Jump to content

Search the Community

Showing results for tags 'connection'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Receiving a constant stream of popups from Malwarebytes about a riskware website being blocked. There is no domain given, and it continues even if I am not accessing my browser. It is referencing System32\svchost.exe. This file also exists in SysWOW64 once and WinSxS twice. The IP address is 123.123.123.123. A malwarebytes scan does not find anything, and I've run adwcleaner. I've uploaded an export of one of the event logs, and I can upload whatever other log data is needed. Would like help in identifying if this is a stream of false positives, or if some other malicious file is causing the popups. Thank you. report_log.txt
  2. I'm unable to connect too the server of this STEAM game due to this program. When I turn off "Web Protection", it's able to connect. (Example in the picture.) Even when I exclude both the program and the IP address of the game, it still doesn't "Exclude."
  3. Good afternoon, lately my internet connection started being really slow so I thought it could be caused by a malware, then I decided to install and run Malwarebytes on my PC since Windows Defender didn't help me at all. This problem only occurs temporally, then my connection works normally for a few hours, so I don't think it's about hardware. Malwarebytes found many threats which I've already deleted, but I'll post its scan log anyway. It solved an issue that made the Google website be slow, but my internet is still failing a lot. Of course, I've been talking to my internet provider company, but they found no issues, and my speed should be 300 Mb/s as it's shown by the speed tests but it's clearly not. Furthermore this is not happening to any other devices connected via Wi-Fi. At this point I'm totally lost, so I'd be grateful if you could help me. Thank you very much. (FRST, Addition and Malwarebytes logs are attached) FRST.txt Addition.txt malwarebytesLog.txt
  4. Hey Winterstar, I am having the same issue, started today. I had about 10 notices today all outbound, I am fairly good with computers, and could not find an infection on my machine. I will keep an eye on this post, maybe someone will have an answer.
  5. Hello, I just had a bit of an issue today and on the 4th. Malwarebytes blocked an outbound connection multiple times (Three times today, twice on the 4th). All five times it has happened has been with the same domain and IP address. I'm not very good with computers, so I was wondering am I possibly infected? And if I am, what can I do to fix this? AVG detects nothing wrong with my computer. Thank you for any help! EDIT: I'll just add that I've always gone of the same sites for years and never had any issue with any of them. Today and on the 4th, Malwarebytes blocked the connection pretty much a few minutes after I open Chrome. After that everything seems to be fine. Here is a copy of the most recent blocked connection. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/9/18 Protection Event Time: 5:41 PM Log File: 945b36d2-3c4f-11e8-a005-18dbf2281498.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.342 Update Package Version: 1.0.4670 License: Trial -System Information- OS: Windows 10 (Build 16299.309) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: f1hungary.fw.hu IP Address: 217.65.97.118 Port: [64169] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  6. Error message says "Download Failed. Check Internet connection and try again." My Internet connection is okay however.
  7. Hello, After scanning and repairing with Malwarebytes and rebooting i lost my internet connection. I didn't lost it at all because when I plug enthernet cable in to the notebook, i have internet for about 1 minute. I attached log files from Farbar and log from Malwarebytes what i removed. Malwarebytes don't find any threats now. Thank you in advance for help. FRST.txt Addition.txt log.txt
  8. Sometimes your program shows me the notification a connection is was blocked by it. The program spams the notification. If It starts, It would not stop for a period of some minutes. I have tried to look at your log files and detect the process what does this. Unfortunately, the program doesn't report process's Id, only the Process's file, which is, in my case, svchost.exe Please help me remove this spyware (I pretty sure it is a spyware). Thanks in Advance, Mizaro
  9. Hello everyone, in the attempt of keeping this short - after my pc randomly crashed after remaining idle for about twenty minutes, upon reboot, my Malwarebytes wouldn't let me enable realtime protection anymore. Following the steps scattered across the forums, I used the cleaning tool provided elsewhere and rebooted my computer several times. Since then, I'm stuck with MBAM Free with the error of not being able to contact the license servers. Following other topics, I disabled my Windows Firewall while activating the license, no luck with that sadly. I've attached the check results as required. Regards, ~Niklas / baabaablackgoat EDIT: Apparently this is directly related to an update? About the crash I had: Firefox suddenly froze while having a twitch.tv tab open. It then reported that all my tabs have crashed. I wasn't able to open Task Manager or the Recovery Screen, or really any new program, including MBAM. I could not shut down my computer with the respective option, so I had to cut the power. mb-check-results.zip
  10. Good day. I have been using Malwarebytes for a few years now to run periodic (monthly) scans on my laptop. It rarely, if ever, detects anything. Maybe just 1 or 2 detections in the past 3 years. For about a year now, when I run the "Threat Scan," everything comes up clean. But when I run the "Custom Scan" and check all the boxes to have it scan my entire system, it cancels part way through with an error message about how it could not complete the scan. Today, I went to run a scan, and I got a notice that a new version of Malwarebytes was available, so I let it download/install. After that, I set a "Custom Scan" to run, checked all the boxes, and left my laptop to do its thing while I did some other work around the house. I came back about half an hour later and found that my computer had restarted. So I logged back on, and I noticed that I was no longer connected to Wifi. My computer shows no networks available to connect to (I live in a neighborhood where dozens of connections usually show up). I can still connect to my own Wifi using my cell phone, but my computer cannot seem to detect any Wifi connections available. I am currently connected via ethernet cable and seem to have full internet access this way. When I opened up Malwarebytes and go to the Reports tab, I do not see any logs documenting the scan today. I have read other threads about people with the same issue, but the support provided to them seems to be very individualized, as in, there is no single universal fix. What do I need to do to get my computer back on Wifi? I am running Windows 8.1, 64-bit operating system. Thank you so much for your help.
