Jump to content

Malwarebytes Website Blocking keeps being disabled!


Recommended Posts

Hi:

I have Malwarebytes and it was working perfectly fine before...but since I've upgraded to the latest version 1.70.0.1100 there have been issues with the website blocking feature.

My website blocking works fine some days and other days it doesn't work at all. The most recent event was yesterday evening around 6:34pm(it was working fine until that point). As usual I open Malwarebytes and attempted to enable the website blocking but I am unable to do so.

Why is this happening and what can be done to fix this issue??? :(

Any help would be appreciated.

DDS Log

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2

Run by DG at 22:17:17 on 2013-01-29

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3051.1736 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton 360 *Enabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Real\RealPlayer\update\realsched.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files\PeerBlock\peerblock.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Panda USB Vaccine\USBVaccine.exe

C:\Program Files\WallpaperToy\Wallpapertoy.Exe

C:\WINDOWS\system32\Brmfrmps.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\WINDOWS\system32\vmnat.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Microsoft Office\Office10\msoffice.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" //mailurl:mailto:forum11admin@aumha.org

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\20.2.1.22\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\20.2.1.22\ips\ipsbho.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.2.1.22\coieplg.dll

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [sandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"

uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [DWPersistentQueuedReporting] c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE -a

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program files\scansoft\paperport\IndexSearch.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [intelliType] "c:\program files\microsoft hardware\keyboard\type32.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRun: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo

dRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

StartupFolder: c:\docume~1\dg\startm~1\programs\startup\pandau~1.lnk - c:\program files\panda usb vaccine\USBVaccine.exe

StartupFolder: c:\docume~1\dg\startm~1\programs\startup\wallpa~1.lnk - c:\program files\wallpapertoy\Wallpapertoy.Exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1346009428734

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1165635.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2013-01-27 14:10; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\IPSFFPlgn

FF - ExtSQL: 2013-01-28 17:00; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\coFFPlgn

FF - ExtSQL: 2013-01-28 17:22; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-01-28 17:23; check-compatibility@dactyl.googlecode.com; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\check-compatibility@dactyl.googlecode.com.xpi

FF - ExtSQL: 2013-01-28 17:23; compatibility@addons.mozilla.org; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\compatibility@addons.mozilla.org.xpi

FF - ExtSQL: 2013-01-28 17:23; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

FF - ExtSQL: 2013-01-28 17:23; {d09e32df-8610-4b33-b929-1e631b764130}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{d09e32df-8610-4b33-b929-1e631b764130}.xpi

FF - ExtSQL: 2013-01-28 17:23; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - ExtSQL: 2013-01-28 17:23; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

FF - ExtSQL: 2013-01-28 17:23; {8620c15f-30dc-4dba-a131-7c5d20cf4a29}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}

FF - ExtSQL: 2013-01-28 17:23; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

FF - ExtSQL: 2013-01-28 17:23; {6e73f6b7-b9ab-44b8-b744-6393e3c2e351}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}

FF - ExtSQL: 2013-01-28 17:23; {66E978CD-981F-47DF-AC42-E3CF417C1467}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi

FF - ExtSQL: 2013-01-28 17:23; {6614d11d-d21d-b211-ae23-815234e1ebb5}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}.xpi

FF - ExtSQL: 2013-01-28 17:23; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

FF - ExtSQL: 2013-01-28 17:23; {0545b830-f0aa-4d7e-8820-50a4629a56fe}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

FF - ExtSQL: 2013-01-28 17:23; testpilot@labs.mozilla.com; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\testpilot@labs.mozilla.com.xpi

FF - ExtSQL: 2013-01-28 17:23; personas@christopher.beard; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\personas@christopher.beard.xpi

FF - ExtSQL: 2013-01-28 17:23; jyboy.yy@gmail.com; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\jyboy.yy@gmail.com

FF - ExtSQL: 2013-01-28 17:23; info@youtube-mp3.org; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\info@youtube-mp3.org.xpi

FF - ExtSQL: 2013-01-28 17:23; grooveshredder@code.argee.org; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\grooveshredder@code.argee.org.xpi

FF - ExtSQL: 2013-01-28 17:23; addon@music-clips.net; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\addon@music-clips.net.xpi

