Jump to content

can not get rid of this virus


Recommended Posts

So I've done all the steps and the windows defence virus is still here. Mbam is seeing nothing, even as I watch it scan the virus' files.

Toshiba laptop 64 bit windows 7, brand new with norton security on it that's done in 5 days. I've downloaded the newest copy of mbam multiple times and still nothing. I know the virus is there since it keeps my internet from working well and keeps popping up.

I don't think the ark file saved right. I saved it as ark.txt like I was told to and it didn't save.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4052

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

09/10/2010 4:52:38 PM

mbam-log-2010-10-09 (16-52-38).txt

Scan type: Quick scan

Objects scanned: 116955

Time elapsed: 3 minute(s), 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS (Ver_10-10-10.03) - NTFS_AMD64

Run by Renee at 16:42:04.54 on 09/10/2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.2811.1486 [GMT -4:00]

============== Running Processes ===============

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\ProgramData\mswd\mswd.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\windows\system32\SearchIndexer.exe

C:\ProgramData\mswd\scss.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\windows\splwow64.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\Users\Renee\Desktop\dds.scr

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = www.google.ca

uWindow Title = Presented by TOSHIBA Leading Innovation >>>

uDefault_Page_URL = hxxp://www.toshiba.ca/welcome

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA

uInternet Settings,ProxyOverride = *.local

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL

BHO: WXcllB Class: {aefef98b-c7ad-4ab7-bc89-cf2191f79361} - C:\ProgramData\Microsoft\Machine\WXcll.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

uRun: [msclr] C:\ProgramData\mswd\mswd.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

BHO-X64: Windows Live Family Safety Browser Helper - No File

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

mRun-x64: [(Default)]

mRun-x64: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun-x64: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun-x64: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

mRun-x64: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

mRun-x64: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

mRun-x64: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

mRun-x64: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1108000.005\symds64.sys [2010-9-24 433200]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1108000.005\symefa64.sys [2010-9-24 221232]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20101001.001\BHDrvx64.sys [2010-10-6 954928]

R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1108000.005\cchpx64.sys [2010-9-24 615040]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20101008.002\IDSviA64.sys [2010-9-15 476720]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1108000.005\ironx64.sys [2010-9-24 150064]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\NISx64\1108000.005\symtdiv.sys [2010-9-24 451120]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-1 202752]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe [2010-9-24 126392]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atipmdag.sys [2010-6-1 6403072]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-6-1 188928]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-9-15 132656]

R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-6-1 9216]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]

R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-6-1 35008]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2010-6-1 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

S2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-9-13 61288]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-4-28 704872]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-6-1 232992]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-14 1255736]

=============== Created Last 30 ================

2010-10-09 18:49:13 -------- d-----w- C:\Users\Renee\AppData\Local\CrashDumps

2010-10-09 18:39:27 53808 ----a-r- C:\windows\System32\drivers\SymIMV.sys

2010-10-09 04:58:56 -------- d-----w- C:\Users\Renee\AppData\Roaming\Malwarebytes

2010-10-09 04:58:46 38224 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys

2010-10-09 04:58:45 24664 ----a-w- C:\windows\System32\drivers\mbam.sys

2010-10-09 04:58:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-10-09 04:58:45 -------- d-----w- C:\PROGRA~3\Malwarebytes

2010-10-09 02:20:14 -------- d-----w- C:\PROGRA~3\WSCL

2010-10-09 02:17:28 -------- d-----w- C:\Users\Renee\AppData\Local\Dfc

2010-10-09 02:17:11 -------- d-----w- C:\PROGRA~3\mswd

2010-09-29 13:29:04 243712 ----a-w- C:\windows\System32\drivers\ks.sys

2010-09-29 13:29:04 184832 ----a-w- C:\windows\System32\drivers\usbvideo.sys

2010-09-28 22:59:28 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2010-09-28 22:59:28 2048 ----a-w- C:\windows\System32\tzres.dll

2010-09-28 22:59:19 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2010-09-28 22:59:19 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2010-09-24 13:11:53 451120 ----a-w- C:\windows\System32\drivers\NISx64\1108000.005\symtdiv.sys

2010-09-24 13:11:53 221232 ----a-w- C:\windows\System32\drivers\NISx64\1108000.005\symefa64.sys

2010-09-24 13:11:52 615040 ----a-w- C:\windows\System32\drivers\NISx64\1108000.005\cchpx64.sys

2010-09-24 13:11:52 505392 ----a-w- C:\windows\System32\drivers\NISx64\1108000.005\srtsp64.sys

2010-09-24 13:11:52 433200 ----a-r- C:\windows\System32\drivers\NISx64\1108000.005\symds64.sys

2010-09-24 13:11:52 32304 ----a-w- C:\windows\System32\drivers\NISx64\1108000.005\srtspx64.sys

2010-09-24 13:11:52 150064 ----a-w- C:\windows\System32\drivers\NISx64\1108000.005\ironx64.sys

2010-09-24 13:11:40 -------- d-----w- C:\windows\System32\drivers\NISx64\1108000.005

2010-09-18 16:23:29 -------- d-----w- C:\Users\Renee\AppData\Local\Adobe

2010-09-17 01:57:01 -------- d-----w- C:\Users\Renee\AppData\Local\Microsoft Games

2010-09-16 00:48:54 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2010-09-15 20:14:09 558592 ----a-w- C:\windows\System32\spoolsv.exe

2010-09-14 13:37:46 173104 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS

2010-09-14 13:37:42 -------- d-----w- C:\Program Files\Symantec

2010-09-14 13:37:42 -------- d-----w- C:\Program Files\Common Files\Symantec Shared

