Jump to content

Search the Community

Showing results for tags 'pop up'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 23 results

  1. Hello, Ad blocking / pop-up blocking / cosmetic filtering is still a weak point of Malwarebytes Browser Guard. I wish to see it be good enough at those things one day to avoid having to use an ad blocker like uBlock Origin or Adguard or Ghostery et cetera alongside it. 1. Are there any plans on using a list of websites that commonly have annoying ads of various types that constantly try to get past ad blockers (like various adult websites, bootleg streaming video websites, et cetera) and ad blocking test websites to regularly test / train Malwarebytes Browser Guard against to improve its ad blocking & keep up with the advertisers? Some ad blocker test websites: Ad Blocker Test (d3ward.github.io) AdBlock Tester: test your AdBlock extensions (adblock-tester.com) Test your blocker (raymondhill.net) https://canyoublockit.com/ And various real world websites like I mentioned with constantly evolving annoying ads that are submitted to you that you can add to a special list to use for real world testing. 2. Any plans to integrate / use some open source superior ad blocking techniques, filter lists, code, APIs, whatever from uBlock Origin or Brave Browser(?) or Ghostery(?) or Adguard(?), et cetera; like how Avira had teamed up with Adguard for ad blocking in their extension I think (which now has better ad blocking than Malwarebytes Browser Guard)? Anyway, it would be great to see Malwarebytes Browser Guard improve to match or surpass those ad blockers. I am also curious to see what happens if you open up Malwarebytes Browser Guard's heuristic ad blocking for all websites instead of just YouTube, and train it against the previously mentioned websites & real world ad filled websites. Thank you, — John Jr
  2. Hi, I recently had a malwarebytes update and eversince that update the pop-up screen (which tells you the results from a scan) pops up while in a full screen game. Because i play with a gamecontroller there is no mousepointer in the game and I can't close the pop-up that appears on the bottom right corner. I need to alt+tab into windows and close the pop-up with the mouse and than return into the game pressing alt+tab again. If I play 1920x1080, the pop up comes in the bottom right corner, but when i play 4k the pop-up is in the middle of the screen, blocking the most important part of my game. This is unwanted behavior. Don't get me wrong, I like the pop-up when i am in windows, but it should not show while i am in a game.
  3. I am repeatedly being brought to a Play Store page for a random app and Malwarebytes doesn't seem to know whatever is causing this exists. I tried clearing browser history and cache, as the person who replied to my Play Store review said, but it did nothing. This is with the Premium Trial by the way.
  4. How can i disable layers without annoying popups due to computer freezing? Well, having all the layers enabled cause my pc to freeze after a while when i use SPECIFIC applications such as camfrog. This problem does not occur when i disable anti exploit (and yes the same problem has occurred more than 10 times after i have upgraded from version 2 to version 3 - clean installation). Thus, i have decided to disable exploit protection and web protection.After i do that, everything is working ok. I always knew since the first time i have used my computer, that anti exploit does not work for my pc, properly.I'm not here to discuss on this topic why anti exploit has probably issues with peer to peer applications but what i really need is a way to find out how can i stop that annoying pop up window that mentions every 5 minutes that real time protection layers are turned off and if i can't do that, is there any possibility this option to be added in the future?
  5. Hi I am getting chrome pop up in the past week, I tried few things and seems no effect on this pop problem which I never experience before. Things I tried. Format my windows 10 HD and reinstall windows 10 -I reinstalled everything the sec I reinstall chrome pops came back. Reset my chrome setting and delete some extensions I don't use. -still have quite a few extensions might cost problem, those extensions, I been using in the past few years. scan with CC clean, Malwarebytes, and 360 all return 0 problem Malewarebytes are able to block some pop up but some still get through I also notice the popup happens when I am changing page or clicking links, no pops if I am not opening new tab or go to a different page. I upload 3 of the website popup were blocked those repeatedly got blocked but some get through like akm.playnow.guru I am very desperate now because before I got malware I just reinstall my windows and this is the first time that method have failed me. Please help Thanks Apple Addition.txt FRST.txt Log1.txt Log2.txt Log3.txt
  6. Hello, since i've installed Malwarebytes, I some times get a notification for a blocked pop up when I use my browser (I always keep my browser on so I can't tell if it does that too when I don't have any browser open) I've tried AdwCleaner, and a complete scan of Malwarebytes but they detect nothing. The pop up are outgoing and are from: om.forgeofempires.com files.gamebanana.com or gamebanana.com reimageplus.com They always tries multiples ports Thanks in advance
  7. Hello, Every day, exactly at 2:00 pm, on my computer an add pop up. Even if my browser isnt active, it's shows up. I tried many software to detect the ("what i think of as a") virus, with out any success... Ty for help. Penne.
