Jump to content

BreezeBay

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I finally got the 2 reports and saved them to my desktop. So I went and created another post with those 2 reports in them. I couldnt figure out how to delete my last post so it may look like a duplicate possibly. Is there a way I can delete a post? I need to make sure to keep the one that shows the 2 reports in them.
  2. Ihad Malwarebytes and it used to work great. I kept getting that error that everyone was getting so I clicked on the mbam-clean.exe link and run it which it has uninstalled the program from my computer and I then re-installed it. Now that I am running a full system scan on it, it continues to find C:\Windows\svchost.exe Trojan.Agent and shows that it is quarantined it and it is doing this up to 6 or so times a minute. It has been doing this for 3 hours now. I have Download DDS (dds.scr) and Saved both reports to my desktop. Please tell me what to do now. P.S - please disregard my previous post. I could not figure out how to delete it. DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2 Run by Misty at 22:03:56 on 2013-03-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.695 [GMT -6:00] . AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Windows\system32\spool\DRIVERS\x64\3\lxduserv.exe C:\Windows\system32\lxducoms.exe C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\notepad.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.comcast.net/ uSearch Bar = Preserve BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll uRun: [AdobeBridge] <no file> mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Misty\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIKONM~1.LNK - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{E6DD226C-1E5F-464C-927E-B145B7EF5A42} : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [lxdumon.exe] "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe" x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab x64-DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-7-20 55280] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys [2013-2-27 493216] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys [2013-2-27 1133216] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-2-8 1388120] R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys [2013-2-27 168096] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSviA64.sys [2013-3-1 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys [2013-2-27 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys [2013-2-27 432800] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-7-20 138752] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-1 24176] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-8-29 35840] S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2009-10-9 40320] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] . =============== File Associations =============== . FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-03-02 02:36:00 -------- d-----w- C:\Users\Misty\AppData\Local\{030B91AD-0860-4FD4-A572-C25FEA7FEDF3} 2013-03-02 01:50:37 -------- d-----w- C:\Users\Misty\AppData\Roaming\Malwarebytes 2013-03-02 01:50:32 -------- d-----w- C:\ProgramData\Malwarebytes 2013-03-02 01:50:31 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-02 01:50:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-02 01:21:46 -------- d-----w- C:\Program Files\iPod 2013-03-02 01:21:45 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-03-02 01:21:45 -------- d-----w- C:\Program Files\iTunes 2013-03-02 01:21:45 -------- d-----w- C:\Program Files (x86)\iTunes 2013-03-01 03:08:30 -------- d-----w- C:\Users\Misty\AppData\Local\Programs 2013-02-28 03:00:08 493216 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys 2013-02-28 03:00:08 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys 2013-02-28 03:00:08 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\srtspx64.sys 2013-02-28 03:00:08 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symelam.sys 2013-02-28 03:00:08 1133216 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys 2013-02-28 03:00:07 776864 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\srtsp64.sys 2013-02-28 03:00:07 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys 2013-02-28 03:00:07 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys 2013-02-28 02:59:00 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402000.013 2013-02-28 01:57:06 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\94C2.tmp 2013-02-28 01:57:06 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\94C1.tmp 2013-02-28 01:57:06 128512 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\94C1.tmp.dat 2013-02-27 01:46:10 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\E9C5.tmp 2013-02-27 01:46:10 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\E9C4.tmp 2013-02-27 01:46:10 184320 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\E9C4.tmp.dat . ==================== Find3M ==================== . 