FF - ExtSQL: 2013-01-28 18:17; printpdf@pavlov.net; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\printpdf@pavlov.net.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 iastor7;iastor7;c:\windows\system32\drivers\iastor7.sys [2012-7-6 470808]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-8-14 64512]

R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2012-7-6 13616]

R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2012-7-6 5632]

R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2012-7-6 13616]

R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-8-10 102728]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1402010.016\symds.sys [2013-1-22 368288]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1402010.016\symefa.sys [2013-1-22 927904]

R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2011-8-8 98928]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\bashdefs\20130116.013\BHDrvx86.sys [2013-1-15 997464]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1402010.016\ccsetx86.sys [2013-1-22 134304]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1402010.016\ironx86.sys [2013-1-22 175264]

R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-9-24 22504]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2012-9-10 54760]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-10-28 2152720]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-24 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-24 682344]

R2 N360;Norton 360;c:\program files\norton 360\engine\20.2.1.22\ccsvchst.exe [2013-1-22 143928]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2011-8-29 665200]

R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2012-8-10 4096]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-12-21 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\ipsdefs\20130126.002\IDSXpx86.sys [2013-1-29 373728]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-10-28 15232]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-24 21104]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-8-10 46080]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\virusdefs\20130129.005\NAVENG.SYS [2013-1-29 93296]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\virusdefs\20130129.005\NAVEX15.SYS [2013-1-29 1603824]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2012-8-10 73344]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2012-8-10 164736]

R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2012-8-15 19056]

R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2012-8-25 157776]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]

S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [2012-7-6 9472]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-8-10 1691480]

S3 efavdrv;efavdrv;\??\c:\windows\system32\drivers\efavdrv.sys --> c:\windows\system32\drivers\efavdrv.sys [?]

S3 ERmvrDrv;ESET standalone malware removal tool kernel-mode driver;c:\windows\system32\drivers\ERKRmvrDrv.sys [2013-1-1 28936]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-15 35144]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2012-7-6 14848]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-01-28 21:54:40 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-01-28 21:54:40 -------- d-----w- c:\windows\system32\wbem\Repository

2013-01-28 21:11:27 -------- d-----w- c:\program files\common files\Adobe(2)

2013-01-28 21:11:27 -------- d-----w- c:\program files\Adobe(2)

2013-01-27 19:44:10 -------- d-sha-r- C:\cmdcons

2013-01-27 19:42:24 98816 ----a-w- c:\windows\sed.exe

2013-01-27 19:42:24 256000 ----a-w- c:\windows\PEV.exe

2013-01-27 19:42:24 208896 ----a-w- c:\windows\MBR.exe

2013-01-23 04:27:16 394656 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symtdi.sys

2013-01-23 04:27:16 350368 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symtdiv.sys

2013-01-23 04:27:15 927904 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symefa.sys

2013-01-23 04:27:15 586400 ----a-w- c:\windows\system32\drivers\n360\1402010.016\srtsp.sys

2013-01-23 04:27:15 368288 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symds.sys

2013-01-23 04:27:15 338592 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symnets.sys

2013-01-23 04:27:15 32888 ----a-r- c:\windows\system32\drivers\n360\1402010.016\srtspx.sys

2013-01-23 04:27:15 21400 ----a-r- c:\windows\system32\drivers\n360\1402010.016\symelam.sys

2013-01-23 04:27:14 175264 ----a-w- c:\windows\system32\drivers\n360\1402010.016\ironx86.sys

2013-01-23 04:27:14 134304 ----a-w- c:\windows\system32\drivers\n360\1402010.016\ccsetx86.sys

2013-01-23 04:26:48 9103 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symvtcer.dat

2013-01-23 04:26:48 -------- d-----w- c:\windows\system32\drivers\n360\1402010.016

2013-01-19 23:30:31 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-15 19:40:37 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-01-13 02:02:59 -------- d-----w- c:\documents and settings\dg\application data\SUPERAntiSpyware.com

2013-01-13 02:02:21 -------- d-----w- c:\program files\SUPERAntiSpyware

2013-01-13 02:02:21 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2013-01-12 19:47:08 -------- d-----w- C:\Miscellaneous Stuff

2013-01-05 02:46:02 -------- d-----w- c:\documents and settings\dg\application data\Xilisoft

2013-01-01 23:24:04 -------- d-----w- c:\program files\HitmanPro

2013-01-01 22:20:46 28936 ----a-w- c:\windows\system32\drivers\ERKRmvrDrv.sys

2013-01-01 00:18:40 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-12-31 21:59:39 -------- d-----w- c:\documents and settings\dg\application data\DVDFab

.

