Results 1 to 6 of 6

Thread: Windows security center keeps getting disabled/brower redirect

  1. #1
    Junior Member
    Join Date
    May 2011
    Posts
    3

    Default Windows security center keeps getting disabled/brower redirect

    hello, I have an error on my windows 7 OS. My action center icon in the super bar keeps saying windows security center is disabled. When i go to services to start it again it goes back to the disabled state. Also my browser redirects to sites i did not tell it too and it annoys me. I've ran malware antibytes multiple times as well as scans from CCleaner Spybot, webroot antivirus, avast free, windows defender they have found files and deleted them but it still remains. here is my dds and spybot log. Oh and spybot reports these lines
    (SBI $2E20C9A9) SETTINGS
    Hkey_local_machine/system/currentcontrolset/services/wscsvc/start (is not) w= 2
    (SBI $2E20C9A9) SETTINGS
    Hkey_local_machine/system/currentcontrolset/services/wscsvc/start (is not) w= 2 (64 bit)


    dds.TXT
    DDS (Ver_2011-05-26.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
    Run by Owner at 19:53:58 on 2011-05-26
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1779 [GMT -4:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
    C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Windows\System32\alg.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
    C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\SearchIndexer.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.bing.com/?pc=MAGW
    uDefault_Page_URL = hxxp://www.bing.com/?pc=MAGW
    mDefault_Page_URL = hxxp://www.bing.com/?pc=MAGW
    mStart Page = hxxp://www.bing.com/?pc=MAGW
    uURLSearchHooks: H - No File
    BHO: MRI_DISABLED - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    uRun: [SpybotSD TeaTimer] "C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
    mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    dRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    TCP: Interfaces\{6D33C709-1887-4AAD-8109-0B563C56E879}: DhcpNameServer = 208.48.253.106 208.48.253.110
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    TB-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
    mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\xhkg1xnn.default\
    FF - prefs.js: browser.search.selectedEngine - DAEMON Search
    FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Windows\System32\npmproxy.dll
    FF - plugin: C:\Windows\System32\npOGPPlugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-17 55280]
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2011-3-14 17720]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-5-26 600920]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-5-26 287576]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-3-9 254528]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-26 202752]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-1-26 354304]
    R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-5-26 22360]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-5-26 64344]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-5-26 42184]
    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-9-23 321104]
    R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-10-30 868896]
    R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-6-28 255744]
    R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-9-23 243232]
    R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-13 46136]
    R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atipmdag.sys [2010-9-23 6405632]
    R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-9-23 188928]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-30 38456]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-13 136176]
    S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-25 1153368]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-13 136176]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-23 246376]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-9 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-19 1255736]
    .
    =============== Created Last 30 ================
    .
    2073-10-27 15:55:34 1835008 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\haloceded.exe
    2073-10-27 15:55:34 1118208 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\Strings.dll
    2011-05-26 21:13:03 601424 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63819DEC-18C3-465C-A97B-EA1D9C0995E2}\gapaengine.dll
    2011-05-26 21:12:58 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{78487232-7ECB-4C36-BEA8-19F995389171}\mpengine.dll
    2011-05-26 19:28:09 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2011-05-26 19:28:08 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2011-05-26 19:28:02 40112 ----a-w- C:\Windows\avastSS.scr
    2011-05-26 19:27:56 -------- d-----w- C:\ProgramData\AVAST Software
    2011-05-26 19:27:56 -------- d-----w- C:\Program Files\AVAST Software
    2011-05-26 19:15:52 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2011-05-26 19:15:47 -------- d-----w- C:\Program Files\Microsoft Security Client
    2011-05-26 19:15:26 -------- d-----w- C:\ProgramData\Webroot
    2011-05-26 15:25:45 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2011-05-26 15:17:27 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-05-26 15:17:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-05-26 05:08:25 0 ---ha-w- C:\Users\Owner\AppData\Local\BIT4B03.tmp
    2011-05-26 05:00:54 -------- d-----w- C:\Users\Owner\AppData\Roaming\GlarySoft
    2011-05-26 04:58:44 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
    2011-05-26 04:58:43 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-05-26 04:58:43 20952 ----a-w- C:\Windows\SysWow64\drivers\mbam.sys
