Jump to content
Sign in to follow this  
neji13

malwarebytes closes/disappears almost instantly after running

Recommended Posts

Merged 3 post

I'm really worried that my computer is compromised. I have noticed that the malwarbytes program would show the hour glass for a split second but nothing would happen when I ran it. I did some googling meanwhile and I uninstalled it, ran the mbam-clean utility and installed the latest version. After trying to run the new version, it would give a popup box saying the database is outdated by 36 days. If I click on Yes, nothing happens. If I click on no, it would bring me to the malwarebytes menu but if I run any scan, the program disappears once again as well. I'm wondering what more I could do to check exactly what could be the root cause? I'm having a hunch it might be a rootkit or trojan or malware?

All assistance is much appreciated

I ran the DDS and below are the results of the DDS text file

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22

Run by Kaiba at 20:57:15 on 2012-02-18

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.6135.4316 [GMT -5:00]

.

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

E:\Windows\system32\wininit.exe

E:\Windows\system32\lsm.exe

E:\Windows\system32\svchost.exe -k DcomLaunch

E:\Windows\system32\svchost.exe -k RPCSS

E:\Windows\system32\atiesrxx.exe

E:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

E:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

E:\Windows\system32\svchost.exe -k netsvcs

E:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

E:\Windows\system32\svchost.exe -k LocalService

E:\Windows\system32\atieclxx.exe

E:\Windows\system32\svchost.exe -k NetworkService

E:\Windows\System32\spoolsv.exe

E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

E:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

E:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

E:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

E:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

E:\Windows\system32\svchost.exe -k imgsvc

E:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

E:\Windows\system32\taskhost.exe

E:\Windows\system32\Dwm.exe

E:\Windows\Explorer.EXE

E:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

E:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

E:\Program Files\WinFast\WFDTV\WFWIZ.exe

E:\Program Files (x86)\Steam\Steam.exe

E:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

E:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

E:\Windows\system32\conhost.exe

E:\Windows\system32\SearchIndexer.exe

E:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

E:\Program Files\WinFast\WFDTV\DTVSchdl.exe

E:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

E:\Windows\system32\WUDFHost.exe

E:\Windows\SysWOW64\CtHelper.exe

E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

E:\Program Files (x86)\real\realplayer\Update\realsched.exe

E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

E:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

E:\Windows\System32\svchost.exe -k LocalServicePeerNet

E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

E:\Program Files\Windows Media Player\wmpnetwk.exe

E:\Windows\system32\DllHost.exe

E:\Program Files (x86)\Mozilla Firefox\firefox.exe

E:\Windows\system32\wuauclt.exe

E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

E:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

E:\Windows\SysWOW64\NOTEPAD.EXE

E:\Windows\SysWOW64\cmd.exe

E:\Windows\system32\conhost.exe

E:\Windows\SysWOW64\cscript.exe

E:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - E:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - E:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - E:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

{ae07101b-46d4-4a98-af68-0333ea26e113}

uRun: [msnmsgr] "E:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [DAEMON Tools Lite] "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [WinFast Schedule] E:\Program Files\WinFast\WFDTV\WFWIZ.exe

uRun: [steam] "E:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [Google Update] "E:\Users\Kaiba\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [WinFastDTV] E:\Program Files\WinFast\WFDTV\DTVSchdl.exe

mRun: [ArcSoft Connection Service] E:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

mRun: [CTHelper] CTHELPER.EXE

mRun: [QuickTime Task] "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [startCCC] "E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [ATICustomerCare] "E:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun: [TkBellExe] "E:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot

mRun: [avgnt] "E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [bCSSync] "E:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [iJNetworkScanUtility] E:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun: [AsioReg] REGSVR32 /S CTASIO.DLL

mRun: [LogMeIn Hamachi Ui] "E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRunOnce: [Malwarebytes Anti-Malware] E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

dRun: [DevconDefaultDB] E:\Windows\system32\READREG /SILENT /FAIL=1

StartupFolder: E:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - E:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