==================== Find3M ====================

.

2013-01-13 00:48:30 259604 ----a-w- c:\windows\system32\nvdrsdb0.bin

2013-01-13 00:48:30 1 ----a-w- c:\windows\system32\nvdrssel.bin

2013-01-13 00:42:01 259604 ----a-w- c:\windows\system32\nvdrsdb1.bin

2013-01-09 19:40:27 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-09 19:40:27 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-16 12:31:02 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-28 15:35:43 859072 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-11-28 15:35:38 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-13 11:20:36 1875456 ----a-w- c:\windows\system32\win32k.sys

2012-11-08 16:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll

2012-11-06 02:00:55 1446912 ----a-w- c:\windows\system32\msxml6.dll

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:15:50 920064 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:15:49 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:15:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

.

============= FINISH: 22:17:43.48 ===============

DDS Attach Log

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 8/10/2012 4:07:58 PM

System Uptime: 1/29/2013 2:24:05 PM (8 hours ago)

.

Motherboard: MSI | | P67A-C43 (MS-7673)

Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz | SOCKET 0 | 3093/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 306.234 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is FIXED (NTFS) - 466 GiB total, 186.886 GiB free.

G: is FIXED (NTFS) - 932 GiB total, 152.043 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Realtek PCIe GBE Family Controller

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_76731462&REV_06\4&7A8E035&0&00E6

Manufacturer: Realtek Semiconductor Corp.

Name: Realtek PCIe GBE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_76731462&REV_06\4&7A8E035&0&00E6

Service: RTLE8023xp

.

==== System Restore Points ===================

.

RP24: 1/10/2013 10:44:13 PM - System Checkpoint

RP25: 1/14/2013 8:01:15 PM - Revo Uninstaller's restore point - 7-Zip 9.20

RP26: 1/15/2013 2:01:00 PM - Software Distribution Service 3.0

RP27: 1/16/2013 5:15:39 PM - System Checkpoint

RP28: 1/17/2013 7:48:48 PM - System Checkpoint

RP29: 1/19/2013 6:30:01 PM - Installed Java 7 Update 11

RP30: 1/21/2013 11:28:52 PM - System Checkpoint

RP31: 1/23/2013 8:13:59 PM - System Checkpoint

RP32: 1/27/2013 2:42:31 PM - ComboFix created restore point

RP33: 1/28/2013 3:37:50 PM - Revo Uninstaller's restore point - Adobe Reader X (10.1.5)

RP34: 1/28/2013 4:11:26 PM - Installed Adobe Reader XI.

RP35: 1/28/2013 4:53:46 PM - Restore Operation

RP36: 1/28/2013 5:00:52 PM - Revo Uninstaller's restore point - Adobe Reader X (10.1.5)

RP37: 1/28/2013 5:28:57 PM - Installed Adobe Reader XI.

RP38: 1/29/2013 7:07:35 PM - System Checkpoint

.

==== Installed Programs ======================

.

%WS4_ARP_DISPLAY%

7-Zip 9.20

Active@ DVD Eraser v 1.1

Ad-Aware

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.01)

Adobe Shockwave Player 11.6

Apple Application Support

Apple Software Update

AsfJoin 0.3.2a Beta

Auslogics Disk Defrag

AviSynth 2.5

BB FlashBack Pro

Brother MFL-Pro Suite

CCleaner

ConvertXtoDVD 2.1.5.173

CPUID CPU-Z 1.57

CutePDF Writer 2.8

Daphne 1.47

DivxToDVD 0.5.2

Duplicate Cleaner 2.0.4b

DVD-lab PRO 2.5

DVD Decrypter (Remove Only)