  11. Hello, I hope somebody can help me. When I used Malwarebytes Free everything was okay, until it started finding the same 7 browser hijackers every time I scanned my computer (they are very annoying, causing a lot of unwanted redirects); it put them in the quarantine but they kept showing up without stop. I hoped Malwarebytes Premium could have helped me better and I bought a license, but when I activated it Internet just stopped working. I'm sure it's Malwarebytes, because when I shut it off Internet starts working again without other problems except those hijackers. Please help me understand what could be wrong... If you need more information, just ask. Thank you! Ps: I'm an Italian user so my pc is set with the italian language, but I should have no problems if you tell me names of folders and programs in english, I'll just search for a translation if needed.
  12. Hello, I recently purchased premium for Malwarebytes and I have been unable to activate my license key and ID. Attached are the... MBAM Logs Zipped: MBAMServiceLogs.zip First.txt: FRST.txt Addition: Addition.tx MB-CheckResults Zipped: mb-check-results.zip And finally a screenshot of what happens: Thank you for any help, I really appreciate it!
  13. Hello, I'm not sure yet if this is anything to be concerned about. I've tried to write a full explanation, but I've put my main questions in bullets near the bottom. I'm running Windows 10, and I am very careful about what goes onto this machine, and what websites I visit. I'm running both Panda antivirus and Malwarebytes. Last night I shut down my machine. This morning I started it up again, and initiated Firefox. Firefox opened to the Google home page, and right away, I pressed CTRL+T to open up a new tab. I'm not sure exactly the timing here, but as I was opening up the two websites I normally start off running (Trello and LastPass, both reputable), a green message popped up, stating that an outgoing connection was blocked. Unfortunately, I closed down Firefox right away, without doing any further forensics. The reason why I say it is unfortunate is I'm not sure what other pages were loading at the time (for example, sometimes Firefox sometimes loads pages that you had open when you shut it down last time, if the shutdown wasn't perfect). Afterwards, I did check Firefox's history but didn't find any visits to any unexpected sites. I should note that while I was loading up my pages, Firefox itself was still loading (i.e., still in its "slow" stage). Also, I was opening up new tabs at the time, an action which previews a number of websites in the new tab (I'm not sure if it actually tries to contact them). I immediately checked the Malwarebytes logs, and found the related entry, which I've pasted below. There were actually three very similar entries (including this one) all with the same timestamp, to the minute. I then ran a full scan using both Panda and Malwarebytes, neither of which found any threats. I've also restarted the computer multiple times, and haven't been able to replicate the issue. I suppose the questions I have is: I know that the site that was blocked was not a false positive. I'm primarily concerned about why my computer tried to connect to it. Given the story I outlined above, is there any serious risk that I am infected with something? or is it possible, or more likely that this was some artifact of my restarting, or Firefox previewing a site? I'm not sure sure at all how common it is for occasional random outgoing connections to get blocked while surfing the web. It hasn't really happened to me. { "applicationVersion" : "3.0.6.1469", "clientID" : "", "clientType" : "other", "componentsUpdatePackageVersion" : "1.0.75", "cpu" : "x64", "dbSDKUpdatePackageVersion" : "1.0.1635", "detectionDateTime" : "2017-03-31T17:16:10Z", "fileSystem" : "NTFS", "id" : "[removed]", "isUserAdmin" : true, "licenseState" : "licensed", "linkagePhaseComplete" : false, "loggedOnUserName" : "System", "machineID" : "", "os" : "Windows 10", "schemaVersion" : 2, "sourceDetails" : { "type" : "mwac" }, "threats" : [ { "linkedTraces" : [ ], "mainTrace" : { "cleanAction" : "block", "cleanResult" : "successful", "cleanResultErrorCode" : 0, "cleanTime" : "", "generatedByPostCleanupAction" : false, "id" : "bc78a64b-1635-11e7-95f3-346895ee6e38", "linkType" : "none", "objectMD5" : "", "objectPath" : "", "objectSha256" : "", "objectType" : "website", "websiteData" : { "ip" : "104.28.16.78", "isInbound" : false, "port" : 50878, "processPath" : "C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe", "url" : "winwiki.org" } }, "ruleID" : -1, "rulesVersion" : "0.0.0", "threatID" : -1, "threatName" : "" } ], "threatsDetected" : 1 }
  14. Hi all, I'm currently using Malwarebytes 3.0 premium trial and for the past few days I've been getting a notification each time I boot up my PC and launch Chrome saying an outgoing connection (usually to bleutrack.com) was blocked. I've sent a support ticket and have been in contact with them for a few days and they told me to scan using FRST, adwcleaner, JRT, HitmanPro, adware removal tool by TSA, and several other programs, but I still haven't been able to find anything. What can I do now?
  15. Hello, hopefully someone can help me. I'm running Windows 7 x64 and connected my PC directly from my PC to the modem. I have been having incredibly irritating internet issues that myself and my ISP cannot solve. I would be able to open webpages with no problems but when II play WoW, Overwatch, GTA5, Terraria with buds, I always seem to lag hardcore or just bluntly get disconnected from the session entirely. It doesn't last longer than a few seconds to a minute though, but it always happens again anywhere between 5-40 mins later. I talked to my ISP many, many times, most times the guy I get says my connection is fine with no problems. A few times they said there were kinda unusual readings. One time he said there was upload packet loss. I have even had an ISP tech come and check my connection a few times. One said everything was fine and said I would have to call when it's happening (which doesn't help because it doesn't last longer than a few seconds or so, especially when I have to spend 5 to 10 minutes navigating their stupid auto menus. And one said that the connection here was fine but down the road it might be interfering with my service (although he seemed to want to end the day because he had a trainee with him and just wanted to pass the problem off to another tech). Things I have tried: DNS Flush. Set the connection from Automatically find a DNS ip to various free DNS's out there from Google and OpenDNS. Update Windows. Many resets and reboots of the modem and my computer. Double and triple check my physical cord and internal PC components for looseness or damage. Did a malware and rootkit scan with Malwarebytes, Security Essentials, Avira and Housecall, all with no results. However I suspect it might be something that can't be easily discovered. Mostly because I also recently found out I have been having difficulty downloading Windows Updates (just recently got this issue sort of resolved but unsure what caused it in the first place. My computer is the only one this is happening to, however I don't have access to another PC that can play some of these games to test, or a friend to help out with it. However multiple devices are connected at different times with no issues. I am frustrated beyond belief, I hope someone can help me out here. Thanks for reading. I also scanned with Hijack This. While I do have this file, it also told me this "For some reason, your system denied access to the Hosts file. If any hijacked domains are in this file, Hijack This may not be able to fix this. ."
  16. I use Windows 8.1 but with the classic desktop. My computer clock sets itself back to showing the wrong time at restart after I correct it, when I connect to my wifi network it says connecting to network takes longer than usual and then that connection is limited even though I have perfect connection, my computer is often slow and when I press Ctrl+Shift+Esc during a freeze it shows 99% disk usage, I have tried running Rkill and then Malwarebytes in Safe Mode but they detected nothing. Is it really a malware or am I just doing something wrong? Rkill.txt
  17. March 24, 2016 Running Microsoft Windows 7 Home Premium SP1 x64 with Malwarebytes 2.2.0.1024 Premium, Avast 11.1.2253 Free and Mozilla Firefox 45.0.1 installed. This setup runs without problems. Now update Malwarebytes is 2.2.1.1043 is offered. After installing Update 2.2.1.1043 there is no Internet connection anymore although Windows signals that an Internet connection is established. No URL can be reached by Firefox. However, miniapplications like newsfeed are updated as usual. If Malwarebytes 2.2.1.1043 is removed, registration and system state are reset and Malwarebytes 2.2.0.1024 is reinstalled the system runs without problems again. Any ideas?
  18. Hi, I recently ran a full Malwarebytes scan of my Windows work computer to remove malware after noticing a decline in performance as well as experiencing unwanted ads in Chrome. As a result of the scan and subsequent removal of the malware, the internet stopped working entirely. I would approach IT at my job, however I'm an English teacher in Korea and my "IT" guy doesn't speak a lick of English so i'm at a loss. I've gone ahead and followed certain instructions as they pertain to this issue from other forums/websites, but am not entirely confident that doing everything on my own (not the most computer literate person) is best. I went ahead and took the initiative to run a scan with the Farbar Recovery Scan Tool and have the resulting logs, which are attached to this thread. I was hoping somebody could guide me in recovering whatever it is I lost to reinstate my internet! Thanks, Addition.txt FRST.txt
  19. Hi and thanks for your help. I have a problem when I turn on Malwarebytes, my internet connection doesn't work at all. I tried to turn off any other software like windows defender or any other programs, but I figure out that when I change my wired connection to non-wired connection (MSI GE60 laptop) I had internet connection. I could deactivate the on-line protection of Malware bytes, but I'm trying to find the problem. Thanks to all and sorry for my English.
  20. Hello, I have a problem connection to internet after running Adwcleaner and YAC i usually run after them malwarebytes but i lost connection after running adwcleaner, after that i cant even start malwarebytes i even tryed running "Chameleon". The only programs that i have internet connection is "Nighty Browser" and "Teamspeak 3 Client" i tryed lot of cmd commands like "netsh winsock reset", "netsh interface ipv4 reset","netsh interface ipv6 reset","ipconfig /flushdns" and many other commands inside cmd, nothing worked. I ask if anyone here can help me solve my problem. I would be really greatfull. Thank you. FRST.txt Addition.txt sfcdetails.txt Check Disk Report.txt
  21. Hey there, I just ran a Malwarebytes scan to remove malware that i received yesterday night downloading something. i think i have completely removed the malware or whatever it was but now I am having trouble connecting to the internet. I can see that i am connected to my network, but cannot get online. I downloaded and ran Farbar Service Scanner, ran a scan, and got this: --------------------------------------------------------------------------------------------------- Farbar Service Scanner Version: 27-01-2016 Ran by Edon-PC (administrator) on 31-01-2016 at 17:20:34 Running from "D:\Users\Edon-PC\Desktop" Microsoft Windows 7 Ultimate Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Google IP is unreachable Google.com is accessible. Yahoo.com is accessible. IE proxy is enabled. Other Services: ============== File Check: ======== D:\Windows\System32\nsisvc.dll => File is digitally signed D:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed D:\Windows\System32\dhcpcore.dll => File is digitally signed D:\Windows\System32\drivers\afd.sys => File is digitally signed D:\Windows\System32\drivers\tdx.sys => File is digitally signed D:\Windows\System32\Drivers\tcpip.sys => File is digitally signed D:\Windows\System32\dnsrslvr.dll => File is digitally signed D:\Windows\System32\dnsapi.dll => File is digitally signed D:\Windows\SysWOW64\dnsapi.dll => File is digitally signed D:\Windows\System32\svchost.exe => File is digitally signed D:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** ----------------------------------------------------------------------------------- I appreciate any help, thanks in advance. Ohh and I've been looking at other posts with a similar problem and i though i would just speed up the process by posting the FRST and Addition files since they are required. I need the internet connection for my university research so i would be grateful if quick help was available, and again thanks in adavance .
  22. Hello, I recently ran a Malwarebytes scan to rid my computer of some nasty trojans. Now I am having trouble connecting to the internet. I appear to be able to connect to a network, but cannot get online. I downloaded and ran Farbar Service Scanner, ran a scan, and got this: Farbar Service Scanner Version: 03-01-2016 Ran by S J Antoinetti (administrator) on 12-01-2016 at 14:59:37 Running from "C:\Users\S J Antoinetti\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Google IP is unreachable Attempt to access Google.com returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** Thought of doing a system restore, but then I don't want the Malware coming back. Any insight you can provide would be much appreciated. Thank you.
  23. Hello, I recently ran a Malwarebytes scan to rid my computer of some nasty trojans. Now I am having trouble connecting to the internet. I appear to be able to connect to a network, but cannot get online. I downloaded and ran Farbar Service Scanner, ran a scan, and got this: Farbar Service Scanner Version: 03-01-2016 Ran by S J Antoinetti (administrator) on 12-01-2016 at 14:59:37 Running from "C:\Users\S J Antoinetti\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Google IP is unreachable Attempt to access Google.com returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** Thought of doing a system restore, but then I don't want the Malware coming back. Any insight you can provide would be much appreciated. Thank you.