IE: Free YouTube Download - E:\Users\Kaiba\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to Mp3 Converter - E:\Users\Kaiba\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Se&nd to OneNote - E:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab

TCP: Interfaces\{5CBF5A20-9F18-4854-9569-F816A256203A} : DhcpNameServer = 206.248.154.22 206.248.154.170

TCP: Interfaces\{80A98161-F74C-4265-9ABE-5874FA719657} : DhcpNameServer = 206.248.154.22 206.248.154.170

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - E:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

{ae07101b-46d4-4a98-af68-0333ea26e113}

mRun-x64: [WinFastDTV] E:\Program Files\WinFast\WFDTV\DTVSchdl.exe

mRun-x64: [ArcSoft Connection Service] E:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun-x64: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [CTxfiHlp] CTXFIHLP.EXE

mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

mRun-x64: [CTHelper] CTHELPER.EXE

mRun-x64: [QuickTime Task] "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [startCCC] "E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [ATICustomerCare] "E:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun-x64: [TkBellExe] "E:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot

mRun-x64: [avgnt] "E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun-x64: [bCSSync] "E:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [iJNetworkScanUtility] E:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun-x64: [AsioReg] REGSVR32 /S CTASIO.DLL

mRun-x64: [LogMeIn Hamachi Ui] "E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRunOnce-x64: [Malwarebytes Anti-Malware] E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - E:\Users\Kaiba\AppData\Roaming\Mozilla\Firefox\Profiles\op4435we.default\

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 58727

FF - prefs.js: network.proxy.type - 0

FF - component: E:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - component: E:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll

FF - plugin: E:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

FF - plugin: E:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

FF - plugin: E:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: E:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: E:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: E:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: E:\Users\Kaiba\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: E:\Users\Kaiba\AppData\Roaming\Mozilla\plugins\npatgpc.dll

FF - plugin: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 avkmgr;avkmgr;E:\Windows\system32\DRIVERS\avkmgr.sys --> E:\Windows\system32\DRIVERS\avkmgr.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;E:\Windows\system32\atiesrxx.exe --> E:\Windows\system32\atiesrxx.exe [?]

R2 AntiVirSchedulerService;Avira Scheduler;E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-21 86224]

R2 AntiVirService;Avira Realtime Protection;E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-21 110032]

R2 avgntflt;avgntflt;E:\Windows\system32\DRIVERS\avgntflt.sys --> E:\Windows\system32\DRIVERS\avgntflt.sys [?]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-7 2343816]

R3 amdkmdag;amdkmdag;E:\Windows\system32\DRIVERS\atikmdag.sys --> E:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;E:\Windows\system32\DRIVERS\atikmpag.sys --> E:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;E:\Windows\system32\drivers\AtihdW76.sys --> E:\Windows\system32\drivers\AtihdW76.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;E:\Windows\system32\DRIVERS\Rt64win7.sys --> E:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 KMService;KMService;E:\Windows\System32\srvany.exe [2011-12-13 8192]

S3 COMMONFX.SYS;COMMONFX.SYS;E:\Windows\system32\drivers\COMMONFX.SYS --> E:\Windows\system32\drivers\COMMONFX.SYS [?]

S3 COMMONFX;COMMONFX;E:\Windows\system32\drivers\COMMONFX.SYS --> E:\Windows\system32\drivers\COMMONFX.SYS [?]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;E:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-3-24 79360]

S3 CTAUDFX.SYS;CTAUDFX.SYS;E:\Windows\system32\drivers\CTAUDFX.SYS --> E:\Windows\system32\drivers\CTAUDFX.SYS [?]

S3 CTAUDFX;CTAUDFX;E:\Windows\system32\drivers\CTAUDFX.SYS --> E:\Windows\system32\drivers\CTAUDFX.SYS [?]

S3 CTERFXFX.SYS;CTERFXFX.SYS;E:\Windows\system32\drivers\CTERFXFX.SYS --> E:\Windows\system32\drivers\CTERFXFX.SYS [?]

