Jump to content

Search the Community

Showing results for tags 'infected computer'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 9 results

  1. First off, some background- I started this topic as i have been running into issues over the last few days. It started when a virus embedded in the most recent version of Display Driver Uninstaller (DDU) was downloaded to my Computer (Windows 10 x64- running only Defender and free version of malwarebytes, at this point in time). I tried to move file to desktop- took a minute (hmm). Then decided to Place in my Extra Apps folder (w/ MWB, + couple others). Got locked on transfer screen (hmmmm), Tried to move to Recycle Bin, same thing. went to to file location, finally got it to move into recycle bin (i think that's how it went down?), ran CCleaner... A while later before bed, i opened windows security center, and noticed it said it had detected a threat. Ran scan.... Detected Win32/vigram.a (showing the transfer path i described above)... Removed... Ran multiple full, quick, offline scans immediately after. I then vigram.a i also scanned the desktop folder w/ MWB (no threats found), and then moved MWB out, MWB right then MWB displayed a message for new update available, which allowed me to start the 14 day trial over- which is great!! It's just weird that i never got the message before- honestly, might be nothing, given that i haven't used it in a while. Since then, I have noticed a couple of things (spurattically/randomly)-- Screen kinda will do a flicker/refresh thing when i open some applications (file viewer/MWB/Chrome/etc..) Not always though. It seems slightly slower?? more like random hiccups, and weird screen glitches with my background slides- randomly stuttering btw slides, and once, weird problems with icon images on taskbar glitching out when i hovered over them; etc... Just seems off. I have been hyper vigilant though- so that may be an attribute. ANYWAYS, I now have kaspersky w/ malwarebytes and uBlock origin, and nothing has been detected until today when i decided to try out AdwCleaner, and 17 things were detected... # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-22.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-23-2018 # Duration: 00:00:03 # OS: Windows 10 Home # Cleaned: 17 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\johnt\AppData\Local\Host App Service Deleted C:\Users\Public\Desktop\..\App Explorer ***** [ Files ] ***** Deleted C:\Windows\System32\Tasks_Migrated\App Explorer ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\App Explorer ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Deleted HKCU\Software\Host App Service Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5} Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474} Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer ***** [ Chromium (and derivatives) ] ***** Deleted Amazon Assistant for Chrome ***** [ Chromium URLs ] ***** Deleted Ask Deleted AOL ***** [ Firefox (and derivatives) ] ***** Deleted Amazon Assistant for Firefox ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Followed by... # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-22.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-23-2018 # Duration: 00:00:00 # OS: Windows 10 Home # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ########## Then after opening chrome, later, and came up with 3 more detections (have a feeling these are false positive??).... # ------------------------------- # Malwarebytes AdwCleaner 7.1.0.0 # ------------------------------- # Build: 04-12-2018 # Database: 2018-04-22.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 04-23-2018 # Duration: 00:00:13 # OS: Windows 10 Home # Scanned: 40705 # Detected: 3 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** PUP.Optional.AmazonBrowserBar Amazon Assistant for Chrome Idk, if my first problem, and this are related at all, but there it is... Resolution: Has this resolved my problems? Am i safe, or what else should i check or do, to make sure? Sorry, about the long post. Any help/input is welcome. Thank you for your time!