  8. Hello, To profess, I have very little knowledge on computer, security and programs. Last night, I tried to download an album from a site that I've never been to. During the download, a program opened, it change my default search engine and I suspect that it downloaded a program. I cannot be fully sure what was downloaded. I believe it was a malaware or something. I opened my computer in safe mode to delete the program I just downloaded. After I restarted the computer I changed and removed this new default search engine, but it would not solve the issue. So I decided to reformat my computer to an earlier date, about 2 weeks ago. I checked all the programs on my control panel to see if everything lead up to that point, and nothing seemed wrong, but I still suspected something. I downloaded JRT, adwcleaner, Malwarebytes after reading some solutions on different forums and I updated my 2016 AVG again. I ran and scanned everything. AVG 2016 did not find anything. I do not know how to use JRT, so I didn't understand what it told me (I believe I deleted some affected programs), adwcleaner found two vtoolbarupdater that I didn not remove yet because apparently it' simportant to AVG. Malwarebyte scanned for an hour and a half and found about 200 malaware, including one trojan horse (I did not catch the name), and I quickly quarantined everything thinking that it was the right thing to do. Since then, every few seconds I'd have a Malwarebytes Anti-Malware alert saying : Domain: IP: 46.17.97.93 (it's from the Netherlands I believe) Port: 53822 (it would sometimes change) Type: Outbound Process: C:\Windows\System32\svchost.exe (this is the current state of things) I read up on forumes on how to deal with this. I saw different people experiencing the same thing I am and I followed the experts instructions to what to do. I relaunched my computer in Safe mode to see if there was a fake svchost.exe file, but the one I had in C:\Windows\System32\ was one from 2009 and apparently the one I need because of its file location. I also deleted all my web history from google chrome, my accounts and password. It's all reset. Currently I do not know what to do anymore, can somebody help? I really need to get my computer fixed. And can anybody please answer these questions? 1. Why does the Port always change? 2. Is there a way to find out since when this has been happening? 3. I've used my credit card to purchase things in the last month, should I be afraid? 4. What can this malware do to my computer? 5. Any chances that I can get this Malaware clean off after this? 6. Would it be better to do reboot my computer? 7. Where would this malware be hiding? 8. (stupidest question) Can this infection be hiding in a .jpg, word, maya, 3dsmax, zbrush, wmv, etc. file? I wonder if I can transfer all these things that I've previously backed up on an external harddrive back on a fresh computer and not have any malware caught in it 9. Should I be afraid in my situation? 10. How safe/in danger my computer is in right now? 11. What does Outbound me? 12. What does that pop mean? 13. How much stuff information does this malware know about? To what extent? Thank you all very much for reading and I really hope you can help! Oshiroe
  9. i just installed Anti-Exloit and every time I open a browser or clik a link or open a new word template it sounds and alarm and a pop up appears in lower right corner saying Anit-Exploit has protected Fire-fox,or Chrome, or Edge, or MS Word etc. Not only is the sound annowing but the popup is disruptive and a nuisance How can i keep this pop up from occuring ? Thanks
  10. Is there any way the Malware pop up after when saving pdf's can be disabled or moved so it doesn't cover the save button? It's very annoying.....fred
  11. Hello, I've recently been fighting some nasty malware that has creeped into my computer that I built a little over a year ago and was working flawlessly up until last month. It started when I noticed some intrusive ads in my Google searches and an extension in my Chrome browser that I didn't recognize nor installed myself. Since then I've done a series of uninstalls and removals on the unwanted programs and extensions using several programs (Mostly Spybot Search & Destroy and Malwarebytes Anti-Malware). At first it looked like I got rid of everything unwanted but I noticed that every so many days the ads and malware kept returning, so I slowly but surely chipped away at finding the source of the problem and I seem to