Successfully blocked access to a potentially malicious website: 192.168.1.255

[maliboo74]

Hello, 

 

I started getting these pop ups today.  

 

Malwarebytes Anti-Malware Successfully blocked access to a potentially malicious website: 192.168.1.255

Type: outgoing

Port: 137

 

Sometimes it also port 138

 

 

Thank you for taking the time to review this.

 

 

[maliboo74]

ATTACH.TXT

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Enterprise 

Boot Device: \Device\HarddiskVolume1

Install Date: 12/5/2009 7:43:28 AM

System Uptime: 1/15/2014 3:02:04 PM (7 hours ago)

.

Motherboard: Dell Inc.           |  | 0HJ054

Processor: Intel® Pentium® D CPU 3.20GHz | Microprocessor | 3200/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 932 GiB total, 650.036 GiB free.

D: is FIXED (NTFS) - 233 GiB total, 232.733 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is FIXED (NTFS) - 931 GiB total, 467.323 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart Prem C410 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart Prem C410 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service: 

.

==== System Restore Points ===================

.

RP1172: 1/15/2014 10:25:30 AM - Installed Java 7 Update 51

.

==== Installed Programs ======================

.

32 bit Windows Card Reader Driver

Active@ File Recovery

Adobe Connect 9 Add-in

Adobe Digital Editions 2.0

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.06)

Adobe Shockwave Player 12.0

Amazon Kindle

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Application Verifier

Ares 2.1.7

Astroburn Lite

Audacity 2.0.3

Backuptrans iTunes Backup Extractor 3.1.02

Bonjour

BufferChm

C410

Cisco WebEx Meetings

Creative Audio Control Panel

Creative Sound Blaster Properties

D3DX10

Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition

Destinations

DeviceDiscovery

DocProc

DVDFab 9.0.5.5 (26/07/2013)

FastStone Image Viewer 4.6

FastStone Photo Resizer 3.1

Fax

FileZilla Client 3.7.2

FileZilla Server

Google Apps

Google Chrome

Google Update Helper

Google+ Auto Backup

GPBaseService2

HandBrake 0.9.9.1

HP Customer Participation Program 14.0

HP Imaging Device Functions 14.0

HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7

HP Smart Web Printing 4.60

HP Solution Center 14.0

HPAppStudio

HPDiagnosticAlert

HPPhotoGadget

HPProductAssistant

iFunbox (v2.6.2375.747), iFunbox DevTeam

iTunes

Java 7 Update 51

Java Auto Updater

Java SE Development Kit 7 Update 7

JavaFX 2.1.1

LAME v3.99.3 (for Windows)

Little Registry Cleaner

Logitech Harmony Remote Software 7

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Microsoft .NET Framework 4.5.1

Microsoft Application Error Reporting

Microsoft IntelliType Pro 8.2

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office on Demand Browser Add-ons

Microsoft Office OSM MUI (English) 2013

Microsoft Office Professional Plus 2013 - en-us

Microsoft Office Project MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing (English) 2013

Microsoft Office Proofing Tools 2013 - English

Microsoft Office Proofing Tools 2013 - Español

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared MUI (English) 2013

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2013

Microsoft Office Visio MUI (English) 2010

Microsoft Project 2010 Service Pack 1 (SP1)

Microsoft Project MUI (English) 2013

Microsoft Project Professional 2013

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework 2.0 Core Components (x86) ENU 

Microsoft Sync Framework 2.0 Provider Services (x86) ENU 

Microsoft Visio MUI (English) 2013

Microsoft Visio Professional 2013

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Windows Performance Toolkit

Movie Maker

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MozyHome

MSVCRT

MSVCRT110

MSXML 4.0 SP2 (KB973688)

