow64\DWrite.dll 2010-10-24 16:15:17 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll 2010-10-24 16:15:16 466432 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2010-10-24 16:15:16 279552 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2010-10-24 16:15:16 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll 2010-10-24 16:14:50 1863680 ----a-w- C:\Windows\System32\ExplorerFrame.dll 2010-10-24 16:14:49 1495040 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll 2010-10-24 16:14:33 -------- d-----w- C:\Program Files (x86)\Feedback Tool 2010-10-18 20:58:35 -------- d-----w- C:\Windows\PCHEALTH 2010-10-18 20:54:42 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2010-10-18 20:54:42 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2010-10-01 21:44:08 -------- d-----w- C:\Users\Master\AppData\Roaming\Windows Live Writer 2010-10-01 21:44:08 -------- d-----w- C:\Users\Master\AppData\Local\Windows Live Writer 2010-10-01 14:48:32 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll 2010-10-01 14:48:32 206848 ----a-w- C:\Windows\System32\mfps.dll 2010-10-01 14:48:31 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll 2010-10-01 14:48:31 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2010-10-01 14:48:31 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2010-10-01 14:48:30 4068864 ----a-w- C:\Windows\System32\mf.dll 2010-10-01 14:48:30 3181568 ----a-w- C:\Windows\SysWow64\mf.dll 2010-10-01 14:47:09 -------- d-----w- C:\Users\Master\AppData\Local\Windows Live 2010-09-29 12:10:09 243712 ----a-w- C:\Windows\System32\drivers\ks.sys 2010-09-29 12:10:09 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2010-09-29 12:09:14 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2010-09-29 12:09:14 2048 ----a-w- C:\Windows\System32\tzres.dll 2010-09-27 10:28:18 42776 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll ==================== Find3M ==================== 2010-10-22 14:30:47 3695968 ----a-w- C:\Windows\System32\AutoPartNt.exe 2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe 2010-09-23 05:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll 2010-09-21 19:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL 2010-09-21 19:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL 2010-09-15 09:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2010-09-01 05:46:36 1355264 ----a-w- C:\Windows\SysWow64\jscript9.dll 2010-09-01 05:44:32 367104 ----a-w- C:\Windows\SysWow64\html.iec 2010-09-01 05:44:30 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2010-09-01 05:44:24 1122304 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-09-01 05:44:06 424960 ----a-w- C:\Windows\SysWow64\vbscript.dll 2010-09-01 05:43:22 23552 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-09-01 05:43:12 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2010-09-01 05:43:12 114176 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2010-09-01 05:43:10 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe 2010-09-01 05:43:10 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2010-09-01 05:43:02 448512 ----a-w- C:\Windows\System32\html.iec 2010-09-01 05:41:56 601088 ----a-w- C:\Windows\System32\vbscript.dll 2010-09-01 05:40:56 76800 ----a-w- C:\Windows\System32\tdc.ocx 2010-09-01 05:40:40 215552 ----a-w- C:\Windows\System32\msls31.dll 2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll 2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll 2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys 2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys 2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll 2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll 2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll 2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll 2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe 2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll 2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll 2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll 2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll 2006-10-15 02:31:24 29184 ----a-w- C:\Program Files (x86)\Hash.exe ============= FINISH: 17:16:41.31 ===============
  8. Hi, I haven't had symptoms of a problem but this weekend when running a full scan with MS Security Essentials it detected and quarantined a trojan downloader- Detected item:TrojanDownloader:Java/OpenStream.AK. Real time MSE has not detected anything. MBAM Pro real time has not detected anything and finds nothing in the Full Scan. Highjack This has a number of missing files in section 023 but they may not be releated. GMER (ark text file attached) found two items that look like IDT audio or touchpad related items. Any comments about any further actions needed are welcome. Win7 x64, Standard User Account, MSE, MBAM Pro MSEdetection.txt mbam_log_2010_10_23__07_19_55_.txt hijackthis1.log ark.txt
  9. It is the process for Windows Defender/Live OneCare/ MS Essentials - the scanning engine. Excessive CPU usage shows that either it is scanning your processes that are active or there may be a conflict with other real time tasks.
  10. Another forum has stated that a license is good for two PC's using a post in the Malware Removal section. If this is not the case, someone may want to look at changing the post: "...lifetime license. And yes, you can also use it on your 2nd computer. And yes, you can transfer the licenses, just save the license key somewhere (write it down/print it out) and you can use it again." http://forums.malwarebytes.org/index.php?s...st&p=201073
  11. Let's see if we can work through this, see if I understand what you are seeing. This morning the Update tab of MBAM showed the date as the previous day while the log showed that an update was done today. As of the afternoon, if another update is manually run, the date on the Update tab probably reads todays date. The Update tab date is the day the update was made by Malwarebytes. The log shows the day and time an update download attempt took place by your PC. When the morning update of MBAM ocurred, the last update available from Malwarebytes was one from the previous day. Therefore, the update tab would only show yesterdays date - the time the update was composed and made available for download. This afternoon, when another manual (or auto for that matter) update is tried by your PC, Malwarebytes has had the morning to make a new update and have it available for download. Now the update tab will have todays date and the log would show when the update download was attempted You can see the update attempts in the log, which can be done all the time while the date on the update tab is the date that Malwarebytes has the last update available for download. If they didn't have an new update available for four days, then the update tab could be four days behind the log date for attempted updating.
  12. When the update was checked today, the last update available for the program was from yesterday - you can check for updates all the time but the actuall file was made at an earlier time and that is what is shown in the program update window.
  13. And to correct MY misprint... 1 KB = 1000 bytes (not bits) 1 KiB = 1024 bytes (not bits) MS is still using the older units for the OS while drive manufacturers and some open source software uses the newer conventions. Sorry for the confusion.
  14. While older convention was 1 kilobyte is 1024 bits, it was changed in 2000 by International Electrotechnical Commission (and IEEE convention)...it is now making it into the mainstream a kilobyte (KB) is to be 1000 bits to be in line with SI units a kibibyte (KiB) is 1024 bits and similar designations for higher units. This is one of the confusions in drive sizes as for marketing purposes a 250 KB formats out around 230 KiB. While not an authoritative source per se, this gives a good rundown: http://en.wikipedia.org/wiki/Kibibyte
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.