Mc752
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Mc752
-
-
The update came with the Pro version. I am running Windows 7 and Microsoft Security Essentials. I am going to try again with a clean install and stopping the AV to see if this solves the situation. I appreciate the support.
After trying it again today, turning off the AV as before and running a clean install it has gone through. It was most likely some error on my end as no on else is having this issue. I appreciate the help, thank you!
-
Where did you obtain the update ?
Did you disable your Anti-Virus when trying to do the update?
What AV and Operating System are you using?
Thanks
The update came with the Pro version. I am running Windows 7 and Microsoft Security Essentials. I am going to try again with a clean install and stopping the AV to see if this solves the situation. I appreciate the support.
-
I get an error message every time I attempt to install the upgrade. I've restarted my computer twice and the message states something about a corrupt file and installation was not completed, restart the computer. Which I have done but it's an endless loop. I have the pro version, should I download it from this site and try again, perhaps the update was damaged?
Thank you,
-
The log is in the original attachment with my first posting.
-
Thank you for your kind assistance. I have Manwarebytes Pro installed, and ran the update. I have run a few virus scan programs and noticed that my McAfee shuts itself off and I receive a notice "your computer is unprotected" where I must manually start it. This raises several antennas with me, although the IP messages from earlier are gone now from my malwarebytes scan please see below.
*********
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7512
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
8/19/2011 2:15:15 PM
mbam-log-2011-08-19 (14-15-15).txt
Scan type: Quick scan
Objects scanned: 205702
Time elapsed: 18 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
**************
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Me at 14:15:54 on 2011-08-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1333 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\EPSON\eEBAPI\eEBSVC.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEKA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\MICROS~4\Office12\OUTLOOK.EXE
C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\WINDOWS\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.sony.com/vaiopeople
uInternet Settings,ProxyServer = localhost:8118
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110708155615.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [EPSON WorkForce 600(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatieka.exe /fu "c:\windows\temp\E_SAB.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [sonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [biomenu] "c:\program files\protector suite ql\menusw.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115
TCP: Interfaces\{1970C9AF-B6E3-4D0A-8DD4-8B643AD79134} : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115
TCP: Interfaces\{A212899A-FD8F-4BD4-BCE3-6EFA12C88005} : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: psfus - fusstub.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\acaptuser32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\me\application data\mozilla\firefox\profiles\xa5arf9c.default\
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 459728]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-6-15 89368]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]
R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2005-7-25 13440]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2005-7-25 33024]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-11 366640]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-6-15 165000]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-6-15 159832]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-6-15 148520]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -svaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -sVAIO_VEDB [?]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-6-15 57432]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-11 22712]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-6-15 179248]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-6-15 59288]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-6-15 337912]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-6-15 83688]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2005-9-30 812544]
S1 MpKsl56edc0bb;MpKsl56edc0bb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\mpksl56edc0bb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\MpKsl56edc0bb.sys [?]
S1 MpKslf3a4201b;MpKslf3a4201b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\mpkslf3a4201b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\MpKslf3a4201b.sys [?]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 fa410;NETGEAR FA410TX Fast Ethernet PC Card Driver;c:\windows\system32\drivers\fa410nd5.sys [2005-9-30 24618]
S3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\drivers\htcusbnet.sys [2011-7-15 128512]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-6-15 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-6-15 85984]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.exe -i vaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.EXE -i VAIO_VEDB [?]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-08-17 22:42:49 -------- d-----w- c:\program files\ESET
