Jump to content

Malwarebytes "has successfully blocked access to a potentially malicious website"

vitaminz
 Share

Recommended Posts

vitaminz

vitaminz

Posted
Posted

Another poster had a similar problem to mine back in April but I am hesitant to follow the instructions you led him through without direct assistance because of warnings given about the tools used to help resolve her issue.

The problem I am having is about every 4-6 minutes, I get a pop-up box on my screen that stays for about 15-25 seconds (and then fades off) that indicates Malwarebytes Anti-malware has successfully blocked a potentially malicious website 213.163.64.23

(Type: outgoing, Port: 44347, Process: utorrent.exe)

Of course I would like to remove the nuisance of this pop-up but more than that, I would like whatever is guiding my computer to reach out to this site to be removed permanently.

Previous to this problem occuring, I had Monster Coupons adware installed which I removed through the uninstall programs feature on Control Panel
Thanks.

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello vitaminz and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites
vitaminz

vitaminz

Posted
  • Author
Posted

Hi Maniac, Thanks for the help.

 

Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 6/25/2013 12:21:10 PM
System Uptime: 6/30/2013 4:40:16 PM (187 hours ago)
.
Motherboard: Dell Inc. |  | 0W61J1
Processor: Intel® Core i5 CPU       M 430  @ 2.27GHz | U2E1 | 2267/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 158.843 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_04191028&REV_01\4&7C64D95&0&01E4
Manufacturer: 
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_04191028&REV_01\4&7C64D95&0&01E4
Service: 
.
Class GUID: 
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_04191028&REV_01\4&7C64D95&0&02E4
Manufacturer: 
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_04191028&REV_01\4&7C64D95&0&02E4
Service: 
.
==== System Restore Points ===================
.
RP1: 6/25/2013 2:04:19 PM - Installed RICOH R5U8xx Media Driver ver.3.62.02
RP2: 6/25/2013 2:17:13 PM - 1st Day
RP3: 6/26/2013 5:29:11 PM - Installed 7-Zip 9.20 (x64 edition)
RP4: 6/29/2013 11:53:35 PM - Windows Update
RP5: 7/3/2013 12:09:43 AM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20 (x64 edition)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG SafeGuard toolbar
Bonjour
Dota 2
F.lux
Facebook Video Calling 1.2.0.287
Google Chrome
Google Talk Plugin
Google Update Helper
iTunes
Java 7 Update 25
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office Professional Plus 2013 - en-us
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
RICOH R5U8xx Media Driver ver.3.62.02
Steam
.
==== Event Viewer Messages From Past Week ========
.
7/8/2013 9:59:58 AM, Error: Microsoft-Windows-Kernel-Power [137]  - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
7/7/2013 2:34:03 PM, Error: ACPI [13]  - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
7/5/2013 10:13:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Other hardware - HID Non-User Input Data Filter (KB 911895).
7/5/2013 10:13:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Pointing Drawing - Microsoft Hardware USB Wireless Mouse.
7/4/2013 7:31:25 AM, Error: bowser [8003]  - The master browser has received a server announcement from the computer OWNER-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}. The master browser is stopping or an election is being forced.
7/3/2013 12:49:59 PM, Error: Schannel [36888]  - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
7/3/2013 12:49:59 PM, Error: Schannel [36884]  - The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
7/3/2013 10:25:41 AM, Error: Schannel [36888]  - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
.
==== End Of File ===========================
 
