Jump to content

Recommended Posts

Have been running MLB, as well as other Anti-viruses. Have run AVG and Avast. AVG and Avast show that I'm all clear, but sometimes MLB picks up things they don't.

I keep getting info about errors in the registry key that say they'll delete on reboot. I reboot, re-scan, and they're still there. I've gone to the registry and have tried to delete them, but the specific HKEY_LOCAL_MACHINE\SOFTWARE... entry doesn't seem to exist, and the rest of them say that there is an 'Error while deleting key'.

Please note (when reading the GMER Rootkit Scanner files) that the scanner did not give me the options to enable scanning for System, Sections, IAT/EAT, Devices, Modules, Processes, Threads, Libraries, or Show All.

Malwarebytes' Anti-Malware log file:

Malwarebytes' Anti-Malware 1.44

Database version: 3831

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

5/22/2011 1:04:30 PM

mbam-log-2011-05-22 (13-04-30).txt

Scan type: Full Scan (C:\|)

Objects scanned: 278024

Time elapsed: 1 hour(s), 51 minute(s), 36 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 11

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.hbax (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.hbax.1 (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.hbinfoband (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.hbinfoband.1 (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.iebutton (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.iebutton.1 (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.iebuttona (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.iebuttona.1 (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.rprtctrl (Adware.ShopperReports) -> Delete on reboot.

HKEY_CLASSES_ROOT\shoppingreport2.rprtctrl.1 (Adware.ShopperReports) -> Delete on reboot.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS/GMER log files

.

DDS (Ver_11-05-19.01) - NTFSx86

Internet Explorer: 8.0.7600.16385

Run by AdminA at 11:19:23 on 2011-05-22

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2514 [GMT -4:00]

.

AV: avast! Antivirus *Enabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: avast! Antivirus *Enabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Program Files (x86)\AVG\AVG9\avgchsva.exe

C:\Program Files (x86)\AVG\AVG9\avgrsa.exe

C:\Windows\system32\lsm.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Registry Mechanic\RMTray.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Aisha\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe

C:\Windows\system32\taskhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Aruba Networks\ArubaService.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Spyware Doctor\pctsTray.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\ThreatFire\TFTray.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ThreatFire\TFService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\AVG\AVG9\avgam.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AVG\AVG9\avgnsa.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Aisha\Downloads\dds.scr

C:\Windows\SysWOW64\WSCRIPT.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

uURLSearchHooks: OurWorld.com Toolbar: {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - C:\Program Files (x86)\OurWorld.com\tbOurW.dll

mURLSearchHooks: OurWorld.com Toolbar: {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - C:\Program Files (x86)\OurWorld.com\tbOurW.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: ShoppingReport2: {258c9770-1713-4021-8d7e-1f184a2bd754} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.34\ShoppingReport.dll

BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO: OurWorld.com Toolbar: {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - C:\Program Files (x86)\OurWorld.com\tbOurW.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

TB: OurWorld.com Toolbar: {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - C:\Program Files (x86)\OurWorld.com\tbOurW.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: ShopperReports: {bdea95cf-f0e6-41e0-bd3d-b00f39a4e939} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.34\ShoppingReport.dll

uRunOnce: [avg_spchecker] "C:\Program Files (x86)\AVG\AVG9\Notification\SPChecker1.exe" /start

uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"

mRun: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

IE: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - {7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\ClickPotatoLiteSABHO.dll

IE: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - {3E2DFD6A-4E20-4d4c-AA8B-E1F9DBEF3C80} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.34\ShoppingReport.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

IE: {EB620C54-E229-4942-87CE-E717109FC8C6} - {714E0876-FCEE-49ce-A429-B9AD8AEFCB56} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.34\ShoppingReport.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

TB-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB-X64: {80F6F9BF-9FD1-4F41-9DDF-6DD070F4F62F} - No File

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

EB-X64: {BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} - No File

mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

AppInit_DLLs-X64: avgrssta.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AvgRkx64;avgrkx64.sys;C:\Windows\system32\Drivers\avgrkx64.sys --> C:\Windows\system32\Drivers\avgrkx64.sys [?]

R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]

R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys --> C:\Windows\system32\drivers\TfFsMon.sys [?]

R0 TfSysMon;TfSysMon;C:\Windows\system32\drivers\TfSysMon.sys --> C:\Windows\system32\drivers\TfSysMon.sys [?]

R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]

R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?]

R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]

R2 Aruba VPN Service;Aruba VPN Service;C:\Program Files (x86)\Aruba Networks\ArubaService.exe [2007-9-18 73728]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-5-22 42184]

R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-8-3 308136]

R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [2010-5-17 112592]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-7-2 632792]

R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe [2010-5-17 366840]

R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe [2010-5-17 1142224]

R2 ThreatFire;ThreatFire;C:\Program Files (x86)\ThreatFire\TFService.exe service --> C:\Program Files (x86)\ThreatFire\TFService.exe service [?]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 TfNetMon;TfNetMon;\??\C:\Windows\system32\drivers\TfNetMon.sys --> C:\Windows\system32\drivers\TfNetMon.sys [?]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-18 136176]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-28 947528]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2010-7-5 25832]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-18 136176]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

.

=============== Created Last 30 ================

.

2011-05-22 07:29:36 40112 ----a-w- C:\Windows\avastSS.scr

2011-05-22 07:29:25 -------- d-----w- C:\ProgramData\AVAST Software

2011-05-21 15:10:18 -------- d-----w- C:\Program Files (x86)\ThreatFire

2011-05-11 02:46:01 -------- d-----w- C:\Users\AdminA\AppData\Roaming\ClickPotatoLite

2011-05-11 02:46:01 -------- d-----w- C:\ProgramData\ClickPotatoLiteSA

2011-05-11 02:46:01 -------- d-----w- C:\Program Files (x86)\ClickPotatoLite

2011-05-11 02:44:50 -------- d-----w- C:\Program Files (x86)\ShoppingReport2

2011-05-10 20:45:44 -------- d-----w- C:\Program Files (x86)\RealmOfEmpires.com

2011-04-30 19:15:50 -------- d-----w- C:\[ www.TorrentDay.com ] - Doctor_Who_2005.6x02.Day_Of_The_Moon.HDTV_XviD-FoV

2011-04-26 04:59:51 -------- d-----w- C:\Portal2Soundtrack

2011-04-25 02:43:55 -------- d-----w- C:\Program Files (x86)\Valve

.

==================== Find3M ====================

.

.

============= FINISH: 11:22:59.92 ===============

Attach+Ark.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Your version of MBAM is ancient!

I notice that you are using more than one antivirus program (AVG, avast, and Spyware Doctor). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

Please do the following:

  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

Then update MBAM, run a Quick Scan, and post its log.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.