Jump to content

RIZZIES

Honorary Members
  • Posts

    156
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Over the last few weeks ive had four crash dumps. I dont have anything showing on malwarebytes. I am running vista where do i find the details and what do i do .
  2. I started using firefox today. Got bsod two times said something about a driver Please help Ronni
  3. Thanks so much . Checked again and got the update
  4. How can I tell if i have updated to the latest data file. The file I have is from earlier today and it is telling me that I have the latest version. i sthere someplav=ce I can look to check for latest verdion Thanks Ronni this is the one i have Date 5:22:12 13408 pm v2012 52208 fingerprints loaded 327604 my time is eastern
  5. when i switch farms on farmville it says the flashplayer is not running do u want to stop i click no and it starts working i think it is the adobe flashplayer
  6. seems to be running ok the only thing is the flash keeps getting stuck while i am playing farmville otherwise i have no other problems
  7. I was running the scan before I got your reply.So i stopped and restarted the scan with those items checked. it said there were no threats . I wil post the log but it doesnt say anything about the full scan I ran only the first one. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=53251
  8. scan archives and scan for potentially unsafe applications is not checked on eset.I will run it the way it is. If u want me to check these options please let me know.
  9. I dont like the changes that combofix makes and am afraid to run it is there any other test I can do instead I am running vista
  10. Yes i posted the whole log i even posted the dot on top of the log before dds i have the attach log saved to my desktop also
  11. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6001.18000 Run by Ronni at 19:05:57 on 2012-05-17 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2942.2182 [GMT -4:00] . AV: CA Anti-Virus *Enabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\CA\CA Internet Security Suite\ccprovep.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://compaq-desktop.aol.com/ BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [<NO NAME>] mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe" mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe" mRun: [cafw] c:\program files\ca\ca internet security suite\ca personal firewall\cafw.exe -cl mRun: [capfasem] c:\program files\ca\ca internet security suite\ca personal firewall\capfasem.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) LSP: c:\windows\system32\VetRedir.dll Trusted Zone: intuit.com\ttlc DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 167.206.254.1 167.206.254.2 TCP: Interfaces\{1D673272-229C-46B3-8E44-6A872B1F279B} : DhcpNameServer = 167.206.254.1 167.206.254.2 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: PFW - UmxWnp.Dll . ============= SERVICES / DRIVERS =============== . R0 KmxFw;KmxFw;c:\windows\system32\drivers\KmxFw.sys [2008-3-19 103952] R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2008-3-21 63504] R1 KmxFile;KmxFile;c:\windows\system32\drivers\KmxFile.sys [2008-3-21 45584] R1 KmxFilter;HIPS Core Filter Driver;c:\windows\system32\drivers\KmxFilter.sys [2008-5-30 51704] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-11-14 26352] R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-11-14 21104] R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-11-14 161008] R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-11-14 144696] R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672] R2 KmxCF;KmxCF;c:\windows\system32\drivers\KmxCF.sys [2008-6-4 138744] R2 KmxSbx;KmxSbx;c:\windows\system32\drivers\KmxSbx.sys [2008-3-21 66576] R2 UmxAgent;HIPS Event Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2007-10-18 1010192] R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2007-10-18 801296] R2 UmxPol;HIPS Policy Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-4-15 281104] R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-11-14 255312] R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2008-5-30 88816] R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2008-11-14 130280] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 253088] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2008-10-8 3328] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-05-17 20:21:40 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{02da4321-59e3-4945-b569-16e7d842b74a}\offreg.dll 2012-05-17 20:19:15 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{02da4321-59e3-4945-b569-16e7d842b74a}\mpengine.dll 2012-04-30 02:46:22 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-30 02:46:22 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-15 18:51:51 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-23 14:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe . ============= FINISH: 19:06:27.05 ===============
  12. Malware bytes found Files Detected: 1 C:\Windows\System32\DFDWiz.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. I ran another quick scan and nothing was found . SWhat should i do
  13. I went to run malwareebytes updater today. It updated the version. Was there a new version today?
  14. I found the following in my hijackthis log R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local malwarebytes is not picking anything up
  15. I will be completletlety removing ca. and I do not use the windows firewall with ca .
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.