2010-09-14 05:06:49 -------- d-----w- C:\windows\SysWow64\Wat

2010-09-14 05:06:48 -------- d-----w- C:\windows\System32\Wat

2010-09-13 14:08:25 -------- d-----r- C:\Program Files (x86)\Skype

2010-09-13 14:03:54 -------- d-----w- C:\Users\Renee\AppData\Local\Diagnostics

2010-09-13 07:05:08 -------- d-----w- C:\Users\Renee\AppData\Local\TOSHIBA_Corporation

2010-09-13 06:51:24 99176 ----a-w- C:\windows\SysWow64\PresentationHostProxy.dll

2010-09-13 06:51:24 49472 ----a-w- C:\windows\SysWow64\netfxperf.dll

2010-09-13 06:51:24 48960 ----a-w- C:\windows\System32\netfxperf.dll

2010-09-13 06:51:24 444752 ----a-w- C:\windows\System32\mscoree.dll

2010-09-13 06:51:24 320352 ----a-w- C:\windows\System32\PresentationHost.exe

2010-09-13 06:51:24 297808 ----a-w- C:\windows\SysWow64\mscoree.dll

2010-09-13 06:51:24 295264 ----a-w- C:\windows\SysWow64\PresentationHost.exe

2010-09-13 06:51:24 1942856 ----a-w- C:\windows\System32\dfshim.dll

2010-09-13 06:51:24 1130824 ----a-w- C:\windows\SysWow64\dfshim.dll

2010-09-13 06:51:24 109912 ----a-w- C:\windows\System32\PresentationHostProxy.dll

2010-09-13 06:45:47 3122688 ----a-w- C:\windows\System32\win32k.sys

2010-09-13 06:44:59 1877504 ----a-w- C:\windows\System32\msxml3.dll

2010-09-13 06:44:59 1233920 ----a-w- C:\windows\SysWow64\msxml3.dll

2010-09-13 06:44:58 82944 ----a-w- C:\windows\SysWow64\iccvid.dll

2010-09-13 06:44:39 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2010-09-13 06:44:39 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2010-09-13 06:44:39 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2010-09-13 06:44:39 243200 ----a-w- C:\windows\System32\wow64.dll

2010-09-13 06:44:39 2048 ----a-w- C:\windows\SysWow64\user.exe

2010-09-13 06:44:39 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2010-09-13 06:44:38 52224 ----a-w- C:\windows\System32\rtutils.dll

2010-09-13 06:44:38 37376 ----a-w- C:\windows\SysWow64\rtutils.dll

2010-09-13 06:44:32 223448 ----a-w- C:\windows\System32\drivers\fvevol.sys

2010-09-13 06:43:06 220672 ----a-w- C:\windows\System32\wintrust.dll

2010-09-13 06:43:06 172032 ----a-w- C:\windows\SysWow64\wintrust.dll

2010-09-13 06:42:48 139264 ----a-w- C:\windows\System32\cabview.dll

2010-09-13 06:42:48 132608 ----a-w- C:\windows\SysWow64\cabview.dll

2010-09-13 06:40:26 61288 ----a-w- C:\windows\System32\drivers\fssfltr.sys

2010-09-13 06:40:04 -------- d-----w- C:\Users\Renee\Tracing

2010-09-13 06:31:06 -------- d-----w- C:\Users\Renee\AppData\Local\Apple Computer

2010-09-13 06:29:38 -------- d-----w- C:\Users\Renee\AppData\Local\Apple

2010-09-13 06:29:12 -------- d-----w- C:\Program Files\Bonjour

2010-09-13 06:29:12 -------- d-----w- C:\Program Files (x86)\Bonjour

2010-09-13 06:16:39 7752528 ------w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{C13F8B3A-5690-4ED0-8B5E-8E1B1953FFB7}\mpengine.dll

2010-09-13 06:16:39 270208 ------w- C:\windows\System32\MpSigStub.exe

2010-09-13 06:08:21 -------- d-----w- C:\Users\Renee\AppData\Local\Google

2010-09-13 06:01:22 -------- d-----w- C:\Users\Renee\AppData\Local\ATI

2010-09-13 06:01:08 -------- d-----w- C:\Users\Renee\AppData\Local\Toshiba

2010-09-13 05:59:35 -------- d-----w- C:\Users\Renee\AppData\Local\VirtualStore

2010-09-13 05:57:20 -------- d-sh--we C:\Documents and Settings

2010-09-12 18:51:44 236544 ----a-w- C:\PROGRA~3\Microsoft\Machine\WXcll.dll

==================== Find3M ====================

2010-08-10 09:15:58 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx

2010-08-10 09:15:58 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts

2010-07-27 22:55:50 95520 ----a-w- C:\windows\System32\dnssd.dll

2010-07-27 22:55:50 69408 ----a-w- C:\windows\System32\jdns_sd.dll

2010-07-27 22:55:50 237856 ----a-w- C:\windows\System32\dnssdX.dll

2010-07-27 22:55:50 119584 ----a-w- C:\windows\System32\dns-sd.exe

2010-07-27 22:44:10 91424 ----a-w- C:\windows\SysWow64\dnssd.dll

2010-07-27 22:44:10 75040 ----a-w- C:\windows\SysWow64\jdns_sd.dll

2010-07-27 22:44:10 197920 ----a-w- C:\windows\SysWow64\dnssdX.dll

2010-07-27 22:44:10 107808 ----a-w- C:\windows\SysWow64\dns-sd.exe

============= FINISH: 16:42:42.29 ===============

attach.zip

Link to post
Share on other sites

Hello citrontetley

Welcome to Malwarebytes.

=====================

Please update\run Malwarebytes' Anti-Malware.

Double Click the Malwarebytes Anti-Malware icon to run the application.

  • Click on the update tab then click on Check for updates.
  • If an update is found, it will download and install the latest version.
  • Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.

=====

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.