Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Gone 4 years without a virus and BOOM!


ws6wes
 Share

Recommended Posts

Well, I guess I'm due...

Computer Specs... after clicking the hyperlink, click on the "Specifications" tab...

Getting annoying pop-ups every once in a while. Not even sure if you would label them pop-ups. I'll be on a webpage then after a few seconds "bam" sends me to a totally different webpage. Really odd... My Anti-Virus software apparently isn't good enough. I'm running CA Security Center

At one point it detected these viruses...

virustrojan.jpg

The Grokster and the Ceetak ones are false positives that have been showing up for about 3-4 years coming from my P2P software Frostwire. I never use it anyways so I just went ahead today and uninstalled it. That's not where I got the virus from because I haven't even touched that program in months and this just seemed to happen yesterday. Could have been from a fire-fox add-on or something. Not sure if that's possible? The last "Java" one is a NEW one... never seen it before. I tried Quarantine and deleted it, and it won't come back up in anymore scans but my computer is still acting funky with the web-browsing.

I haven't done a "system restore" or anything like that... not sure if that would solve the problem or not? I'm not in "safe mode" either. Should I be?

For the past 17 hours I have been doing FULL scans with CA Security Center (like 4 times), Windows Defender, Windows Live One Care Safety Scanner (From Microsofts website, it's like an online virus scanner), Microsoft Malacious Software Removal tool, Malware Bytes, and finally Hi-Jack This...

Windows Defender is currently - STILL SCANNING (14 hours elapsed so far)

Windows Live One Care Safety Scanner is currently - STILL SCANNING (3 items detected and 3 issues found so far, about 15% scanned so far, could be a while)

Microsoft Malacious Software Removal Tool - Should be finished shortly... but so far no infections detected...

Below is an error that popped up when trying to run Hi-Jack This...

hijackthis.jpg

After "Running as Administrator" here are the results...

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:29:53 PM, on 11/16/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18975)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe

C:\Program Files (x86)\TomTom HOME\TomTomHOMERunner.exe

C:\Users\Wes\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\windows live safety center\wlschost.EXE

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople_f08

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople_f08

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople_f08

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CA Anti-Phishing Toolbar Helper - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\RRR Anti-Phishing\x86\Toolbar\caIEToolbar.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWow64\TwcToolbarIe7.dll

O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll

O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: CA Anti-Phishing Toolbar - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\RRR Anti-Phishing\x86\Toolbar\caIEToolbar.dll

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [AML] "C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe" InitApp

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Wes\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~2\mcafee\mshr\ShrCL.EXE /P7 /q C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\SIB74C~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\TCODEB~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\TCODEW~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\SI3242~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\X4UVXW8I\SIZE_1~2.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\31_1_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\33_2_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\31_1_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\X4UVXW8I\29_2_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\X4UVXW8I\33_2_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\26_3

O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~2\mcafee\mshr\ShrCL.EXE /P7 /q C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\SIB74C~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\TCODEB~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\TCODEW~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\SI3242~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\X4UVXW8I\SIZE_1~2.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\1QEB1QYH\31_1_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\33_2_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\31_1_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\X4UVXW8I\29_2_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\X4UVXW8I\33_2_~1.SH! C:\Users\Wes\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4UU3P9CA\26_3

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)

O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...S/wlscctrl2.cab

O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab

O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll

O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: CAAMSvc - CA - C:\Program Files\CA\CA Anti-Virus Plus\caamsvc.exe

O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\ccprovsp.exe

O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Anti-Virus Plus\isafe.exe

O23 - Service: CA Common Scheduler Service (ccSchedulerSVC) - Computer Associates International, Inc. - C:\Program Files\CA\ccschedulersvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

O23 - Service: Google Update Service (gupdate1c98fcd37cc72ad) (gupdate1c98fcd37cc72ad) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe

O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxCfg.exe

O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe

O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxPol.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--

End of file - 15896 bytes

Here is my MalwareBytes Scan results...

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4052

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18975

11/16/2010 3:43:39 PM

mbam-log-2010-11-16 (15-43-39).txt

Scan type: Full scan (C:\|)

Objects scanned: 354205

Time elapsed: 8 hour(s), 13 minute(s), 58 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

UPDATE on the rest of the scans...

Windows Malicious Software Removal Tool didn't find anything...

windowsmalicioussoftwar.jpg

Windows Defender found this one problem. Seems to be connected to my Roller Coaster Tycoon Game. I doubt this is the issue though. I went ahead and removed it just to be safe, but I have a feeling it's more to do with an old game on a new Vista 64-bit platform, and me installing a patch to make it work. Which I did a couple years ago. Just haven't played the game in a LONG time.

windowsdefender.jpg

And this is the progress on the Windows Live OneCare Scan... I'm curious to find it's results and if it will be able to fix them...

windowsliveonecarescan1.jpg

Don't know if it's relevant, but I also use CCleaner and Advanced System Care quite often to keep my computer running smooth. Been using it for about a year now...

Link to post
Share on other sites

Hi,

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download DDS and save it to your desktop.

  • Disable any script blocking protection.
  • Double click dds.com to run the tool..
  • When done, DDS will open two logs (DDS.txt and Attach.txt).
  • Save both reports to your desktop.

Please include the contents of DDS.txt in your next reply.

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.