DDS.txt
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.25.2
Run by Andrew at 11:51:24 on 2013-07-08
Microsoft Windows 8 Pro  6.2.9200.0.1252.1.1033.18.4021.884 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Windows\system32\dashost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Andrew\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Andrew\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Office 15\root\office15\winword.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [F.lux] "C:\Users\Andrew\Local Settings\Apps\F.lux\flux.exe" /noshow
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Facebook Update] "C:\Users\Andrew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [uTorrent] "C:\Users\Andrew\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [GoogleChromeAutoLaunch_AF2E2510EC2DA94726BF08BC757DFE33] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 141.211.125.17 141.211.144.17
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1} : DHCPNameServer = 141.211.125.17 141.211.144.17
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\3557E602C416260275966496 : DHCPNameServer = 141.211.125.17 141.211.144.17
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\6656E676 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\7456F62776563702960586F6E65602 : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\84F4D454D263731383 : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\944535 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5F8CCABB-7F27-49A3-8FD5-B1B67A9CAFA1}\D47457563747 : DHCPNameServer = 141.211.125.17 141.211.144.17
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-7-3 189936]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-7-3 378944]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-7-3 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-7-3 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-3 46808]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-1 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-1 701512]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-6-25 1900728]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-7-1 25928]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-7-3 65336]
S1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-7-3 1030952]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
.
=============== Created Last 30 ================
.
2013-07-03 20:10:12 237744 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10209.bin
2013-07-03 04:10:43 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-03 04:10:41 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-03 04:10:41 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-03 04:10:41 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-03 04:10:41 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-03 04:10:14 41664 ----a-w- C:\Windows\avastSS.scr
2013-07-03 04:09:50 -------- d-----w- C:\Program Files\AVAST Software
2013-07-03 04:09:28 -------- d-----w- C:\ProgramData\AVAST Software
2013-07-02 18:40:05 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{357EA6CA-FA19-4FA7-83D5-EE1F6E3D3343}\mpengine.dll
2013-07-01 18:22:17 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Malwarebytes
2013-07-01 18:21:59 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-01 18:21:57 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-01 18:21:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 18:21:47 -------- d-----w- C:\Users\Andrew\AppData\Local\Programs
2013-07-01 15:14:34 9552976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-06-30 20:41:00 -------- d-----w- C:\Users\Andrew\AppData\Roaming\PowerISO
2013-06-29 23:11:58 84992 ----a-w- C:\Windows\SysWow64\wbem\PolicMan.dll
2013-06-29 23:10:54 3245568 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-06-29 23:09:59 573440 ----a-w- C:\Windows\System32\WinSATAPI.dll
2013-06-29 20:32:15 -------- d-----w- C:\Users\Andrew\AppData\Local\Monster Savings
2013-06-29 20:31:27 -------- d-----w- C:\Users\Andrew\AppData\Roaming\uTorrent
2013-06-27 02:25:07 -------- d-----w- C:\Users\Andrew\AppData\Local\Facebook
2013-06-26 21:44:41 -------- d-----w- C:\Users\Andrew\AppData\Local\AVG SafeGuard toolbar
2013-06-26 21:44:33 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-06-26 21:44:31 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-06-26 21:44:30 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-06-26 21:44:29 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-26 21:44:10 -------- d--h--w- C:\ProgramData\Common Files
2013-06-26 21:43:53 -------- d-----w- C:\Program Files (x86)\PowerISO
2013-06-26 18:58:18 17271808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-26 18:58:17 16642560 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-26 17:52:17 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-06-26 17:37:46 94208 ----a-w- C:\Windows\System32\synceng.dll
2013-06-26 17:37:45 72192 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-06-26 17:37:31 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll
2013-06-26 17:37:31 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2013-06-26 17:37:30 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-06-26 17:26:53 888320 ----a-w- C:\Windows\System32\autochk.exe
2013-06-25 20:17:53 -------- d-----w- C:\Windows\Panther
2013-06-25 20:08:51 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-25 20:08:51 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-25 20:08:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 19:18:36 0 ----a-w- C:\Windows\ativpsrm.bin
2013-06-25 19:03:00 2094592 ----a-w- C:\Windows\System32\mmc.exe
2013-06-25 19:03:00 1964544 ----a-w- C:\Windows\System32\wlidsvc.dll
2013-06-25 19:03:00 1120768 ----a-w- C:\Windows\System32\msctf.dll
2013-06-25 19:01:05 1161728 ----a-w- C:\Windows\System32\sppobjs.dll
2013-06-25 19:01:02 1933312 ----a-w- C:\Windows\System32\wbem\cimwin32.dll
2013-06-25 19:01:02 1627648 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-25 19:01:00 5978624 ----a-w- C:\Windows\System32\mstscax.dll
2013-06-25 19:01:00 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-25 18:34:38 -------- d-----w- C:\Program Files (x86)\Steam
2013-06-25 18:31:36 -------- d-----w- C:\Users\Andrew\AppData\Local\Apple Computer
2013-06-25 18:31:34 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-06-25 18:31:15 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-25 18:31:15 -------- d-----w- C:\Program Files\iTunes
2013-06-25 18:31:15 -------- d-----w- C:\Program Files\iPod
2013-06-25 18:31:15 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-25 18:31:07 -------- d-----w- C:\Users\Andrew\AppData\Local\Apple
2013-06-25 18:30:52 -------- d-----w- C:\Program Files\Bonjour
2013-06-25 18:30:52 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-06-25 18:25:44 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-06-25 18:04:14 -------- d-----w- C:\dell
2013-06-25 18:02:41 -------- d-----w- C:\Users\Andrew\AppData\Local\Apps
2013-06-25 17:55:04 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2013-06-25 17:55:03 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-06-25 17:49:26 564432 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-06-25 17:48:03 -------- d-----w- C:\Program Files\Microsoft Office 15
2013-06-25 17:39:37 -------- d-----w- C:\Users\Andrew\AppData\Local\Google
2013-06-25 17:38:39 144384 ----a-w- C:\Windows\System32\tssdisai.dll
2013-06-25 17:38:39 135680 ----a-w- C:\Windows\System32\appserverai.dll
2013-06-25 17:38:39 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2013-06-25 17:38:39 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2013-06-25 17:38:38 148480 ----a-w- C:\Windows\System32\poqexec.exe
2013-06-25 17:38:38 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-06-25 16:32:22 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-06-25 16:32:22 112872 ----a-w- C:\Windows\System32\consent.exe
2013-06-25 16:31:32 2851840 ----a-w- C:\Windows\System32\esent.dll
2013-06-25 16:31:32 2382336 ----a-w- C:\Windows\SysWow64\esent.dll
2013-06-25 16:28:49 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-06-25 16:28:47 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
.
==================== Find3M  ====================
.
2013-06-04 22:09:22 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09:22 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-23 23:01:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2013-05-23 22:27:05 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-05-15 02:25:44 542208 ----a-w- C:\Windows\System32\untfs.dll
2013-05-15 02:24:10 793088 ----a-w- C:\Windows\SysWow64\autochk.exe
2013-05-15 02:24:01 482816 ----a-w- C:\Windows\SysWow64\untfs.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe
2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS
2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys
2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe
2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe
2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe
2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll
2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll
2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll
2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll
2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll
2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll
2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll
2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll
2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll
2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll
2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll
2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll
2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll
2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll
2013-05-04 06:57:31 820736 ----a-w- C:\Windows\System32\gpprefcl.dll
2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll
2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll
2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll
2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll
2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll
2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl
2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll
2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll
2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll
2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56:35 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll
2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll
2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll
2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll
2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl
2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs
2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys
2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys
2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs
2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe
2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll
2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe
.
============= FINISH: 11:51:43.76 ===============
 