  2. My system got infected. Malwarebytes only picks up PUP, it is not able to remove it. Malwarebites anti root cannot start, cannot install driver. All other software software failed. Norton tells that it is fifex, while it is not. File location is locked. I tried to boot from Linux boot disk and delete the directory, but after a while it reapers. Tried RegRun reanimator. Still not sure. Files from FarBar are attached. Please help. Addition.txt FRST.txt
  3. I was referred here from other forum - already ran the frst and attached 3 files here: https://forums.malwarebytes.org/index.php?/topic/154201-pop-up-saying-databases-our-of-date/
  4. Installed and ran the software. Ran all options in the Chamelion starter. Attempted all alternative startup methods described on malwarebytes.org website. In all cases the software attempts to start but is prevented from doing so. Addition.txt FRST.txt
  5. Hi, I recently updated my 'Malwarebytes Anti-Malware' program and since then I've been getting a log report come up about 5/10mins after starting my computer telling me it stopped a threat called cdn.zeusclicks.com. When scanning my computer with either 'Malwarebytes Anti-Malware' or 'AVG' it doesn't come up with anything. Also I've noticed that my AVG firewall is stopped when first starting my computer up, which I immediately fix. I've researched what it is and it seems as though it attacks browsers to steal banking information. I've called my bank to stop any transactions happening until I get this fixed. I've pasted in the daily protection log from Malwarebytes Anti-Malware: Update, 05/07/2014 01:09:21, SYSTEM, CHRIS-PC, Scheduler, Malware Database, 2014.7.4.9, 2014.7.4.11, Protection, 05/07/2014 01:09:22, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, Protection, 05/07/2014 01:09:22, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, Protection, 05/07/2014 01:09:22, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, Protection, 05/07/2014 01:09:27, SYSTEM, CHRIS-PC, Protection, Refresh, Success, Protection, 05/07/2014 01:09:27, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, Protection, 05/07/2014 01:09:27, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, Protection, 05/07/2014 11:49:41, SYSTEM, CHRIS-PC, Protection, Malware Protection, Starting, Protection, 05/07/2014 11:49:41, SYSTEM, CHRIS-PC, Protection, Malware Protection, Started, Protection, 05/07/2014 11:49:41, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, Protection, 05/07/2014 11:50:21, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, Update, 05/07/2014 11:50:43, SYSTEM, CHRIS-PC, Scheduler, Malware Database, 2014.7.4.11, 2014.7.5.4, Protection, 05/07/2014 11:50:46, SYSTEM, CHRIS-PC, Protection, Refresh, Starting, Protection, 05/07/2014 11:50:46, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopping, Protection, 05/07/2014 11:50:46, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Stopped, Protection, 05/07/2014 11:50:50, SYSTEM, CHRIS-PC, Protection, Refresh, Success, Protection, 05/07/2014 11:50:50, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, Protection, 05/07/2014 11:50:50, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, Detection, 05/07/2014 11:52:47, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, IP, 159.253.131.112, cdn.zeusclicks.com, 49818, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Detection, 05/07/2014 11:52:47, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, IP, 159.253.131.112, cdn.zeusclicks.com, 49818, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Detection, 05/07/2014 11:52:47, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, IP, 159.253.131.112, cdn.zeusclicks.com, 49819, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Detection, 05/07/2014 11:56:40, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, IP, 159.253.131.112, cdn.zeusclicks.com, 50485, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Detection, 05/07/2014 11:56:41, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, IP, 159.253.131.112, cdn.zeusclicks.com, 50487, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Protection, 05/07/2014 15:48:23, SYSTEM, CHRIS-PC, Protection, Malware Protection, Starting, Protection, 05/07/2014 15:48:23, SYSTEM, CHRIS-PC, Protection, Malware Protection, Started, Protection, 05/07/2014 15:48:23, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, Protection, 05/07/2014 15:49:07, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, Protection, 05/07/2014 15:55:18, SYSTEM, CHRIS-PC, Protection, Malware Protection, Starting, Protection, 05/07/2014 15:55:18, SYSTEM, CHRIS-PC, Protection, Malware Protection, Started, Protection, 05/07/2014 15:55:18, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Starting, Protection, 05/07/2014 15:55:35, SYSTEM, CHRIS-PC, Protection, Malicious Website Protection, Started, (end) Any help will be much appreciated. Thank you, Chris
  6. I am really worried because I will not be able to afford another computer if I lose this. So basically when I started up my computer this morning I noticed that all my files were gone and wouldn't load, a restart fixed this however. But I have a little red exclamation mark on my Malwarebytes. clicking on it had it say "Real Time Protection: "No Protection" There's a fix now button but I have pressed it REPEATEDLY and to no avail, absolutely nothing happens. I have restarted my computer several times and it also cannot update, it fails to access the update server even though my internet is fine or I wouldn't be asking for help. Also, I have a gaming computer and have several thousands of files that yesterday, took roughly a nice 3 hour scan to complete. I have many huge ginormous games that hog up memory. I did a threat scan since I was worried about not being able to update, and suddenly from today, it took less than 2 minutes... That's faster than a hyper scan!!! Normally that'd be great! But that's not how it should work, I have tons of files and it took about 3 hours yesterday, I had website protection so I don't know why I would get a website virus, I am really worried and whether or not this is a big deal I am terrified. All my files are intact so there's no reason for this. I am also a premium member so I should have the best protection Please HELP!!!
  7. so i followed the first couple of steps to clean it out and here are the malwayre bytes logs and the dds logs Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2013.07.09.03 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Margo :: MARGO-PC [administrator] Protection: Enabled 7/9/2013 9:05:00 PMmbam-log-2013-07-09 (21-05-00).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 337864Time elapsed: 1 hour(s), 20 minute(s), 41 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.4.1Run by Margo at 22:40:36 on 2013-07-09Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2084 [GMT -4:00].AV: COMODO Antivirus *Disabled/Outdated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exeC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Windows\system32\WLANExt.exeC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exec:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exeC:\Windows\System32\rundll32.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Google\Drive\googledrivesync.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Google\Drive\googledrivesync.exeC:\Program Files\COMODO\COMODO Internet Security\cavwp.exec:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exec:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\system32\svchost.exe -k defragsvcC:\Windows\system32\dfrgui.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [Google Update] "C:\Users\Margo\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostartmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: NameServer = 10.0.1.1TCP: Interfaces\{478E99F1-79A2-4550-A6BE-B086FCB37A24} : DHCPNameServer = 10.0.1.1TCP: Interfaces\{478E99F1-79A2-4550-A6BE-B086FCB37A24}\054584A5D4 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{478E99F1-79A2-4550-A6BE-B086FCB37A24}\2516E646F6C60786 : DHCPNameServer = 192.168.2.1 192.168.2.1TCP: Interfaces\{478E99F1-79A2-4550-A6BE-B086FCB37A24}\C45736B697D41607C656D27657563747 : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.33.1SSODL: WebCheck - <orphaned>x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exex64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exex64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmx64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe.============= SERVICES / DRIVERS ===============.R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2011-9-27 89600]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-7 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-7 701512]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-30 2320920]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-9-30 56344]R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-9-27 158976]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-27 289280]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-7 25928]RUnknown cmderd;cmderd; [x]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-9-30 35104]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-9-27 250984]S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-27 325152]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-1 59392]S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-6 1255736].=============== Created Last 30 ================.2013-07-09 06:12:27 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{330D0FD5-0FF2-4449-8E19-8F06A50552F0}\mpengine.dll2013-07-07 06:29:33 -------- d-----w- C:\Users\Margo\AppData\Roaming\Malwarebytes2013-07-07 06:29:26 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-07 06:29:25 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-07-07 06:29:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-07 06:29:08 -------- d-----w- C:\Users\Margo\AppData\Local\Programs2013-06-20 03:45:25 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll2013-06-20 03:45:25 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll2013-06-17 20:36:20 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-06-12 18:14:22 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-12 18:07:57 1887232 ----a-w- C:\Windows\System32\d3d11.dll2013-06-12 18:07:57 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll.==================== Find3M ====================.2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys.============= FINISH: 22:41:04.17 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 9/30/2011 1:57:58 PMSystem Uptime: 7/9/2013 9:01:12 PM (1 hours ago).Motherboard: Dell Inc. | | Processor: Intel® Core i5 CPU M 450 @ 2.40GHz | CPU 1 | 1173/533mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 587 GiB total, 539.43 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================.Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.7)Apple Application SupportApple Mobile Device SupportApple Software UpdateBonjourCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleDell Edoc ViewerDW WLAN Card UtilityGoogle ChromeGoogle DriveGoogle Update HelperIntel® Graphics Media Accelerator DriverIntel® Management Engine ComponentsIntel® Turbo Boost Technology MonitoriTunesJava Auto UpdaterJava 6 Update 29Java 6 Update 29 (64-bit)Java 7 Update 4JavaFX 2.1.0Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Office Word Viewer 2003Microsoft SilverlightMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Quickset64Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Synaptics Pointing Device DriverUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)VC80CRTRedist - 8.0.50727.6195Visual Studio 2008 x64 RedistributablesWIDCOMM Bluetooth Software.==== Event Viewer Messages From Past Week ========.7/9/2013 9:29:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}7/9/2013 9:29:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.7/9/2013 9:29:43 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/9/2013 9:01:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD7/9/2013 2:56:05 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.7/9/2013 2:22:05 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Backup service to connect.7/9/2013 2:22:05 AM, Error: Service Control Manager [7000] - The Windows Backup service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/9/2013 2:22:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service sdrsvc with arguments "" in order to run the server: {687E55CA-6621-4C41-B9F1-C0EDDC94BB05}7/9/2013 10:11:40 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.7/9/2013 10:11:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.7/7/2013 4:16:47 AM, Error: Service Control Manager [7022] - The Background Intelligent Transfer Service service hung on starting..==== End Of File =========================== my computer is so slow right now and i dont know what to do. please help!