Network

OCR Software by I.R.I.S. 14.0

Office 15 Click-to-Run Extensibility Component

Office 15 Click-to-Run Licensing Component

Office 15 Click-to-Run Localization Component

OGA Notifier 2.0.0048.0

OpenAL

Oracle VM VirtualBox 4.2.18

Outils de vérification linguistique 2013 de Microsoft Office - Français

PhoneClean 2.2.0

Photo Common

Photo Gallery

Picasa 3

PS_AIO_07_C410_SW_Min

QuickTime

QuickTransfer

Remote Control USB Driver

Scan

Secure Download Manager

Security Update for Microsoft Office 2013 (KB2768005) 32-Bit Edition

Security Update for Microsoft Office 2013 (KB2810009) 32-Bit Edition

Security Update for Microsoft Office 2013 (KB2850064) 32-Bit Edition

Security Update for Microsoft Outlook 2013 (KB2837618) 32-Bit Edition

Sighthound Video 2.0.8

Skype™ 6.3

SmartWebPrinting

SolutionCenter

Status

swMSM

SyncToy 2.1 (x86)

Toolbox

TrayApp

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition

Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition

Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition

Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition

Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition

Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition

Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition

Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition

Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition

Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition

Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition

Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition

Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition

Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition

Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition

Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition

Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition

Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition

Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition

Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition

Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition

Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition

Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition

Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition

VMware View Client

VoiceOver Kit

WebReg

Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinRAR 5.01 (32-bit)

Yahoo! Detect

Zoolz2

.

==== Event Viewer Messages From Past Week ========

.

1/15/2014 3:13:20 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer ASUSA53U that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6B0573D1-D469-4583-B030-1BDE1DB46. The master browser is stopping or an election is being forced.

1/15/2014 3:02:37 PM, Error: Service Control Manager [7000]  - The WindowsUpdaterService service failed to start due to the following error:  The system cannot find the file specified.

1/15/2014 3:02:36 PM, Error: Service Control Manager [7023]  - The Pml Driver HPZ12 service terminated with the following error:  The specified module could not be found.

1/15/2014 3:02:30 PM, Error: Service Control Manager [7000]  - The Ati External Event Utility service failed to start due to the following error:  The system cannot find the file specified.

1/15/2014 1:38:11 AM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

1/12/2014 11:28:16 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk6\DR6.

1/10/2014 4:00:10 AM, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: 490@01010004

.

==== End Of File ===========================

[maliboo74]

DDS.TXT

 

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2

Run by Home User at 22:42:07 on 2014-01-15

Microsoft Windows 7 Enterprise   6.1.7601.1.1252.1.1033.18.3454.1453 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\Creative\Shared Files\CTAudSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\FileZilla Server\FileZilla Server.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

C:\Program Files\Genie9\Zoolz2\ZoolzService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\Ctxfihlp.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Users\Home User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\MozyHome\mozystat.exe

C:\Program Files\Genie9\Zoolz2\Zoolz.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\Windows\SYSTEM32\CTXFISPI.EXE

C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Sighthound Video\Sighthound Agent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Sighthound Video\Sighthound Agent.exe

C:\Program Files\Sighthound Video\Sighthound Agent.exe

C:\Program Files\Sighthound Video\Sighthound Agent.exe

C:\Program Files\Sighthound Video\Sighthound Agent.exe

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE

C:\Windows\system32\DllHost.exe

C:\Program Files\MozyHome\mozybackup.exe

C:\Program Files\MozyHome\mozybackup.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe

C:\Program Files\Sighthound Video\Sighthound Agent.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\mspaint.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

.

============== Pseudo HJT Report ===============

.