S3 CTERFXFX;CTERFXFX;E:\Windows\system32\drivers\CTERFXFX.SYS --> E:\Windows\system32\drivers\CTERFXFX.SYS [?]

S3 CTSBLFX.SYS;CTSBLFX.SYS;E:\Windows\system32\drivers\CTSBLFX.SYS --> E:\Windows\system32\drivers\CTSBLFX.SYS [?]

S3 CTSBLFX;CTSBLFX;E:\Windows\system32\drivers\CTSBLFX.SYS --> E:\Windows\system32\drivers\CTSBLFX.SYS [?]

S3 McComponentHostService;McAfee Security Scan Component Host Service;E:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;E:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]

S3 osppsvc;Office Software Protection Platform;E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 WinRing0_1_2_0;WinRing0_1_2_0;F:\Applications\Realtemp\WinRing0x64.sys [2010-11-11 14544]

S3 WSDPrintDevice;WSD Print Support via UMB;E:\Windows\system32\DRIVERS\WSDPrint.sys --> E:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S3 WSDScan;WSD Scan Support via UMB;E:\Windows\system32\DRIVERS\WSDScan.sys --> E:\Windows\system32\DRIVERS\WSDScan.sys [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;E:\Windows\system32\DRIVERS\yk62x64.sys --> E:\Windows\system32\DRIVERS\yk62x64.sys [?]

.

=============== Created Last 30 ================

.

2012-02-19 01:26:31 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\Malwarebytes

2012-02-19 01:26:27 -------- d-----w- E:\ProgramData\Malwarebytes

2012-02-19 01:26:25 23152 ----a-w- E:\Windows\System32\drivers\mbam.sys

2012-02-19 01:26:25 -------- d-----w- E:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-02-09 16:48:01 -------- d-----w- E:\Program Files (x86)\LogMeIn Hamachi

2012-02-05 23:44:21 -------- d-----w- E:\Users\Kaiba\AppData\Local\My Games

2012-02-02 16:02:09 -------- d-----w- E:\Users\Kaiba\AppData\Local\Linkury

2012-02-01 23:31:07 -------- d-----w- E:\Windows\SysWow64\Adobe

2012-02-01 15:55:58 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\OpenCandy

2012-02-01 15:55:58 -------- d-----w- E:\Program Files (x86)\Cheat Engine 6.1

2012-01-25 14:48:59 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\Google Inc

2012-01-24 21:50:49 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\Rybuy

2012-01-24 21:50:49 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\Emako

2012-01-24 21:47:55 -------- d-----w- E:\Program Files (x86)\1BFAB

2012-01-24 21:47:23 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\38C1B

2012-01-24 21:47:23 -------- d-----w- E:\Program Files (x86)\LP

2012-01-24 21:47:14 -------- d-----w- E:\Users\Kaiba\AppData\Local\SanctionedMedia

2012-01-24 21:36:10 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\Windows Desktop Search

2012-01-24 21:36:09 -------- d-----w- E:\Users\Kaiba\AppData\Roaming\Microsoft Corporation

2012-01-23 22:54:20 -------- d-----w- E:\ProgramData\CanonIJ

2012-01-23 22:54:06 -------- d--h--w- E:\ProgramData\CanonIJScan

2012-01-22 22:07:32 414368 ----a-w- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl

.

==================== Find3M ====================

.

2011-12-13 22:20:19 8192 ----a-w- E:\Windows\SysWow64\srvany.exe

.

============= FINISH: 20:57:26.98 ===============

Just to add to the problem, Since yesterday, the computer kept freezing while I was using Firefox after some time and I had to hit the restart switch each time. I also could not alt-tab or even run task manager. The only thing I could do during that time was move the mouse but couldn't click on anything.

Share this post


Link to post
Share on other sites

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

The reason MBAM is having issues is it's running from E: and is designed to run from C:

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.