2011-08-17 19:58:25 112640 ----a-w- c:\windows\system32\E_ADDNET.EXE
2011-08-17 19:58:10 77824 ----a-w- c:\windows\system32\EBAPI.dll
2011-08-17 19:58:10 65536 ----a-w- c:\windows\system32\EEBUtil.dll
2011-08-17 19:58:10 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll
2011-08-17 19:58:10 135168 ----a-w- c:\windows\system32\EEBAPI.dll
2011-08-17 19:58:10 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll
2011-08-17 19:58:09 474892 ----a-w- c:\windows\system32\ensppmon.dll
2011-08-17 19:58:09 457099 ----a-w- c:\windows\system32\ensppui.dll
2011-08-17 19:58:09 249344 ----a-w- c:\windows\system32\enspres.dll
2011-08-17 19:58:09 249344 ----a-w- c:\windows\system32\enpres.dll
2011-08-17 19:58:08 474892 ----a-w- c:\windows\system32\enppmon.dll
2011-08-17 19:58:08 457099 ----a-w- c:\windows\system32\enppui.dll
2011-08-17 19:53:11 -------- d-----w- c:\program files\EpsonNet
2011-08-17 19:52:06 9216 ----a-w- c:\windows\system32\escdev.dll
2011-08-17 19:52:06 71680 ----a-w- c:\windows\system32\escwiad.dll
2011-08-17 00:10:18 -------- d-sha-r- C:\cmdcons
2011-08-17 00:08:55 98816 ----a-w- c:\windows\sed.exe
2011-08-17 00:08:55 518144 ----a-w- c:\windows\SWREG.exe
2011-08-17 00:08:55 256000 ----a-w- c:\windows\PEV.exe
2011-08-17 00:08:55 208896 ----a-w- c:\windows\MBR.exe
2011-08-12 20:47:38 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-08-12 01:04:03 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-12 01:03:58 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-12 00:47:53 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-08-12 00:47:53 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-12 00:44:17 -------- d-----w- c:\program files\Epson Software
2011-08-09 03:30:10 -------- d-----w- c:\documents and settings\me\application data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-08-09 03:00:28 -------- d-----w- c:\documents and settings\me\application data\Malwarebytes
2011-08-09 03:00:19 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-08-09 03:00:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-02 20:18:23 794624 ----a-w- c:\windows\system32\spr32d35.dll
2011-08-02 20:10:07 -------- d-----w- c:\program files\Punch! Home Design - Platinum
2011-07-28 10:27:08 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
.
==================== Find3M ====================
.
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-30 02:27:45 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-06-29 22:28:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ------w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ------w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv(2).dll
2011-06-17 19:00:35 89680 ----a-w- c:\documents and settings\me\MSSSerif120.fon
2011-06-16 23:24:17 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-16 23:24:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-04 08:56:04 330600 ----a-w- c:\windows\system32\HMIPCore.dll
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 14:16:48.79 ===============
-
My computer anti-virus software McAfee keeps telling me that it has stopped an outgoing connection. I ran my malwarebytes and get the following:
11:14:14 (null) MESSAGE Protection started successfully
11:15:01 (null) MESSAGE Scheduled update executed successfully
11:15:29 Me MESSAGE IP Protection started successfully
11:15:29 Me MESSAGE IP Protection stopped
11:15:38 Me MESSAGE Database updated successfully
11:15:42 Me MESSAGE IP Protection started successfully
15:18:03 Me IP-BLOCK 94.100.30.167 (Type: outgoing)
15:18:06 Me IP-BLOCK 94.100.30.167 (Type: outgoing)
15:18:12 Me IP-BLOCK 94.100.30.167 (Type: outgoing)
15:18:24 Me IP-BLOCK 94.100.30.163 (Type: outgoing)
15:18:27 Me IP-BLOCK 94.100.30.163 (Type: outgoing)
15:18:33 Me IP-BLOCK 94.100.30.163 (Type: outgoing)
15:18:45 Me IP-BLOCK 94.100.30.164 (Type: outgoing)
15:18:48 Me IP-BLOCK 94.100.30.164 (Type: outgoing)
15:18:54 Me IP-BLOCK 94.100.30.164 (Type: outgoing)
15:19:06 Me IP-BLOCK 94.100.30.165 (Type: outgoing)
15:19:09 Me IP-BLOCK 94.100.30.165 (Type: outgoing)
15:19:15 Me IP-BLOCK 94.100.30.165 (Type: outgoing)
15:19:27 Me IP-BLOCK 94.100.30.166 (Type: outgoing)
15:19:30 Me IP-BLOCK 94.100.30.166 (Type: outgoing)
15:19:36 Me IP-BLOCK 94.100.30.166 (Type: outgoing)
15:56:11 Me MESSAGE Protection started successfully
15:56:34 Me MESSAGE IP Protection started successfully
Is this something to worry about? Thank you.
Help Pls, 9736 Trojan.Agent What is this?
in Malwarebytes for Windows Support Forum
Posted
Doing a routine scan malwarebytes finds a trojan, I hit delete and it tells me to reboot. Upon rebooting I run it again and there it is. I've deleted the temp files and the recycle bin yet it keeps coming back. Can someone tell me if this is something I need to worry about?
Thank you in advance for your help.
Here is a copy of my latest scan. I've got lots more, some are full scans, some are flash scans.
Database version: v2012.11.18.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Irma :: IRMA-VAIO [administrator]
Protection: Enabled
11/18/2012 2:38:30 PM
mbam-log-2012-11-18 (14-38-30).txt
Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 229548
Time elapsed: 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|9736 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msbambyo.com -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)