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office 15\root\office15\OCHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office 15\root\office15\URLREDIR.DLL

BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - c:\program files\microsoft office 15\root\office15\GROOVEEX.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [skyDrive] "c:\users\home user\appdata\local\microsoft\skydrive\SkyDrive.exe" /background

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [FileZilla Server Interface] "c:\program files\filezilla server\FileZilla Server Interface.exe"

mRun: [Zoolz Tray] "c:\program files\genie9\zoolz2\zoolzlauncher.exe" "c:\program files\genie9\zoolz2\Zoolz.exe" "-Delay"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mozyho~1.lnk - c:\program files\mozyhome\mozystat.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\sighth~1.lnk - c:\program files\sighthound video\Sighthound Video.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: SoftwareSASGeneration = dword:1

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\program files\microsoft office 15\root\office15\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll

IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office 15\root\office15\OCHelper.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office 15\root\office15\ONBttnIELinkedNotes.dll

Trusted Zone: emc.com

TCP: Interfaces\{6B0573D1-D469-4583-B030-1BDE1DB4620D} : NameServer = 192.168.1.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office15\MSOXMLMF.DLL

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office 15\root\office15\MSOSB.DLL

Handler: osf-roaming - {C57E9882-B128-4E07-BA2D-FF83B8989C76} - c:\users\home user\microsoft office 15\root\office15\MSOSB.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u wsauth livessp

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

Hosts: 168.159.220.6 hop04-l1i07-vn02.emc.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\home user\appdata\roaming\mozilla\firefox\profiles\szvfawb0.default\

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft office 15\root\office15\NPSPWRAP.DLL

FF - plugin: c:\program files\microsoft office 15\root\vfs\programfilesx86\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\home user\appdata\local\citrix\plugins\97\npappdetector.dll

FF - plugin: c:\users\home user\appdata\local\microsoft\internet explorer\downloaded program files\microsoft office 15\npofficeondemand.dll

FF - plugin: c:\users\home user\appdata\roaming\facebook\npfbplugin_1_0_1.dll

FF - plugin: c:\users\home user\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\users\home user\appdata\roaming\move networks\plugins\npqmp071505000011.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: !HIDDEN! 2012-10-16 22:54; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]

R0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\drivers\vsflt53.sys [2013-6-5 83392]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-11-11 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-11-11 701512]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 104768]

R2 OfficeSvc;Microsoft Office Service;c:\program files\microsoft office 15\clientx86\integratedoffice.exe [2013-7-10 1320120]

R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-8-29 720024]

R2 vmware-view-usbd;VMware View USB;c:\program files\vmware\vmware view\client\bin\vmware-view-usbd.exe [2012-9-5 2433024]

R2 wsnm;VMware View Client;c:\program files\vmware\vmware view\client\bin\wsnm.exe [2012-9-21 472216]

R2 Zoolz 2 Service;Zoolz Service;c:\program files\genie9\zoolz2\ZoolzService.exe [2013-5-8 453136]

R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 171032]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1324056]

R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 72728]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-11-11 22856]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]

R3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\drivers\covpnwlh.sys [2010-1-25 34944]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]

S2 WindowsUpdaterService;WindowsUpdaterService;c:\program files\k14r\windowsservice.exe --> c:\program files\k14r\WindowsService.exe [?]

S3 atashost;WebEx Service Host for Support Center;"c:\windows\system32\atashost.exe" --> c:\windows\system32\atashost.exe [?]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2009-12-5 79360]

S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 171032]

S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1324056]

S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 72728]

S3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys [2011-4-12 13952]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-9 108032]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-28 14848]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-28 49664]

S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2013-9-6 84752]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-23 1343400]

.

=============== Created Last 30 ================

.

2014-01-15 15:27:31 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-01-15 14:50:04 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{38d31f91-dfcc-493e-b349-4cb47f95ebc4}\mpengine.dll

2014-01-14 14:51:23 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2014-01-11 04:36:57 12625408 ----a-w- c:\windows\system32\wmploc.DLL

2014-01-11 04:36:56 164864 ----a-w- c:\program files\windows media player\wmplayer.exe

