Jump to content

Help Neded on "Malware Bytes Successfuylly blocked..." pop-up


Recommended Posts

I just updated to the PRO version of the consumer product and now get regular pop-up messages from Malware Bytes, saying " Successfully blocked access to potentially malicious website" with a IP address that changes in each pop-up message. Type is outgoing.

DDS data

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26

Run by user at 20:08:28 on 2011-12-14

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2021 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Secunia\PSI\PSIA.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\vVX3000.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe

C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\System32\ping.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: AutorunsDisabled - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111110035845.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll

TB: {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No File

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTo1.dll

EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10w_Plugin.exe -update plugin

mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r

mRun: [CTDVDDET] c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDet.EXE

mRun: [sBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /r

mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [VX3000] c:\windows\vVX3000.exe

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

LSP: mswsock.dll

Trusted Zone: aol.com\free

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{765A9E3B-2AA0-4907-9DCE-2DCC715F751C} : DhcpNameServer = 209.18.47.61 209.18.47.62

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

LSA: Notification Packages = :\windows\syste

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\5h8d8m57.default\

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\documents and settings\user\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npcoolirisplugin.dll

FF - plugin: c:\documents and settings\user\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL

FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint_03000F10.dll

.

---- FIREFOX POLICIES ----

FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service

FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.00.19); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.00.14);user_pref(general.useragent.extra.zencast, );user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-7-28 64512]

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-11-4 464176]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-10-22 14776]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-4-28 89792]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-12-18 189736]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-11-3 2152152]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-14 366152]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-1-16 94880]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-4-28 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-4-28 214904]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-4-28 214904]

R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-4-28 166288]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-4-28 160608]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-4-28 150856]

R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [2005-3-27 16168]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-19 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-4-19 399416]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-4-28 57600]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-11-3 15232]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-14 22216]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-1-16 180816]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-1-16 59456]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-4-28 338176]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-4-28 83856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-21 133104]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-4-28 83856]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-4-28 87656]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-1-16 34248]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-1-16 40552]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-10-11 18176]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-10-11 7680]

S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2009-10-11 23680]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 gupdate1c9aa2cb5f3828c;Google Update Service (gupdate1c9aa2cb5f3828c);c:\program files\google\update\GoogleUpdate.exe [2009-3-21 133104]

S4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-1-7 632792]

.

=============== Created Last 30 ================

.

2011-12-13 23:42:09 54016 ----a-w- c:\windows\system32\drivers\ywmxbcsm.sys

2011-11-26 03:54:03 -------- d-----w- c:\program files\Bonjour

2011-11-16 18:14:25 -------- d-----w- c:\documents and settings\user\local settings\application data\Facebook

.

==================== Find3M ====================

.

2011-11-03 17:06:56 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-15 18:16:16 9608 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2011-10-15 18:16:16 89792 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys

2011-10-15 18:16:16 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2011-10-15 18:16:16 83856 ----a-w- c:\windows\system32\drivers\mfendisk.sys

2011-10-15 18:16:16 59456 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2011-10-15 18:16:16 57600 ----a-w- c:\windows\system32\drivers\cfwids.sys

2011-10-15 18:16:16 464176 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2011-10-15 18:16:16 338176 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2011-10-15 18:16:16 180816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2011-10-15 18:16:16 121256 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: WDC_WD5001AALS-00E3A0 rev.05.01D05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-10

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x897E0F10]<<

_asm { MOV EAX, [ESP+0x4]; MOV ECX, [EAX+0x28]; PUSH EBP; MOV EBP, [ECX+0x4]; PUSH ESI; MOV ESI, [ESP+0x10]; PUSH EDI; MOV EDI, [ESI+0x60]; MOV AL, [EDI]; CMP AL, 0x16; JNZ 0x36; PUSH ESI; }

1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x8AFEBAB8]

3 CLASSPNP[0xF7667FD7] -> nt!IofCallDriver[0x804E13B9] -> [0x8A2EDF08]

\Driver\00001396[0x8A3E0B50] -> IRP_MJ_CREATE -> 0x897E0F10

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; }

user != kernel MBR !!!