DVD Shrink 3.2

DVDFab 8.2.1.8 (09/11/2012) Qt

ESET Online Scanner v3

FastStone Image Viewer 4.6

FormatFactory 2.80

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

ImgBurn

InterVideo WinDVD Platinum

Jasc Animation Shop 3

Jasc Paint Shop Pro 9

Java 7 Update 11

Java Auto Updater

Junk Mail filter update

K-Lite Mega Codec Pack 9.2.0

Magic ISO Maker v5.4 (build 0239)

MagicDisc 2.7.106

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Service Pack 1

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft IntelliType Pro 2.2

Microsoft Office Live Add-in 1.5

Microsoft Office XP Media Content

Microsoft Office XP Professional

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Minilyrics

Mozilla Firefox 18.0.1 (x86 en-US)

Mozilla Maintenance Service

Mp3tag v2.52

MPEG-VCR

MPEG Video Wizard DVD 5.0.0.110 (12/2010)

MSVCRT

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

MWSnap 3

Nero 7 Ultra Edition

neroxml

Norton 360

Panda USB Vaccine 1.0.1.16

PaperPort

PeerBlock 1.1 (r518)

Pocket Voice Recorder 3.5

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Registry Mechanic 5.1

Revo Uninstaller 1.94

Sandboxie 3.74 (32-bit)

SeaTools for Windows

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2779030)

Segoe UI

SIW version 2011.10.29

SpywareBlaster 4.6

SUPERAntiSpyware

swMSM

TeamViewer 7

tools-windows

TuneUp Utilities 2012

TuneUp Utilities Language Pack (en-US)

Tweaking.com - Windows Repair (All in One)

TypingMaster TypingTest

Universal Extractor 1.6.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

VmciSockets

VMware Player

Wallpaper Changer for Windows XP

WebFldrs XP

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Player 11

Windows Rights Management Client Backwards Compatibility SP2

Windows Rights Management Client with Service Pack 2

WinRAR 4.20 (32-bit)

Xvid Video Codec

.

==== Event Viewer Messages From Past Week ========

.

1/28/2013 8:15:53 PM, error: viamraid [9] - The device, \Device\Scsi\viamraid1, did not respond within the timeout period.

1/28/2013 4:57:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.

1/28/2013 4:57:50 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/28/2013 4:57:50 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

1/28/2013 4:57:45 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

1/27/2013 2:45:27 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.

1/27/2013 2:43:27 PM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/23/2013 5:53:44 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

1/22/2013 11:22:50 PM, error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Please STOP :excl:

What's this, you had an on-going active topic in progress at BC forum

http://www.bleepingc...ml/page__st__15

What's going on?

Assuming that Nasdaq is finished with you at BC forum,

IF you need help on the website blocking issue,

then

I will need for you to run a NEW run of DDS to get & post fresh logs of DDS.txt + Attach.txt

I cannot use the old ones you had.

It is never a good idea to start a help topic when you had an ongoing help-session on another forum.

Edited by Maurice Naggar
Link to post
Share on other sites

Please STOP :excl:

What's this, you had an on-going active topic in progress at BC forum

http://www.bleepingc...ml/page__st__15

What's going on?

Assuming that Nasdaq is finished with you at BC forum,

IF you need help on the website blocking issue,

then

I will need for you to run a NEW run of DDS to get & post fresh logs of DDS.txt + Attach.txt

I cannot use the old ones you had.

It is never a good idea to start a help topic when you had an ongoing help-session on another forum.

Hello Maurice:

Yes, I asked for help at Bleeping computer and that was about a possible virus.

After running all the test that nasdaq asked me to run he concluded that I DID not have a virus however, if you read my post from that forum http://www.bleepingcomputer.com/forums/topic481784.html/page__p__2947817__fromsearch__1#entry2947817(post #11) you will see that I asked about the problem with my malwarebytes website blocking being disabled on and off and Nasdaq suggestion.

I think that there must be some miscommunication...please understand that if Nasdaq or anyone else had been able to help with the malwarebytes website blocking issue malfunction on Bleeping Computer I would NOT have come to this forum. That would be a waste of time, yours and mine.

I would also like to add that the DDS Logs that I included were the were fresh logs and not from Bleeping Computer. However, if there is a newer version of DDS that I am supposed to download then I would appreciate it if you could state in your post.