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Step 1

Please uninstall the following applications:

AVG SafeGuard toolbar

µTorrent

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites
vitaminz

vitaminz

Posted
  • Author
Posted

Junkware Removal tool log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.7 (07.08.2013:2)
OS: Windows 8 Pro x64
Ran by Andrew on Mon 07/08/2013 at 13:03:56.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/08/2013 at 13:11:24.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner Log
# AdwCleaner v2.304 - Logfile created 07/08/2013 at 13:32:10
# Updated 03/07/2013 by Xplode
# Operating system : Windows 8 Pro  (64 bits)
# User : Andrew - ANDREWPC
# Boot Mode : Normal
# Running from : C:\Users\Andrew\Downloads\AdwCleaner.exe
# Option [search]
 
 
***** [services] *****
 
 
***** [Files / Folders] *****
 
File Found : C:\Users\Andrew\AppData\Local\Temp\Uninstall.exe
 
***** [Registry] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
 
***** [internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
[OK] Registry is clean.
 
-\\ Google Chrome v27.0.1453.116
 
File : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [1780 octets] - [08/07/2013 13:32:10]
 
########## EOF - C:\AdwCleaner[R1].txt - [1840 octets] ##########
 
MBAM log
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.07.08.06
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Andrew :: ANDREWPC [administrator]
 
Protection: Enabled
 
7/8/2013 1:35:26 PM
mbam-log-2013-07-08 (13-35-26).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209068
Time elapsed: 1 minute(s), 52 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\$Recycle.Bin\S-1-5-21-3532869950-721322929-2121029236-1001\$RHWOVW3.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
 
(end)
 
 
Link to post
Share on other sites
vitaminz

vitaminz

Posted
  • Author
Posted

Hi Maniac. In my last post I pasted the logs for the 

  • Junkware Removal Tool log
  • AdwCleaner logs 
  • Malwarebytes' Anti-Malware log

After uninstalling uTorrent I have not had any more notification of blocking malicious sites. Is it possible MBAM recognizes various peers my torrent client is trying to connect to as malicious?

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Yes, you are. :)

Please manually delete Junkware Removal Tool and DDS and then:

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept