swain_cad

version 3.0.6.1469

Currently running 1403. I have rebooted. Still having the issue.

I'm having the same issue! Sometimes Chrome is blocked sometimes servicehost.

Thank you for all your help. You will be receiving a donation.

Adwcleaner file attached AdwCleanerR3.txt

Security check results as follows: Results of screen317's Security Check version 0.99.57 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Flash Player 11.5.502.146 Adobe Reader 8 Adobe Reader out of Date! Mozilla Firefox 13.0.1 Firefox out of Date! Google Chrome 23.0.1271.97 Google Chrome 24.0.1312.52 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe Windows Defender MsMpEng.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````

File attached. Nothing there that I think I need. Have no idea where the AVG stuff came from. AdwCleanerR1.txt

Zipped folder attached as requested. Quick scan ran and log attached as well. 0 items detected. Computer seems to be running fine. MovedFiles.zip mbam-log-2013-01-15 (18-00-42).txt

Done. Log attached. I probably should have mention I was running Windows 8. I had hoped that windows defender would have caught this before it became a problem! 01152013_172649.log

I deleted the four dll files (I deleted them) but nothing was under the processes tab. Ran OTL and attached the created files. OTL.Txt Extras.Txt

Here is the report. And thanks for the prompt help. RKreport1_S_01152013_02d1610.txt

I'm running windows defender detected js/medfos.A and B on my system. Per the instructions I have ran MBAM and DDS. The logs are attached. Any help would be greatly appreciated. attach.txt dds.txt mbam-log-2013-01-15 (15-22-15).txt mbam-log-2013-01-15 (15-22-51).txt

Thank you, Thank You, Thank You!!!!!! You have been a tremendous help. And I do plan to make a donation, please keep up the fight against these horrible people and their horrible software. Are any of these people being prosecuted for creating this malware?

Eset didn't find anything so I guess I'm virus free. But Windows security center still says automatic updates is off. When I go to control panel, system automatic updates is set to automatic.

Here's the new MBAM log. Four items were found, I didn't delete any of this. Should I? Before I started I removed all my old versions of Java, and Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6354 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4/13/2011 5:06:48 PM mbam-log-2011-04-13 (17-06-32).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 390980 Time elapsed: 1 hour(s), 25 minute(s), 35 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\system volume information\_restore{106cf321-99a3-4e3a-9103-1bd027606a99}\RP532\A0087491.exe (Trojan.Agent) -> No action taken. c:\system volume information\_restore{106cf321-99a3-4e3a-9103-1bd027606a99}\RP536\A0087637.exe (Trojan.Agent) -> No action taken. c:\documents and settings\hp_administrator\application data\Sun\Java\deployment\cache\6.0\52\44d78734-69a6b57f (Trojan.Agent) -> No action taken. c:\documents and settings\hp_administrator\application data\Sun\Java\deployment\cache\6.0\6\412d8346-168eee02 (Trojan.Agent) -> No action taken.