have gotten rid of the bulk of it presently but there's at least one malware that I just can't find and eliminate. It's something that causes my Chrome browser to redirect to an undesired web page when I open a new window in Chrome. It doesn't happen frequently; only once every hour or so. In the meantime, I can open dozens of new windows and tabs without any problems. For the most part, my browsing experience is pleasurable and I simply end the task on the Chrome window that occasionally gets redirected. Other than that, my computer's running fine, so I would simply like help trying to track down this piece of malware that's causing my Chrome to redirect please. Attached are the FRST.txt and Addition.txt files generated from Farbar's Recovery Scan Tool. The two security softwares I'm presently using are Microsoft Security Essentials and Spybot Search & Destroy. I've ran several threat scans in Malwarebytes Anti-Malware and it never detects any threats. Please let me know if there's any other additional system or setup information you guys need and I will be happy to provide it. FRST.txt Addition.txt
  12. Im getting daily messages on my Samsung galaxy 3 asking me to click on a link to update it or sometimes it says your battery module needs updating. todays says the page at http://androidbox.mobisays warning!!!! Your android needs to update1obviously a fake but how do I remove this annoyance please?
  13. I am getting clobbered by pop ups even from the malwarebytes site. Can't really access the site due to this problem. Had to get my iPad out to enter this. Constant warnings to update have and windows tools. Never got these warnings before loading this program. My computer is getting worse and worse. Also, I bought the paid program but my program shows trial. I can't even function watching espn due to constant malware bytes warnings and pop ups. This is really bad. I am worse off after buying this as opposed to not having it.i need help. Thank you
  14. I've tried to run Malwarebytes, but it didn't run. I uninstalled and reinstalled as mentioned on the website, and it still won't run. My HP Pavilion dm1 is running extremely slow with pop up ads and unresponsive scripts. When I try to run Malwarebytes, I get the error messages: "Internal error: Expression error 'Runtime Error (at 45:89): Expression exception E06D7363" and "Runtime Error (at 69:252): External exception E06D7363" and "Internal error: Expression error 'Runtime Error (at 79:177): Expression exception E06D7363" I ran Farbar Recovery Scan Tool and followed those instructions. Here are the logs! FRST.txtAddition.txt Please help, thank you so much!
  15. I am getting a pop up in the lower right hand corner stating that the databases are out of date -- when I click update now nothing happens -- another pop up box appears each time I click. When I open my malwarebytes window - It tells me the same thing "Your databases are out of date". When I click the fix now button -- nothing happens. Is this because my premium subscription has expired?
  16. I have a Malware Detected pop up constantly running in the lower right corner and when I click on the x nothing happens. It does not give me any options as to what to do with the threat. When I click on it it opens Application logs where I can view the logs but how do I stop this pop up? It's very annoying!
  17. Hi, constantly i am having this report that ( " Malwarebytes anti-Malware successfully blocked access to a potentially malicious website: 95.211.192.195" type outgoing, port:different range Process: chrome.exe), if i close chrome and use IE, then pop up is going to be same message and about this IP address but Process instead of chrome.exe, will show iexplore.exe, I have disabled extensions (add-on) on both chrome and IE but this is happening every couple of minutes, please advice.
  18. While I greatly appreciate reminers, is there any way to disable the pop-up screen that asks me to purchase or decline the Pro version of Malwarebytes? Your product is great, but I cannot afford to purchase it at this time, and I would like to not have to keep clicking "decline" every time I open the program. Ideally, the purpose is to use it at least once per week, but that pop-up screen is really getting to me. I would be extemely grateful if someone could advise me how to disable this or revert to an older version that did not utilize the nag screen perhaps. Thank you very much, and kudos on such a wonderful product being offered for free.