  24. Sometime last week, I made a horrible mistake of downloading something unsafe. Malwarebytes managed to get all of the threats off, but I no longer had internet connection, Like many others who have experienced this problem. I ran adwcleaner, Hitman Pro, and the like. No Advail. Sometime this week, I'll try to show the Logs if I can from the programs. Can someone willing to help assist? Thanks much.
  25. Hey everyone, I am scratching my head with an issue that sure seems like malware or a virus but I have been unable to root it out. My two big issues are connecting to secure sites and weird logs from my router. Virus and Malware scans are coming up clean however Hijack this has a number of entries I am unure about; several of them say file missing and I do not know if I am safe to have HijackThis clean them. There are also a couple of Winsock entries that look odd (red font in the log). The main symptom is network connectivity - my overall connection seems sluggish. Not only that, any HTTPS site I try to go to has about a low chance of actually coming up (less than 50%). The browser will get stuck trying to establish the secure connection. Both IE and Chrome have the same issue. IE says the page can't be displayed and Chrome returns a grey "webpage is not available" screen saying Err_Timed_Out. The other issue is strange traffic in my router logs both coming into my PC and going out from it. The router is labeling them as DoS Attacks (SYN Flood) and the are going from my CPU to random IP's and ports or they are coming from random IP's to my PC pinging random ports. Just looking at the last 15 minutes of data from the log there are nearly 100 records like these: Description Count Last Occurrence Target Source [DoS attack: SYN Flood] from 192.168.0.23, port 51933 1 Sun Jul 19 13:29:48 2015 72.251.229.242:80 192.168.0.23:51933 [DoS attack: SYN Flood] from 108.168.240.194, port 80 1 Sun Jul 19 13:27:59 2015 192.168.0.23:51538 108.168.240.194:80 These issues seem to persist even when I have booted into safe mode and/or disabled all startup processes. So far, I've run a full scan with MBAM, Microsoft Security Essentials, Adaware Antivirus, Bitdefender Free, Panda AV, SpyBot, Super Anti Spyware, and AdwCleaner. Everything appears clean, but AdwCleaner constantly comes up these two issues under the registry portion. AdwCleaner has "fixed" them but they keep showing up: Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local Key Found : HKCU\Software\AppDataLow\Software\adawarebp I checked the LAN settings under Internet Options and verified that the proxy settings are blank and that use a proxy is not checked. I have run the scans in both Safe Mode and regular boot. So far I have had no luck resolving the issue. Can anyone help me isolate this issue? HijackThis log is below: I have been working on this for days now with little success so any help or suggestions would be greatly appreciated. Thanks so much in advance! Logfile of Trend Micro HijackThis v2.0.5Scan saved at 2:36:48 PM, on 7/19/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17910) Boot mode: Normal Running processes:C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exeC:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exeC:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exeC:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exeC:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMTray.exeC:\Users\Elader\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeC:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exeC:\Users\Elader\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\NOTEPAD.EXEC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Elader\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = PreserveR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe,O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121213224828.dll (file missing)O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dllO2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllO3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dllO4 - HKLM\..\Run: [steelSeries World of Warcraft MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe"O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"O4 - HKLM\..\Run: [Kraken0502Launcher] C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe /startO4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimizedO4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRunO4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTrayO4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Elader\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /cO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: Dropbox.lnk = Elader\AppData\Roaming\Dropbox\bin\Dropbox.exeO4 - Global Startup: NETGEAR WNDA3100v3 Genie.lnk = C:\Program Files (x86)\NETGEAR\WNDA3100v3\WNDA3100v3.EXEO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLLO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.72.0.cabO16 - DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} (Cisco SSL VPN Relay Loader) - https://pit.infocision.biz/+CSCOL+/csvrloader32.cabO16 - DPF: {538793D5-659C-4639-A56C-A179AD87ED44} (Cisco AnyConnect Secure Mobility Client Web Control) - https://pit.infocision.biz/CACHE/stc/1/binaries/vpnweb.cabO16 - DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} - https://ra.infocision.biz/CACHE/sdesktop/install/binaries/instweb.cabO16 - DPF: {B8E73359-3422-4384-8D27-4EA1B4C01232} (CISCO Portforwarder Control) - https://ra.infocision.biz/+CSCOL+/cscopf.cabO16 - DPF: {C861B75F-EE32-4AA4-B610-281AF26A8D1C} (CISCO Portforwarder Control) - https://pit.infocision.biz/+CSCOL+/cscopf.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {E34F52FE-7769-46CE-8F8B-5E8ABAD2E9FC} (CSD ActiveX Installer) - https://ra.infocision.biz/CACHE/sdesktop/install/binaries/instweb.cabO20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXEO23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exeO23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exeO23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: SpyHunter 4 Service - Unknown owner - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeO23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.