Jump to content

Malwarebytes stops responding


Amarce

Recommended Posts

I first realized I had a problem when my normal anti virus scan Avast!, didn't have access to remove found problems. Since I had no problems, I let it go. I began having problems with virtualization of programs a few days ago. ex- when I start them it would take a VERY long time when watching the task manager for the bytes to be allocated to that program, which is very unusual being that I have a quad core processor. I first tried running spybot s and d, but it refused to allocate any memory in task manager (stayed at 4 mb and never opened). Each time I tried to run the program, it would add one to task manager, and ending process removes none of them. This happens with many programs. I also tried to run the Trend House call, but it stayed on 0 percent indefinitely. With malwarebytes I've been able to open and being a scan, but on the first file scanned stops responding and I'm unable to close. I also notices when I try to reboot or shut down, it either hangs on logging off or shutting down indef, and I have to perform a hard reboot... Any help would be appreciated

I was able to make an ark.txt.

ark.txt

Link to post
Share on other sites

Hi,

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Under the Custom Scan box paste this in
    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

Link to post
Share on other sites

Hi,

Please download OTH to your desktop

Please download OTL to your desktop

Double click the OTH file to run it and click Kill All Processes, your desktop will go blank.

OTH_Main_1020.jpg

Then select Start OTL. OTL will now run

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

    [*]Click the Internet Explorer button, post these logs in your Virus Removal topic.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you have problems with running OTH or OTL (after running OTH), then please try this tool instead:

Please download DDS and save it to your desktop.

  • Disable any script blocking protection.
  • Double click dds.com to run the tool..
  • When done, DDS will open two logs (DDS.txt and Attach.txt).
  • Save both reports to your desktop.

Please include the contents of DDS.txt in your next reply.

Link to post
Share on other sites

OTH didn't help it from not responding. Ran DDS:

DDS (Ver_10-11-03.01) - NTFS_AMD64

Run by WS at 15:27:57.30 on Wed 11/03/2010

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2940 [GMT -5:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\NetLimiter 3\nlsvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\sppsvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\NetLimiter 3\NLClientApp.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files (x86)\BattlePing\BattleP.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\WS\Desktop\dds.com

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll

mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [EventSubscription] regsvr32 /s /u "C:\Users\WS\AppData\Local\Event\EventSubscription.dll"

uRun: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [bSDAppUpdater] C:\Program Files (x86)\Common Files\BSD\AppUpdater\BSDChecker.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\Users\WS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - C:\Program Files (x86)\LimeWire\LimeWire.exe

StartupFolder: C:\Users\WS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

LSP: C:\Windows\system32\BattleP.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

BHO-X64: Windows Live Family Safety Browser Helper - No File

TB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

================= FIREFOX ===================

FF - ProfilePath - C:\Users\WS\AppData\Roaming\Mozilla\Firefox\Profiles\3jrsn7xe.default\

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Users\WS\AppData\Roaming\Mozilla\Firefox\Profiles\3jrsn7xe.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll

FF - component: C:\Users\WS\AppData\Roaming\Mozilla\Firefox\Profiles\3jrsn7xe.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-7-30 121936]

R1 nltdi;nltdi;C:\Program Files\NetLimiter 3\nltdi.sys [2010-8-30 88200]

R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/07/30 19:58:46];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-4-2 146928]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-6 203264]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-7-30 20048]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-7-30 61008]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-9-23 40384]

R2 TeamViewer5;TeamViewer 5;C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-7-6 173352]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-7-6 7195648]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-7-6 265728]

R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-9-23 40384]

R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-9-23 40384]

R3 BATTLEP;BATTLEP;C:\Program Files (x86)\BattlePing\BattleP.exe [2009-12-25 1568768]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-31 202776]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-31 1417240]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-31 94744]

R3 NLNdisMP;NLNdisMP;C:\Windows\System32\drivers\nlndis.sys [2010-8-30 33416]

R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\System32\drivers\vcsvad.sys [2010-10-11 21504]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-15 135664]

S2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-9-10 79360]

S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2010-7-31 79360]

S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-31 202776]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-31 1417240]

S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-31 94744]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-8-16 61288]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-4-28 704872]

S3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2010-9-9 1606680]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 NLNdisPT;NetLimiter Ndis Protocol Service;C:\Windows\System32\drivers\nlndis.sys [2010-8-30 33416]

S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2009-5-17 16384]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-30 1255736]

=============== Created Last 30 ================

2010-10-24 21:40:24 -------- d-----w- C:\Program Files (x86)\ESET

2010-10-24 20:46:12 -------- d-----w- C:\Program Files (x86)\CCleaner

2010-10-24 19:51:04 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2010-10-24 19:51:03 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys

2010-10-24 19:26:02 -------- d-----w- C:\Users\WS\AppData\Roaming\Malwarebytes

2010-10-24 19:25:55 -------- d-----w- C:\PROGRA~3\Malwarebytes

2010-10-24 19:25:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-10-23 22:30:18 -------- d-----w- C:\Program Files (x86)\Active PC Optimizer

2010-10-20 23:11:37 -------- d-----w- C:\Users\WS\AppData\Local\Apps

2010-10-20 23:11:36 -------- d-----w- C:\Users\WS\AppData\Local\Deployment

2010-10-20 20:41:05 -------- d-----w- C:\Program Files (x86)\Capcom

2010-10-20 18:43:37 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2010-10-20 18:43:37 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy

2010-10-20 18:01:51 -------- d-----w- C:\Users\WS\AppData\Roaming\PC Tools

2010-10-20 18:01:51 -------- d-----w- C:\Program Files (x86)\PC Tools Security

2010-10-20 18:01:51 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools

2010-10-20 17:58:01 -------- d-----w- C:\PROGRA~3\PC Tools

2010-10-17 13:21:32 -------- d-----w- C:\JOE'S YELLOWSTONE TRIP PICTURES

2010-10-12 17:04:11 -------- d-----w- C:\Users\WS\AppData\Local\Locktime

2010-10-12 16:59:49 -------- d-----w- C:\Program Files\NetLimiter 3

2010-10-12 16:59:49 -------- d-----w- C:\PROGRA~3\Locktime

2010-10-12 16:51:43 -------- d-----w- C:\Windows\System32\appmgmt

2010-10-11 21:15:07 -------- d-----w- C:\AV_LOGS

2010-10-11 21:12:58 -------- d-----w- C:\Users\WS\AppData\Roaming\Avnex

2010-10-11 21:12:48 21504 ----a-w- C:\Windows\System32\drivers\vcsvad.sys

2010-10-11 21:12:40 -------- d-----w- C:\Program Files (x86)\AV Vcs 7.0 GOLD

2010-10-11 18:53:50 -------- d-----w- C:\Program Files (x86)\UrbanTerror

2010-10-06 17:52:39 -------- d-----w- C:\Program Files (x86)\New folder

==================== Find3M ====================

2010-09-10 19:01:25 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2010-09-10 19:01:25 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2010-09-10 19:01:25 121880 ----a-w- C:\Windows\System32\OpenAL32.dll

2010-09-10 19:01:25 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2010-09-08 16:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2010-09-08 16:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2010-09-07 15:12:17 38848 ----a-w- C:\Windows\avastSS.scr

2010-09-07 14:47:33 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2010-08-31 00:31:10 0 ----a-w- C:\Windows\ativpsrm.bin

2010-08-30 19:38:38 33416 ----a-w- C:\Windows\System32\drivers\nlndis.sys

============= FINISH: 15:28:32.31 ===============

Link to post
Share on other sites

Hi,

If you can't run a program (if it stops responding), then just continue to the next step.

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.