  19. Hi, I am new to this forum so sorry if it is not in the correct topic. Recently I have been getting redirected from websites taking me to globalconsumersurvey.com asking me to fill out a questionnaire, i googled the site and it has brought up a lot of people saying that it is a virus of some kind. I have norton antivirus and it said I have a few Trogen.Gen but norton has removed them. I ran a full scan and it didn't show any other viruses? I am not sure what do to now, but I want this malware to be removed! Thanks in advance - Callum
  20. Randomly I get an IExplorer pop up that reads "Your need to update your verson of media player". Malwarebytes missed it and so did symantec. it is from online.loginwinner dotcom. Not having any othher issues that I know of. It lets me close it but it still comes up again later. dds and attach text files included in this post dds.txt attach.txt
  21. My Malwarebytes Anti Malware keeps popping up saying it has blocked an quarantined a threat: C:\Windows\svchost.exe Trojan.Angent These are the logs: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 Run by Mtume at 11:08:21 on 2013-03-30 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1888 [GMT -4:00] . SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\ccSvcHst.exe C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\ccSvcHst.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Users\Mtume\AppData\Local\Akamai\netsession_win.exe C:\Users\Mtume\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.aol.com/?mtmhp=txtlnkusaolp00000051&xicid=acm50mtmhpgreetingrule1 uProxyOverride = <local>;*.local BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [Akamai NetSession Interface] "C:\Users\Mtume\AppData\Local\Akamai\netsession_win.exe" uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://uacwireless.gmu.edu/dana-cached/sc/JuniperSetupClient.cab TCP: NameServer = 75.75.75.75 8.8.8.8 TCP: Interfaces\{48FFF33A-7E22-4FE7-A15A-5D5C0808C606} : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474} : DHCPNameServer = 75.75.75.75 8.8.8.8 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\2375942554732343 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\24C414A554E45445 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\74564795F65727F477E675966696 : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\94E6475627E6564753 : DHCPNameServer = 75.75.75.75 8.8.8.8 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\D416272796F64747 : DHCPNameServer = 8.8.8.8 4.2.2.4 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\D416272796F64747F57455543545 : DHCPNameServer = 8.8.8.8 8.8.4.4 TCP: Interfaces\{EADE790B-F753-4E1C-9ABB-B4BCE1A5B474}\D42425D2269353 : DHCPNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384] R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\windows\System32\drivers\MCLIENTx64\0201020.00D\ccSetx64.sys [2013-3-29 167048] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-30 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-30 682344] R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\ccSvcHst.exe [2013-3-29 138232] R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2012-12-8 132056] R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2012-6-2 126392] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-2 2656280] R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2012-6-2 9216] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-2-9 77424] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-3-30 24176] R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-6-2 38096] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-6-2 1109096] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-6-2 57216] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 EraserSvc11220;Symantec Eraser Service;"C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe" /h ccCommon --> C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-6-2 243712] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-3 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-03-30 12:59:05 -------- d-sh--w- C:\$RECYCLE.BIN 2013-03-30 12:26:46 98816 ----a-w- C:\windows\sed.exe 2013-03-30 12:26:46 256000 ----a-w- C:\windows\PEV.exe 2013-03-30 12:26:46 208896 ----a-w- C:\windows\MBR.exe 2013-03-30 09:39:59 -------- d-----w- C:\Users\Mtume\AppData\Roaming\Malwarebytes 2013-03-30 09:39:35 -------- d-----w- C:\ProgramData\Malwarebytes 2013-03-30 09:39:34 24176 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-03-30 09:39:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-30 05:13:39 -------- d-----w- C:\windows\System32\drivers\N360x64\1403000.024 2013-03-30 04:23:38 -------- d-----w- C:\Users\Mtume\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE} 2013-03-30 04:10:19 -------- d-----w- C:\ProgramData\Virtualized Applications 2013-03-30 02:38:27 167048 ----a-r- C:\windows\System32\drivers\MCLIENTx64\0201020.00D\ccSetx64.sys 