Warning: possible TDL4 rootkit infection !

TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.

.

============= FINISH: 20:11:03.93 ===============

Attach data

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/2/2002 2:19:12 AM

System Uptime: 12/13/2011 6:22:31 PM (26 hours ago)

.

Motherboard: Intel Corporation | | D875PBZ

Processor: Intel® Pentium® 4 CPU 3.20GHz | J2E1 | 3193/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 197.245 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is FIXED (NTFS) - 466 GiB total, 275.246 GiB free.

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

.

µTorrent

Acrobat.com

Acronis True Image WD Edition

Ad-Aware

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.6

Adobe Shockwave Player 11.6

AnswerWorks 5.0 English Runtime

Any Video Converter 3.2.3

APC PowerChute Personal Edition

Apple Application Support

Apple Mobile Device Support

Apple Software Update

BlackBerry Desktop Software 6.1

Bonjour

BUM

Canon Camera Access Library

Canon Camera Support Core Library

Canon Easy-PhotoPrint EX

Canon G.726 WMP-Decoder

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon MOV Decoder

Canon MOV Encoder

Canon MovieEdit Task for ZoomBrowser EX

Canon MP Navigator EX 2.0

Canon MP620 series MP Drivers

Canon MP620 series User Registration

Canon My Printer

Canon RAW Codec

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC

Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.9

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities MyCamera DC

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities RemoteCapture DC

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities Solution Menu

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Carbonite Online Backup Setup

CCleaner

CCScore

Compatibility Pack for the 2007 Office system

Conduit Engine

Corel Uninstaller

Creative Audio Pack

Creative MediaSource 5

Creative Removable Disk Manager

Creative System Information

CyberLink MediaShow

Download Updater (AOL LLC)

ESSBrwr

ESSCDBK

ESScore

ESSgui

ESSini

ESSPCD

ESSPDock

ESSTOOLS

essvatgt

Facebook Plug-In

Facebook Video Calling 1.0.0.8953

Finale NotePad 2007

FrostWire 4.21.8

FrostWire 5.1.4

Google Chrome

Google Earth

Google SketchUp 6

Google Update Helper

HighMAT Extension to Microsoft Windows XP CD Writing Wizard

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB932716-v2)

Hotfix for Windows XP (KB945060-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

ImageMixer 3 SE Ver.6 Transfer Utility

ImageMixer 3 SE Ver.6 Video Tools

InCD

Intel® 536EP Modem

Intel® Active Monitor

Intel® PRO Network Adapters and Drivers

iPod for Windows 2005-09-06

iPod for Windows 2006-01-10

iTunes

Japanese Fonts Support For Adobe Reader 9

Java Auto Updater

Java 6 Update 26

KODAK EASYSHARE Gallery Easy Upload, v2.1

Kodak EasyShare software

LightScribe 1.4.124.1

Lizardtech Express View Browser Plug-in

Logitech iTouch Software

Malwarebytes' Anti-Malware version 1.51.2.1300

McAfee Internet Security

McAfee Virtual Technician

Media Player Utilities 4.30

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Corporation

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft LifeCam

Microsoft Office File Validation Add-In

Microsoft Office Publisher 2003

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Windows Journal Viewer

MobileMe Control Panel

Mozilla Firefox 8.0 (x86 en-US)

MSXML 4.0 SP2 (KB925672)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Musicnotes Player V1.22.3

Nero Suite

netbrdg

nLite 1.4.9.1

NVIDIA Control Panel 260.99

NVIDIA Graphics Driver 260.99

NVIDIA Install Application

NVIDIA nView 135.36

NVIDIA nView Desktop Manager

Octoshape add-in for Adobe Flash Player

OfotoXMI

OGA Notifier 2.0.0048.0

ooVoo

Picasa 3

PowerDVD

Quicken 2010

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Registry Mechanic 9.0

Revo Uninstaller 1.92

Ruckus Player

Seagate Manager Installer

Secunia PSI (2.0.0.3003)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB979332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Search 4 - KB963093