2014-01-11 04:34:59 417792 ----a-w- c:\windows\system32\WMPhoto.dll

2014-01-11 04:34:58 301568 ----a-w- c:\windows\system32\msieftp.dll

2014-01-11 04:34:54 2048 ----a-w- c:\windows\system32\tzres.dll

2014-01-06 19:23:36 4558848 ----a-w- c:\windows\system32\GPhotos.scr

2013-12-25 13:13:00 13251728 ----a-w- c:\programdata\Tempmozy-manualupdate-73b6f364ab195dc4ccf2aae89db27fa5.exe

2013-12-21 06:04:22 225656 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2013-12-21 06:04:22 225656 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2013-12-17 23:00:18 -------- d-----w- c:\users\home user\appdata\roaming\webex

2013-12-17 22:59:51 215040 ----a-w- c:\program files\mozilla firefox\browser\plugins\npatgpc.dll

.

==================== Find3M  ====================

.

2013-12-10 23:30:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-12-10 23:30:17 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe

2013-10-23 08:40:30 13294808 ----a-w- c:\programdata\Tempmozy-autoupdate-b6ef32f74275da3b7074b1f807e71343.exe

.

============= FINISH: 22:43:25.81 ===============

[maliboo74]

The most recent changes to the system are:

 

UPDATE Adobe Reader XI (11.0.06)

UPDATE Sighthound Video 2.0.8

UPDATE Microsoft Office Professional Plus 15.0.4551.1512

UPDATE Java 7 Update 51

[AdvancedSetup]

Hello and

 

This is probably a false positive.  Please start MBAM and check for updates.   Then run a Quick Scan and post back the log.

With the latest update from MBAM you should no longer get this blocking unless there really is something wrong.

 

Thanks

[maliboo74]

Thank you for the assistance.  

 

FULL SCAN OF ALL HARDDRIVES USING THE LATEST VERSION 1.75.0.1300 AND DATABASE VERSION V2014.01.15.07

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.01.15.07

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 11.0.9600.16428

Home User :: DELLE510 [administrator]

 

Protection: Enabled

 

1/15/2014 11:16:20 PM

mbam-log-2014-01-15 (23-16-20).txt

 

Scan type: Full scan (C:\|D:\|K:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 548322

Time elapsed: 2 hour(s), 17 minute(s), 

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[maliboo74]

I performed another update and am now on database V2014.01.16.03.  I haven't received one of these pop ups since.  However, the scanner still runs clean.  Any thoughts as to why?

 

Thank you again

[AdvancedSetup]

Yes, this was a false positive that was corrected yesterday afternoon.

Let's go ahead and check your computer though for any other possibly outdated software that might cause you an issue.

Please download Security Check by screen317 from HERE or HERE.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• If you get Unsupported operating system. Aborting now, just reboot and try again.
• A Notepad document should open automatically called checkup.txt.
• Please Post the contents of that document.
• Do Not Attach It!!!

[maliboo74]

CHECKUP.TXT

 

 Results of screen317's Security Check version 0.99.79  

 Windows 7 Service Pack 1 x86 (UAC is disabled!)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Little Registry Cleaner   

 JavaFX 2.1.1    

 Java 7 Update 51  

 Java SE Development Kit 7 Update 7 

 Adobe Flash Player 11.9.900.170  

 Adobe Reader XI  

 Mozilla Firefox 21.0 Firefox out of Date!  

 Google Chrome 31.0.1650.63  

 Google Chrome 32.0.1700.76  

 Google Chrome plugins...  

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 1% 

````````````````````End of Log`````````````````````` 

[AdvancedSetup]

Looks pretty good.  You should probably look at updating Firefox

 

I would also recommend that you uninstall or don't use this:  Little Registry Cleaner

 

Do I need a Windows Registry Cleaner?
 

 

Unless there is something else then we should probably be done here, but let me know.

 

Cheers

[maliboo74]

Thank you for the advice.  

[AdvancedSetup]

You're quite welcome. Take care and stay safe out there and don't forget about backing up your data regularly.

 

Backup Software

 

I'll go ahead and close your topic now but if you do need further assistance please go ahead and post back again.

 

Thanks

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!