2013-03-30 02:38:22 -------- d-----w- C:\windows\System32\drivers\MCLIENTx64\0201020.00D 2013-03-30 02:38:22 -------- d-----w- C:\windows\System32\drivers\MCLIENTx64 2013-03-30 02:38:22 -------- d-----w- C:\Program Files (x86)\Norton Management 2013-03-29 12:53:20 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys 2013-03-26 01:27:09 -------- d-----w- C:\Users\Mtume\AppData\Local\{C2BB9D68-837F-4C1C-B98F-BE5D8FB8580C} 2013-03-13 03:09:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2013-03-10 01:00:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-03-07 10:14:55 -------- d-----w- C:\Users\Mtume\AppData\Local\{75328E5D-3558-4771-8168-071CF895A076} 2013-03-05 22:04:25 -------- d-----w- C:\Users\Mtume\AppData\Roaming\WindowsDatabase . ==================== Find3M ==================== . 2013-03-09 17:44:31 71024 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-09 17:44:31 691568 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll 2013-02-02 06:57:02 2312704 ----a-w- C:\windows\System32\jscript9.dll 2013-02-02 06:47:19 1392128 ----a-w- C:\windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-01-13 21:17:03 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS 2013-01-01 02:19:35 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll 2013-01-01 02:19:35 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll . ============= FINISH: 11:09:02.42 =============== Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/2/2012 2:49:17 AM System Uptime: 3/30/2013 8:58:08 AM (3 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Pentium® CPU B960 @ 2.20GHz | CPU | 2200/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 500.551 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP69: 3/25/2013 3:06:39 AM - Windows Update RP70: 3/29/2013 7:22:10 AM - Restore Operation RP71: 3/30/2013 1:17:15 AM - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader X MUI Akamai NetSession Interface Amazon Links Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Atlantica Bonjour Conexant HD Audio D3DX10 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology iTunes Java Auto Updater Java™ 6 Update 25 Juniper Networks, Inc. Setup Client Juniper Networks, Inc. Setup Client 64-bit Activex Control Junk Mail filter update Label@Once 1.0 League of Legends Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVCRT MSVCRT_amd64 Nexon Game Manager Norton Management Norton PC Checkup Pando Media Booster PlayReady PC Runtime amd64 PlayReady PC Runtime x86 RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek USB 2.0 Card Reader Realtek WLAN Driver RealUpgrade 1.1 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Skype Launcher Skype™ 5.10 Synaptics Pointing Device Driver Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application TOSHIBARegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 3/30/2013 8:58:32 AM, Error: Service Control Manager [7000] - The Symantec Eraser Service service failed to start due to the following error: The system cannot find the file specified. 3/30/2013 8:42:25 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 3/30/2013 8:39:21 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 3/30/2013 8:21:53 AM, Error: Service Control Manager [7031] - The Norton Management service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2013 8:21:53 AM, Error: Service Control Manager [7031] - The Norton 360 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2013 8:21:52 AM, Error: Service Control Manager [7031] - The Common Client Job Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 3/30/2013 7:24:06 AM, Error: Service Control Manager [7023] - The Software Protection service terminated with the following error: The media is write protected. 3/29/2013 8:37:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_MCLIENT ccSet_N360 SymIRON 3/29/2013 8:07:15 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 3/29/2013 7:56:34 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 3/29/2013 7:51:55 AM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 3/29/2013 10:34:44 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002dcfcda, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 032913-35271-01. 3/29/2013 10:34:36 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ccSet_MCLIENT 3/25/2013 3:19:25 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 3/25/2013 3:01:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002a6026b, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 032513-54849-01. 3/24/2013 5:13:45 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. . ==== End Of File ===========================
  22. First off, I really appreciate the help, don't think (know) this would be a big problem but I don't feel confident with this malware on my PC. I started getting these annoying pop up ads for some Chinese role-playing game at the lower bottom right corner of my screen when i try to connect to websites (not just Chinese ones, so I realized that there was something on my PC). The pop ups come with sound (how nice). I installed Malwarebytes Anti Malware and activated the full version trial then ran a scan. Found and quarantined "PUP.TollbarDownloader" in an exe file I had downloaded (and I guess executed) at some point. But I still get these messages that it blocked outgoing traffic every so often: 2012/04/24 10:55:06 +0800 IP-BLOCK 218.8.51.248 (Type: outgoing, Port: 57038, Process: firefox.exe) 2012/04/24 10:58:20 +0800 IP-BLOCK 218.8.51.248 (Type: outgoing, Port: 57187, Process: firefox.exe) 2012/04/24 10:58:53 +0800 IP-BLOCK 218.8.51.248 (Type: outgoing, Port: 57212, Process: firefox.exe) 2012/04/24 19:37:57 +0800 IP-BLOCK 122.70.138.185 (Type: outgoing, Port: 52592, Process: chrome.exe) 2012/04/24 19:37:57 +0800 IP-BLOCK 122.70.138.185 (Type: outgoing, Port: 52593, Process: chrome.exe) 2012/04/24 19:37:57 +0800 IP-BLOCK 122.70.138.185 (Type: outgoing, Port: 52594, Process: chrome.exe) 2012/04/24 19:37:57 +0800 IP-BLOCK 122.70.138.185 (Type: outgoing, Port: 52595, Process: chrome.exe) 2012/04/24 19:37:57 +0800 IP-BLOCK 122.70.138.185 (Type: outgoing, Port: 52596, Process: chrome.exe) I ran a scan according to the forum guidelines and get these logs: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29 Run by Arne at 11:08:28 on 2012-04-24 Microsoft Windows 7 Starter 6.1.7601.1.1252.49.1033.18.1013.220 [GMT 8:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\windows\SYSTEM32\Rezip.exe C:\windows\system32\svchost.exe -k imgsvc c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskeng.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Google\Google Pinyin 3\GooglePinyinDaemon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\Google\Google Pinyin 3\GooglePinyinService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Sticky Notes\StickyNotes.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\OpenOffice.org 3\program\scalc.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\igowin\igowin.exe C:\windows\system32\taskhost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\windows\system32\conhost.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [Google Update] "c:\users\arne\appdata\local\google\update\GoogleUpdate.exe" /c uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11f_Plugin.exe -update plugin mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s mRun: [Google Pinyin 3 Autoupdater] "c:\program files\google\google pinyin 3\GooglePinyinDaemon.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray StartupFolder: c:\users\arne\appdata\roaming\micros~1\windows\startm~1\programs\startup\sticky~1.lnk - c:\program files\sticky notes\StickyNotes.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\users\arne\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 10.0.0.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D} : DhcpNameServer = 10.0.0.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D}\0516E696E6F60245563616 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D}\24F6F6B677F627D6 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D}\348696E616E45647D235471627265736B637 : DhcpNameServer = 172.13.0.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D}\348696E616E45647D244B65557 : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D}\7756E67756E6132333 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{24FDB2AB-187E-413F-BAF1-7D983CBF9F6D}\D43644F6E616C6467237 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{581B304F-E7EA-4D69-8E16-B3D564BACED7} : DhcpNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\arne\appdata\roaming\mozilla\firefox\profiles\6pojc2zr.default\ FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en-GB&q= FF - prefs.js: network.proxy.http - http://proxy.io8.org/autoproxy/e1.pac FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\users\arne\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-26 165648] R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2009-12-10 10752] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-18 654408] R2 Rezip;Rezip;c:\windows\system32\Rezip.exe [2009-12-10 311296] R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2011-8-4 645048] R3 CryptOSD;Phoenix CryptOSD Device Driver;c:\windows\system32\drivers\CryptOSD.sys [2009-5-1 384896] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-18 22344] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-26 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-30 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-11 43944] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-6-29 29472] S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-30 135664] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-11 139776] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-2 52224] . =============== Created Last 30 ================ . 2012-04-24 02:34:06 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9984dc56-d0f1-4566-8554-6b0a4947e2e8}\mpengine.dll 2012-04-23 07:43:51 -------- d-----w- c:\program files\igowin 2012-04-18 15:22:55 -------- d-----w- c:\program files\Anvisoft 2012-04-18 11:43:48 -------- d-----w- c:\users\arne\appdata\roaming\Malwarebytes 2012-04-18 11:42:55 -------- d-----w- c:\programdata\Malwarebytes 2012-04-18 11:42:48 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-18 11:42:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-18 07:14:04 -------- d-----w- c:\users\arne\.FBReader 2012-04-18 07:09:34 -------- d-----w- c:\program files\FBReader 2012-04-18 06:52:12 -------- d-----w- c:\users\arne\appdata\roaming\calibre 2012-04-17 16:22:04 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-17 16:22:04 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-17 16:22:04 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-04-17 16:22:03 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-17 16:21:15 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-17 16:21:14 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-17 16:18:00 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-04-09 16:20:44 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll 2012-04-09 16:20:44 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll 2012-03-26 15:41:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2012-03-26 15:41:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2012-02-28 05:38:52 981504 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 03:52:27 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-25 08:00:12 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-02-03 03:54:27 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-01-25 05:32:35 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-01-25 05:32:34 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-01-25 05:27:51 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe . ============= FINISH: 11:16:18,57 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Starter Boot Device: \Device\HarddiskVolume2 Install Date: 29.06.2010 21:58:46 System Uptime: 24.04.2012 01:25:06 (10 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | N150/N210/N220 Processor: Intel® Atom CPU N450 @ 1.66GHz | CPU 1 | 1667/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 150 GiB total, 87,251 GiB free. D: is FIXED (NTFS) - 68 GiB total, 66,425 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Description: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device Device ID: USB\VID_0A5C&PID_219B\506313BBB795 Manufacturer: Broadcom Name: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device PNP Device ID: USB\VID_0A5C&PID_219B\506313BBB795 Service: BTHUSB . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows PNP Device ID: ROOT\NET\0000 Service: vpnva . ==== System Restore Points =================== . RP369: 25.03.2012 18:03:15 - Windows Update RP370: 28.03.2012 20:49:26 - Windows Update RP371: 01.04.2012 22:45:16 - Windows Update RP372: 05.04.2012 12:38:43 - Windows Update RP373: 09.04.2012 12:25:04 - Windows Update RP374: 12.04.2012 23:51:23 - Windows Update RP375: 16.04.2012 12:32:00 - Windows Update RP376: 18.04.2012 00:19:23 - Windows Update RP378: 18.04.2012 14:49:07 - Installed calibre RP380: 18.04.2012 15:30:49 - Removed calibre RP381: 21.04.2012 12:56:53 - Windows Update . ==== Installed Programs ====================== . ??????? 3.0 7-Zip 4.65 Adobe Flash Player 11 Plugin Adobe Flash Player ActiveX Adobe Reader 9.5.1 Adobe Shockwave Player 11.6 Anki Apple Application Support Apple Software Update Atheros Client Installation Program BatteryLifeExtender ChargeableUSB Cisco AnyConnect VPN Client Compatibility Pack for the 2007 Office system ContentSAFER for Wizmax CyberLink YouCam Easy Display Manager Easy Network Manager Easy Resolution Manager Easy SpeedUp Manager EasyBatteryManager FBReader for Windows Free Audio CD Burner version 1.4 Free YouTube to MP3 Converter version 3.8 Full Tilt Poker Google Chrome Google Earth Plug-in Google Update Helper Intel® Graphics Media Accelerator Driver Intel® Matrix Storage Manager Java Auto Updater Java 6 Update 22 Java 6 Update 29 Malwarebytes Anti-Malware version 1.61.0.1400 Marvell Miniport Driver Microsoft .NET Framework 4 Client Profile Microsoft Antimalware Microsoft Office Word Viewer 2003 Microsoft PowerPoint Viewer Microsoft Security Client Microsoft Security Essentials Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox 11.0 (x86 en-US) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) OpenOffice.org 3.3 Paint.NET v3.5.8 PokerStars PokerStove version 1.23 PreSetup HyperSpace QuickTime Realtek High Definition Audio Driver REALTEK Wireless LAN Software Samsung Recovery Solution 4 Samsung Support Center Samsung Update Plus Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Skype™ 4.2 swMSM Synaptics Pointing Device Driver TIPP10 Version 2.0.3 Uninstall 1.0.0.