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

SFR

SHASTA

skin0001

SKINXSDK

Skype Toolbars

Skype™ 5.3

Smart Defrag 2

SmartMusic 9

Snapshot Viewer

Sound Blaster Audigy 2 ZS

Spelling Dictionaries Support For Adobe Reader 8

Spybot - Search & Destroy

SpywareBlaster 4.5

staticcr

SUPERAntiSpyware

SureThing CD Labeler Deluxe 4

swMSM

System Requirements Lab for Intel

TBS WMP Plug-in

TOP YouTube Downloader V1.2.0

TuneUp Companion 2.2.7

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Windows (KB971513)

Update for Windows Internet Explorer 8 (KB2362765)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

USB Modem Driver

uTorrentBar Toolbar

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VPRINTOL

Wal-Mart Digital Photo Manager

WD Diagnostics

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Installer Clean Up

Windows Internet Explorer 8

Windows Management Framework Core

Windows Media Encoder 9 Series

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player 9 Series Winter Fun Pack

Windows Media Player Firefox Plugin

Windows Search 4.0

WIRELESS

YouTube Downloader 2.5.6

.

==== Event Viewer Messages From Past Week ========

.

12/9/2011 9:50:10 PM, error: Schedule [7901] - The At44.job command failed to start due to the following error: %%2147942402

12/9/2011 9:50:09 PM, error: Schedule [7901] - The At43.job command failed to start due to the following error: %%2147942402

12/13/2011 11:50:00 AM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402

12/12/2011 10:50:00 AM, error: Schedule [7901] - The At21.job command failed to start due to the following error: %%2147942402

12/11/2011 8:50:00 PM, error: Schedule [7901] - The At42.job command failed to start due to the following error: %%2147942402

12/11/2011 8:50:00 PM, error: Schedule [7901] - The At41.job command failed to start due to the following error: %%2147942402

12/11/2011 7:50:00 PM, error: Schedule [7901] - The At40.job command failed to start due to the following error: %%2147942402

12/11/2011 7:50:00 PM, error: Schedule [7901] - The At39.job command failed to start due to the following error: %%2147942402

12/11/2011 6:50:00 PM, error: Schedule [7901] - The At38.job command failed to start due to the following error: %%2147942402

12/11/2011 6:50:00 PM, error: Schedule [7901] - The At37.job command failed to start due to the following error: %%2147942402

12/11/2011 5:50:00 PM, error: Schedule [7901] - The At36.job command failed to start due to the following error: %%2147942402

12/11/2011 5:50:00 PM, error: Schedule [7901] - The At35.job command failed to start due to the following error: %%2147942402

12/11/2011 2:59:41 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

12/11/2011 2:50:00 PM, error: Schedule [7901] - The At30.job command failed to start due to the following error: %%2147942402

12/11/2011 2:50:00 PM, error: Schedule [7901] - The At29.job command failed to start due to the following error: %%2147942402

12/11/2011 2:16:32 PM, error: Service Control Manager [7001] - The Intel® Active Monitor service depends on the Intel® SMBus 2.0 Driver service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

12/11/2011 12:51:00 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gupdate1c9aa2cb5f3828c with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

12/11/2011 12:50:00 PM, error: Schedule [7901] - The At26.job command failed to start due to the following error: %%2147942402

12/11/2011 12:50:00 PM, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402

12/11/2011 11:50:00 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: %%2147942402

12/11/2011 10:50:00 PM, error: Schedule [7901] - The At46.job command failed to start due to the following error: %%2147942402

12/11/2011 10:50:00 PM, error: Schedule [7901] - The At45.job command failed to start due to the following error: %%2147942402

.

==== End Of File ===========================

dds.txt

attach.txt

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

I notice that you are using more than one antivirus program (Lavasoft and McAfee). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

  • 2 weeks later...

Chris - I ended up formatting and reloading XP. I am still using McAfee, but not Lavasoft. However, I did load the Pro version of Malware Bytes, Super Anti-Spyware and Spybot S&D. All show up in the toolbar. Should I shut them down and run only McAfee in the background? Thanks.

Link to post
Share on other sites

  • 1 month later...
  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.