Thanks,

Link to post
Share on other sites

Maurice:

There doesn't seem to be more current version of DDS so I am using the one I downloaded previously.

DDS Logs

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.13.2

Run by DG at 16:06:49 on 2013-02-03

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3051.2101 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton 360 *Enabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\Brmfrmps.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

C:\Program Files\Real\RealPlayer\update\realsched.exe

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files\PeerBlock\peerblock.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Panda USB Vaccine\USBVaccine.exe

C:\Program Files\WallpaperToy\Wallpapertoy.Exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\WINDOWS\system32\vmnat.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Microsoft Office\Office10\msoffice.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k netsvcs

.

============== Pseudo HJT Report ===============

.

uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" //mailurl:mailto:forum11admin@aumha.org

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\20.2.1.22\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\20.2.1.22\ips\ipsbho.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.2.1.22\coieplg.dll

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [sandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"

uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [DWPersistentQueuedReporting] c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE -a

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program files\scansoft\paperport\IndexSearch.exe

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [intelliType] "c:\program files\microsoft hardware\keyboard\type32.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo

dRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

StartupFolder: c:\docume~1\dg\startm~1\programs\startup\pandau~1.lnk - c:\program files\panda usb vaccine\USBVaccine.exe

StartupFolder: c:\docume~1\dg\startm~1\programs\startup\wallpa~1.lnk - c:\program files\wallpapertoy\Wallpapertoy.Exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

LSP: %windir%\system32\vsocklib.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1346009428734

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, msnsspc.dll, digest.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1165635.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - ExtSQL: 2013-01-27 14:10; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\IPSFFPlgn

FF - ExtSQL: 2013-01-28 17:00; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\coFFPlgn

FF - ExtSQL: 2013-01-28 17:22; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-01-28 17:23; check-compatibility@dactyl.googlecode.com; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\check-compatibility@dactyl.googlecode.com.xpi

FF - ExtSQL: 2013-01-28 17:23; compatibility@addons.mozilla.org; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\compatibility@addons.mozilla.org.xpi

FF - ExtSQL: 2013-01-28 17:23; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

FF - ExtSQL: 2013-01-28 17:23; {d09e32df-8610-4b33-b929-1e631b764130}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{d09e32df-8610-4b33-b929-1e631b764130}.xpi

FF - ExtSQL: 2013-01-28 17:23; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - ExtSQL: 2013-01-28 17:23; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

FF - ExtSQL: 2013-01-28 17:23; {8620c15f-30dc-4dba-a131-7c5d20cf4a29}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}

FF - ExtSQL: 2013-01-28 17:23; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

FF - ExtSQL: 2013-01-28 17:23; {6e73f6b7-b9ab-44b8-b744-6393e3c2e351}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}

FF - ExtSQL: 2013-01-28 17:23; {66E978CD-981F-47DF-AC42-E3CF417C1467}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi

FF - ExtSQL: 2013-01-28 17:23; {6614d11d-d21d-b211-ae23-815234e1ebb5}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}.xpi

FF - ExtSQL: 2013-01-28 17:23; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

FF - ExtSQL: 2013-01-28 17:23; {0545b830-f0aa-4d7e-8820-50a4629a56fe}; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

FF - ExtSQL: 2013-01-28 17:23; testpilot@labs.mozilla.com; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\testpilot@labs.mozilla.com.xpi

FF - ExtSQL: 2013-01-28 17:23; personas@christopher.beard; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\personas@christopher.beard.xpi

FF - ExtSQL: 2013-01-28 17:23; jyboy.yy@gmail.com; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\jyboy.yy@gmail.com

FF - ExtSQL: 2013-01-28 17:23; info@youtube-mp3.org; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\info@youtube-mp3.org.xpi

FF - ExtSQL: 2013-01-28 17:23; grooveshredder@code.argee.org; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\grooveshredder@code.argee.org.xpi

FF - ExtSQL: 2013-01-28 17:23; addon@music-clips.net; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\addon@music-clips.net.xpi