  8. opened my laptop today and loud advertisements started playing immediately. i closed the window that was open(i had been watching a show online when i was falling asleep) and the ads didn't stop playing. i checked(ctrl+alt+dlt) if anything was running that i couldn't see and nothing. so i decided to restart and even through the whole shutting down process, the ads were still playing. they are ads for droid, some gardening website, career finding, devry...etc. just completely random. my internet explorer has been compromised somehow too. the address bar has been replaced with an advertisement. but i'm using firefox instead. restarting my pc didn't solve the ad issue with IE or get rid of the loud and intrusive background ads so i downloaded malwarebytes free version, did the pro for a trial period, and did the update(just like the how to guide explained) and ran the program, deleted everything it found, and restarted again. same issues still. so then i followed further instructions to get my dds logs and i'm here to post them and see what you can make of this problem. thanks for your time! ps. my computer is also working very slow(with usage at 100%) for some reason even tho there are no programs running outside of this web browser currently. and my volume control doesn't look the way it normally does for windows 7. ------------------------------------------------------------------------------------------------------------- DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 Run by Owner at 14:01:17 on 2013-03-17 . ============== Running Processes =============== . . ============== Pseudo HJT Report =============== . uStart Page = hxxp://whedonesque.com/ uSearch Bar = Preserve mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - <orphaned> BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll BHO: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - <orphaned> BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: BitTorrentBar Toolbar: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBitT.dll TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW uRun: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /c uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" uPolicies-System: WallpaperStyle = 2 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: WallpaperStyle = 2 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.2.1 TCP: Interfaces\{4384E39C-C343-492C-9DBF-B3722ACB9FCC} : DHCPNameServer = 168.94.0.15 168.94.0.14 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC} : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\2456C6B696E6F5E4B2F5549363133424 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 68.87.72.134 68.87.77.134 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\35475667560225F676562737 : DHCPNameServer = 208.59.247.45 208.59.247.46 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\375707562777163786 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\37F6C696460237E616B656 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\9676C6F6F647F6F6 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{BCB96341-0247-4A73-8B9F-28FED51C80DC}\C656F6E6162746 : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe x64-Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\bkk6kn3b.default\ FF - prefs.js: browser.startup.homepage - hxxp://whedonesque.com/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll FF - plugin: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64 R? fssfltr;fssfltr R? fsssvc;Windows Live Family Safety Service R? netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader R? RtsUIR;Realtek IR Driver R? SkypeUpdate;Skype Updater R? SrvHsfHDA;SrvHsfHDA R? SrvHsfV92;SrvHsfV92 R? SrvHsfWinac;SrvHsfWinac R? TmProxy;Trend Micro Proxy Service R? TsUsbFlt;TsUsbFlt R? USBAAPL64;Apple Mobile USB Driver R? WatAdminSvc;Windows Activation Technologies Service R? wlcrasvc;Windows Live Mesh remote connections service R? yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller S? CAXHWAZL;CAXHWAZL S? Com4QLBEx;Com4QLBEx S? HP Support Assistant Service;HP Support Assistant Service S? HsfXAudioService;HsfXAudioService S? IntcHdmiAddService;Intel® High Definition Audio HDMI S? MBAMProtector;MBAMProtector S? MBAMScheduler;MBAMScheduler S? MBAMService;MBAMService S? RTL8167;Realtek 8167 NT Driver S? tmpreflt;tmpreflt . =============== Created Last 30 ================ . 2013-03-17 18:28:46 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C2AECF0-CA61-42AF-B877-D382D030A2E8}\offreg.dll 2013-03-17 16:24:17 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes 2013-03-17 16:23:58 -------- d-----w- C:\ProgramData\Malwarebytes 2013-03-17 16:23:55 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-17 16:23:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-17 16:22:06 -------- d-----w- C:\Users\Owner\AppData\Local\Programs 2013-03-15 22:18:53 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C2AECF0-CA61-42AF-B877-D382D030A2E8}\mpengine.dll 2013-02-28 09:00:55 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll . ==================== Find3M ==================== . 2013-03-13 04:35:36 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 04:35:36 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-17 07:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS . ============= FINISH: 14:13:00.33 =============== ------------------------------------------------------------------------------------------------------------- attach.txt
  9. Hello, this is a Windows 7 computer that will only boot in safemode without networking. Run of MBAM software was clean but the software was not updated to the most recent version (30 days ago). Files dds.txt and attach.txt are attached. Thank you for your help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.