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) User Guide VirtualCloneDrive VLC media player 1.1.5 Vuze WIDCOMM Bluetooth Software Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Xtra Controller Pro YouTube Downloader 2.6.2 . ==== Event Viewer Messages From Past Week ======== . 22.04.2012 23:44:32, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.209.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 22.04.2012 22:55:15, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.209.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 22.04.2012 13:24:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 20.04.2012 18:38:06, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 19.04.2012 16:08:41, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.1963.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 19.04.2012 16:08:41, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.1963.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 19.04.2012 12:23:24, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.1963.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 19.04.2012 12:23:24, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.1963.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 18.04.2012 19:53:25, Error: Service Control Manager [7034] - The Network Store Interface Service service terminated unexpectedly. It has done this 7 time(s). 18.04.2012 19:53:25, Error: Service Control Manager [7034] - The Network List Service service terminated unexpectedly. It has done this 7 time(s). 18.04.2012 19:53:25, Error: Service Control Manager [7034] - The Function Discovery Provider Host service terminated unexpectedly. It has done this 1 time(s). 18.04.2012 19:53:25, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 7 time(s). 18.04.2012 19:53:25, Error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 5 time(s). 18.04.2012 17:40:04, Error: Service Control Manager [7034] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 3 time(s). 18.04.2012 17:40:04, Error: Service Control Manager [7034] - The Network Store Interface Service service terminated unexpectedly. It has done this 6 time(s). 18.04.2012 17:40:04, Error: Service Control Manager [7034] - The Network List Service service terminated unexpectedly. It has done this 6 time(s). 18.04.2012 17:40:04, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 6 time(s). 18.04.2012 17:39:59, Error: Service Control Manager [7034] - The Network Store Interface Service service terminated unexpectedly. It has done this 5 time(s). 18.04.2012 17:39:59, Error: Service Control Manager [7034] - The Network List Service service terminated unexpectedly. It has done this 5 time(s). 18.04.2012 17:39:59, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 5 time(s). 18.04.2012 17:39:59, Error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 4 time(s). 18.04.2012 17:39:43, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service. 18.04.2012 15:43:45, Error: Service Control Manager [7034] - The Network Store Interface Service service terminated unexpectedly. It has done this 4 time(s). 18.04.2012 15:43:45, Error: Service Control Manager [7034] - The Network List Service service terminated unexpectedly. It has done this 4 time(s). 18.04.2012 15:43:45, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 4 time(s). 18.04.2012 15:43:45, Error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 3 time(s). 18.04.2012 14:53:56, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error: An instance of the service is already running. 18.04.2012 14:48:59, Error: Service Control Manager [7034] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 2 time(s). 18.04.2012 14:48:59, Error: Service Control Manager [7034] - The Network Store Interface Service service terminated unexpectedly. It has done this 3 time(s). 18.04.2012 14:48:59, Error: Service Control Manager [7034] - The Network List Service service terminated unexpectedly. It has done this 3 time(s). 18.04.2012 14:48:59, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 3 time(s). 18.04.2012 14:48:56, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 2 time(s). 18.04.2012 14:48:56, Error: Service Control Manager [7031] - The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 18.04.2012 14:48:56, Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. 18.04.2012 14:48:56, Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 18.04.2012 14:48:56, Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 18.04.2012 14:48:52, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 1 time(s). 18.04.2012 14:48:52, Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 18.04.2012 14:48:52, Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 18.04.2012 14:48:52, Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 18.04.2012 00:07:20, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.