FF - ExtSQL: 2013-01-28 18:17; printpdf@pavlov.net; c:\documents and settings\dg\application data\mozilla\firefox\profiles\t6d7opem.default\extensions\printpdf@pavlov.net.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 iastor7;iastor7;c:\windows\system32\drivers\iastor7.sys [2012-7-6 470808]

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-8-14 64512]

R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2012-7-6 13616]

R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2012-7-6 5632]

R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2012-7-6 13616]

R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-8-10 102728]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1402010.016\symds.sys [2013-1-22 368288]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1402010.016\symefa.sys [2013-1-22 927904]

R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2012-7-6 71152]

R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-1-31 61296]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\bashdefs\20130116.013\BHDrvx86.sys [2013-1-15 997464]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1402010.016\ccsetx86.sys [2013-1-22 134304]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1402010.016\ironx86.sys [2013-1-22 175264]

R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-9-24 22504]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2012-9-10 54760]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-10-28 2152720]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-24 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-24 682344]

R2 N360;Norton 360;c:\program files\norton 360\engine\20.2.1.22\ccsvchst.exe [2013-1-22 143928]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-8-1 719512]

R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2012-8-10 4096]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-12-21 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\ipsdefs\20130201.001\IDSXpx86.sys [2013-2-1 373728]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-24 21104]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-8-10 46080]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\virusdefs\20130202.007\NAVENG.SYS [2013-2-3 93296]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.1.2\definitions\virusdefs\20130202.007\NAVEX15.SYS [2013-2-3 1603824]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2012-8-10 73344]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2012-8-10 164736]

R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2012-8-15 19056]

R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2012-8-25 157776]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]

S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [2012-7-6 9472]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-8-10 1691480]

S3 efavdrv;efavdrv;\??\c:\windows\system32\drivers\efavdrv.sys --> c:\windows\system32\drivers\efavdrv.sys [?]

S3 ERmvrDrv;ESET standalone malware removal tool kernel-mode driver;c:\windows\system32\drivers\ERKRmvrDrv.sys [2013-1-1 28936]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-10-28 15232]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-15 35144]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2012-7-6 14848]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-02-03 20:45:56 -------- d--h--w- c:\windows\PIF

2013-02-02 04:18:21 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-02-02 04:18:13 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-31 23:34:44 63128 ----a-w- c:\windows\system32\vsocklib.dll

2013-01-31 23:34:44 61296 ----a-w- c:\windows\system32\drivers\vsock.sys

2013-01-31 23:34:42 25624 ----a-w- c:\windows\system32\drivers\VMkbd.sys

2013-01-31 23:34:18 435864 ----a-w- c:\windows\system32\vmnat.exe

2013-01-31 23:34:18 357016 ----a-w- c:\windows\system32\vmnetdhcp.exe

2013-01-31 23:34:18 25752 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys

2013-01-31 23:34:16 779928 ----a-w- c:\windows\system32\vnetlib.dll

2013-01-31 23:34:14 41496 ----a-w- c:\windows\system32\drivers\hcmon.sys

2013-01-31 23:33:54 -------- d-----w- c:\program files\common files\VMware

2013-01-28 21:54:40 -------- d-----w- c:\windows\system32\wbem\repository\FS

2013-01-28 21:54:40 -------- d-----w- c:\windows\system32\wbem\Repository

2013-01-28 21:11:27 -------- d-----w- c:\program files\common files\Adobe(2)

2013-01-28 21:11:27 -------- d-----w- c:\program files\Adobe(2)

2013-01-27 19:44:10 -------- d-sha-r- C:\cmdcons

2013-01-23 04:27:16 394656 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symtdi.sys

2013-01-23 04:27:16 350368 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symtdiv.sys

2013-01-23 04:27:15 927904 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symefa.sys

2013-01-23 04:27:15 586400 ----a-w- c:\windows\system32\drivers\n360\1402010.016\srtsp.sys

2013-01-23 04:27:15 368288 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symds.sys

2013-01-23 04:27:15 338592 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symnets.sys

2013-01-23 04:27:15 32888 ----a-r- c:\windows\system32\drivers\n360\1402010.016\srtspx.sys

2013-01-23 04:27:15 21400 ----a-r- c:\windows\system32\drivers\n360\1402010.016\symelam.sys