2013-02-27 23:46:43 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-02-27 03:20:11 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-27 03:20:11 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-20 13:59:36 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-12-20 12:53:51 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-12-20 12:02:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-12-20 11:20:29 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs . ============= FINISH: 22:45:20.98 ============== ________________________________________________________________________________________________ Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 7/23/2010 7:13:36 PM System Uptime: 3/1/2013 7:25:05 PM (3 hours ago) . Motherboard: Dell Inc. | | 018D1Y Processor: Pentium® Dual-Core CPU E5500 @ 2.80GHz | CPU 1 | 1177/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 689 GiB total, 567.838 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . 7-Zip 4.65 (x64 edition) Adobe AIR Adobe Community Help Adobe Creative Suite 5 Master Collection Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop Lightroom 3 64-bit Adobe Reader 9.5.2 Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update Bing Bar Bonjour Comcast Desktop Software (v1.2.1) Consumer In-Home Service Agreement D3DX10 Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Edoc Viewer Dell Getting Started Guide eMusic Download Manager 4.1.4 Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Internet TV for Windows Media Center iTunes Java 7 Update 9 Java Auto Updater Java 6 Update 20 (64-bit) Junk Mail filter update LeapFrog Connect LeapFrog LeapPad Explorer Plugin Lexmark 5600-6600 Series Lexmark Printable Web Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft IntelliPoint 8.2 Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Miller's Remote Suite (PLUS) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nikon Message Center Nikon Transfer Norton Security Suite PDF Settings CS5 Picture Control Utility PowerDVD DX QuickTime Realtek High Definition Audio Driver ROES.whcc Roxio Burn Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Skype Toolbars Skype™ 5.10 swMSM Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) ViewNX Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! BrowserPlus 2.9.8 . ==== End Of File ===========================
  3. Option 1 is the only option I can do. I am not a paying customer and that is what Option 2 says is that its for paying customers. Even right now .... I am still getting that pop up in the bottom right hand side corner like that is in the screen shot I posted above. No joke .. its at least 6 times or so that I get that pop up per min. I did not have this problem until I re-installed the Malwarebytes and started the full system scan. Its now been 2 Hours and 55 mins. and still getting that pop up. Surely someone can help me without me having to pay for help !
  4. Whats going on with the Malwarebytes? I have always had it and it worked great! Now all of a sudden it doesnt seem to want to work the right way ... and every time I tried to use it it would tell me that it had an updated that it needed from 70 something days ago .. and then when I tried to update it , it then gave me an error. SO .. I have since clicked mbam-clean.exe and run it which it has uninstalled the program from my computer. I then re-installed it and I am now running a full scan. However with that being said I am NOW getting tons of pop ups all of a sudden that is saying : Malwarebytes has blocked and quarantied a threat: c:/Windows/scvhost.exe Trojan.Agent. I posted this in another forum which I was then told to come here after I when through a few steps. (http://forums.malwarebytes.org//index.php?showtopic=9573) So far I have did what it said which was to download the DDS (dds.scr) and I saved it to my desktop. I have windows 7 so I tried to right click on that but it does not give me an option to click on Run as administrator,much less seeing a black DOS console . Therefore I am at a point I can go no further. Please help ...! Here in a screen shot of the pop up at the bottom right hand side that I have got repeatly for over an hour now ...
  5. I clicked on the link you provided but I dont see a link once I am there to go to start a new topic about what I need. There is so much info here it is overwhelming.
  6. The malwarebytes is still as of right now doing a full system scan. So do I just need to go ahead and stop it ? I also just now got a pop up from my norton that said something like " auto protect has removed security risk trojan"
  7. Whats going on with the Malwarebytes? I have always had it and it worked great! Now all of a sudden it doesnt seem to want to work the right way ... and every time I tried to use it it would tell me that it had an updated that it needed from 70 something days ago .. and then when I tried to update it , it then gave me an error. SO .. I have since clicked mbam-clean.exe and run it which it has uninstalled the program from my computer. I then re-installed it and I am now running a full scan. However with that being said I am NOW getting tons of pop ups all of a sudden that is saying : Malwarebytes has blocked and quarantied a threat: c:/Windows/scvhost.exe Trojan.Agent. I have probably got one after another at least 100 little pop ups that come up at the bottom right hand side of my computer through out the time it is doing a full scan. HELP ! Why am I all of a sudden getting all these pop ups one after another, and what are they ????? Please help me asap. P.S - I am including a screen shot of what the pop up looks like and what it says. Just look for the red arrow in my screen shot and at where it is pointing to ..... Also please inbox me if you dont mind to tell me what is going on , cause I'm afraid I will not be able to find this post again.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.