RIZZIES
Honorary Members-
Posts
156 -
Joined
-
Last visited
Reputation
0 Neutral-
Over the last few weeks ive had four crash dumps. I dont have anything showing on malwarebytes. I am running vista where do i find the details and what do i do .
-
I started using firefox today. Got bsod two times said something about a driver Please help Ronni
-
UPDATING TO LATEST DATA FILE
RIZZIES replied to RIZZIES's topic in Malwarebytes for Windows Support Forum
Thanks so much . Checked again and got the update -
How can I tell if i have updated to the latest data file. The file I have is from earlier today and it is telling me that I have the latest version. i sthere someplav=ce I can look to check for latest verdion Thanks Ronni this is the one i have Date 5:22:12 13408 pm v2012 52208 fingerprints loaded 327604 my time is eastern
-
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
when i switch farms on farmville it says the flashplayer is not running do u want to stop i click no and it starts working i think it is the adobe flashplayer -
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
seems to be running ok the only thing is the flash keeps getting stuck while i am playing farmville otherwise i have no other problems -
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
I was running the scan before I got your reply.So i stopped and restarted the scan with those items checked. it said there were no threats . I wil post the log but it doesnt say anything about the full scan I ran only the first one. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251 -
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
scan archives and scan for potentially unsafe applications is not checked on eset.I will run it the way it is. If u want me to check these options please let me know. -
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
I dont like the changes that combofix makes and am afraid to run it is there any other test I can do instead I am running vista -
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
Yes i posted the whole log i even posted the dot on top of the log before dds i have the attach log saved to my desktop also -
Malwarebytes found trojan fake alert
RIZZIES replied to RIZZIES's topic in Resolved Malware Removal Logs
. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6001.18000 Run by Ronni at 19:05:57 on 2012-05-17 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2942.2182 [GMT -4:00] . AV: CA Anti-Virus *Enabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\CA\CA Internet Security Suite\ccprovep.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://compaq-desktop.aol.com/ BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [<NO NAME>] mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe" mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe" mRun: [cafw] c:\program files\ca\ca internet security suite\ca personal firewall\cafw.exe -cl mRun: [capfasem] c:\program files\ca\ca internet security suite\ca personal firewall\capfasem.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) LSP: c:\windows\system32\VetRedir.dll Trusted Zone: intuit.com\ttlc DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 167.206.254.1 167.206.254.2 TCP: Interfaces\{1D673272-229C-46B3-8E44-6A872B1F279B} : DhcpNameServer = 167.206.254.1 167.206.254.2 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: PFW - UmxWnp.Dll . ============= SERVICES / DRIVERS =============== . R0 KmxFw;KmxFw;c:\windows\system32\drivers\KmxFw.sys [2008-3-19 103952] R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2008-3-21 63504] R1 KmxFile;KmxFile;c:\windows\system32\drivers\KmxFile.sys [2008-3-21 45584] R1 KmxFilter;HIPS Core Filter Driver;c:\windows\system32\drivers\KmxFilter.sys [2008-5-30 51704] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-11-14 26352] R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-11-14 21104] R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-11-14 161008] R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-11-14 144696] R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672] R2 KmxCF;KmxCF;c:\windows\system32\drivers\KmxCF.sys [2008-6-4 138744] R2 KmxSbx;KmxSbx;c:\windows\system32\drivers\KmxSbx.sys [2008-3-21 66576] R2 UmxAgent;HIPS Event Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2007-10-18 1010192] R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2007-10-18 801296] R2 UmxPol;HIPS Policy Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-4-15 281104] R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-11-14 255312] R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2008-5-30 88816] R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2008-11-14 130280] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 253088] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2008-10-8 3328] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-05-17 20:21:40 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{02da4321-59e3-4945-b569-16e7d842b74a}\offreg.dll 2012-05-17 20:19:15 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{02da4321-59e3-4945-b569-16e7d842b74a}\mpengine.dll 2012-04-30 02:46:22 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-30 02:46:22 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-15 18:51:51 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-23 14:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe . ============= FINISH: 19:06:27.05 =============== -
Malware bytes found Files Detected: 1 C:\Windows\System32\DFDWiz.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. I ran another quick scan and nothing was found . SWhat should i do
-
I went to run malwareebytes updater today. It updated the version. Was there a new version today?
-
I will be completletlety removing ca. and I do not use the windows firewall with ca .