2013-01-23 04:27:14 175264 ----a-w- c:\windows\system32\drivers\n360\1402010.016\ironx86.sys

2013-01-23 04:27:14 134304 ----a-w- c:\windows\system32\drivers\n360\1402010.016\ccsetx86.sys

2013-01-23 04:26:48 9103 ----a-w- c:\windows\system32\drivers\n360\1402010.016\symvtcer.dat

2013-01-23 04:26:48 -------- d-----w- c:\windows\system32\drivers\n360\1402010.016

2013-01-15 19:40:37 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-01-13 02:02:59 -------- d-----w- c:\documents and settings\dg\application data\SUPERAntiSpyware.com

2013-01-13 02:02:21 -------- d-----w- c:\program files\SUPERAntiSpyware

2013-01-13 02:02:21 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2013-01-12 19:47:08 -------- d-----w- C:\Miscellaneous Stuff

2013-01-05 02:46:02 -------- d-----w- c:\documents and settings\dg\application data\Xilisoft

.

==================== Find3M ====================

.

2013-02-02 04:17:59 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-02-02 04:17:59 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-01-13 00:48:30 259604 ----a-w- c:\windows\system32\nvdrsdb0.bin

2013-01-13 00:48:30 1 ----a-w- c:\windows\system32\nvdrssel.bin

2013-01-13 00:42:01 259604 ----a-w- c:\windows\system32\nvdrsdb1.bin

2013-01-09 19:40:27 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-09 19:40:27 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-01 22:20:46 28936 ----a-w- c:\windows\system32\drivers\ERKRmvrDrv.sys

2012-12-16 12:31:02 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-13 11:20:36 1875456 ----a-w- c:\windows\system32\win32k.sys

2012-11-08 16:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll

2012-11-06 02:00:55 1446912 ----a-w- c:\windows\system32\msxml6.dll

.

============= FINISH: 16:07:15.28 ===============

attach_02-03-2013.zip

Link to post
Share on other sites

The version of DDS is ok. What I meant to say was, you shoulda' waited until after your BC case was completely closed before posting here.

It is not a good idea to have more than 1 forum topic opened (active) until -after- malware is ruled out.

Remind me at some point if you have the MBAM PRO version or the "Trial".

Let me suggest, if you're an MBAM customer, you contact the consumer help desk here.

If you are in an organization or a corporate customer, contact Corporate Support for assistance.

Those would be quicker (imho) as long as you have a MBAM license,

I will now move this help-thread into the MBAM General sub-forum .....where this should / would be more properly addressed.

If you want to continue in the forum here, do the following:

Download and SAVE & then run mbam-clean.exe from >> here <<

It will ask to restart your computer, please allow it to do so very important

After the computer restarts, temporarily disable your Anti-Virus

If you need how-to guidance, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Next Download & SAVE the latest version of Malwarebytes' Anti-Malware from >> here <<

Run the mbam-setup.

Note: You will need to reactivate the program using the license you were sent via email if using the Pro version

Launch the program and set the Protection and Registration, if you have a license. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that Malwarebytes Anti-Malware is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.

You may use the guides posted in the FAQ's >> here << or ask and we'll explain how to do it.

Re-enable the anti-virus application that you turned off before.

Link to post
Share on other sites

@ Lapetite

Why do you have two (2) active installed Antivirus modules ?

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

De-install 1 or the other.

IF the Norton 360 was a trial OR if you do not have a current license for Norton, uninstall it and restart your system fresh.

Link to post
Share on other sites

@ Lapetite

Why do you have two (2) active installed Antivirus modules ?

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

De-install 1 or the other.

IF the Norton 360 was a trial OR if you do not have a current license for Norton, uninstall it and restart your system fresh.

Maurice:

Sorry I am just getting back to you. I was out of town until Sunday and the Monday and Tuesday I just didn't get the opportunity to get on the computer at all.

Link to post
Share on other sites

No, irregardless of your personal experience, having TWO active antivirus apps will lead to deadlocks at some in-opportune time.

Uninstall one of them. IF your license to Norton lapsed, or if it was a trial, or if it came pre-loaded with the computer, Uninstall Norton and restart the system.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.