    2011-05-26 04:58:43 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-05-25 20:00:48 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-05-25 20:00:48 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-05-25 14:27:13 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2011-05-24 15:16:24 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DACB70D5-9896-48FC-A943-1890394C86D0}\mpengine.dll
    2011-05-21 22:38:04 -------- d-----w- C:\Users\Owner\AppData\Roaming\Movie DVD Copy
    2011-05-21 22:37:28 -------- d-----w- C:\Program Files (x86)\Movie DVD Copy
    2011-05-21 22:33:23 5600 ----a-w- C:\Windows\system\WINASPI.DLL
    2011-05-21 22:33:23 4672 ----a-w- C:\Windows\system\WOWPOST.EXE
    2011-05-21 22:33:23 45056 ----a-w- C:\Windows\SysWow64\WNASPI32.DLL
    2011-05-21 22:33:23 25244 ----a-w- C:\Windows\SysWow64\drivers\ASPI32.SYS
    2011-05-21 22:33:20 -------- d-----w- C:\Program Files (x86)\XviD
    2011-05-21 22:33:16 641021 ----a-w- C:\Windows\unins000.exe
    2011-05-21 22:33:16 187904 ----a-w- C:\Windows\SysWow64\Lame.exe
    2011-05-21 22:33:16 166912 ----a-w- C:\Windows\SysWow64\Lame_enc.dll
    2011-05-21 22:33:03 -------- d-----w- C:\Program Files (x86)\EasyDVDRip
    2011-05-18 17:09:40 -------- d-----w- C:\ProgramData\Solidshield
    2011-05-16 03:40:36 -------- d-----w- C:\Users\Owner\AppData\Local\Ubisoft Game Launcher
    2011-05-16 02:54:25 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2011-05-16 02:54:24 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2011-05-16 02:54:22 -------- d-----w- C:\Users\Owner\AppData\Roaming\PunkBuster
    2011-05-16 02:52:43 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
    2011-05-16 02:52:43 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
    2011-05-16 02:52:43 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll
    2011-05-16 02:52:43 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
    2011-05-16 02:52:37 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll
    2011-05-16 02:52:37 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
    2011-05-14 04:15:25 -------- d-----w- C:\Users\Owner\AppData\Local\FalloutNV
    2011-05-13 04:13:53 -------- d-----w- C:\Program Files (x86)\Bethesda Softworks
    2011-05-13 04:12:59 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
    2011-05-13 04:04:21 -------- d-----w- C:\Users\Owner\AppData\Local\Oblivion
    2011-05-13 02:01:38 -------- d-----w- C:\Program Files (x86)\Siber Systems
    2011-05-12 15:19:25 142336 ----a-w- C:\Windows\System32\poqexec.exe
    2011-05-12 15:19:25 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
    2011-05-11 06:47:03 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-05-11 06:47:01 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-05-11 06:47:01 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-05-11 06:26:00 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2011-05-11 06:26:00 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2011-05-11 06:26:00 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2011-05-11 06:26:00 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2011-05-11 06:26:00 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2011-05-11 06:25:59 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2011-05-07 23:35:21 -------- d-----w- C:\Program Files (x86)\uTorrent
    2011-05-07 23:34:25 -------- d-----w- C:\Users\Owner\AppData\Roaming\uTorrent
    2011-04-28 04:51:24 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
    2011-04-28 04:51:24 31232 ----a-w- C:\Windows\System32\prevhost.exe
    .
    ==================== Find3M ====================
    .
    2011-03-12 12:08:49 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
    2011-03-12 11:23:45 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
    2011-03-11 06:41:37 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
    2011-03-11 06:41:34 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
    2011-03-11 06:41:34 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2011-03-11 06:41:34 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
    2011-03-11 06:41:26 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
    2011-03-11 06:41:12 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
    2011-03-11 06:41:12 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
    2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-03-11 06:33:29 2565632 ----a-w- C:\Windows\System32\esent.dll
    2011-03-11 06:30:28 96768 ----a-w- C:\Windows\System32\fsutil.exe
    2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-03-11 05:33:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
    2011-03-11 05:31:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
    2011-03-09 21:30:30 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-03-09 21:30:29 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-03-09 20:47:11 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
    2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-03-04 06:19:28 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2011-03-04 06:19:27 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys
    2011-02-28 08:00:00 80896 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
    .
    ============= FINISH: 19:57:39.64 ===============

  2. #2
    Security Expert shelf life's Avatar
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    5,999

    Default

    hi peeby1,

    Your post is a few days old. If you still need help simply reply back.
    How Can I Reduce My Risk?

  3. #3
    Junior Member
    Join Date
    May 2011
    Posts
    3

    Default

    it seems to be ok now thank you

  4. #4
    Security Expert shelf life's Avatar
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    5,999

    Default

    it seems to be ok now thank you
    Ok, no redirects?
    How Can I Reduce My Risk?

  5. #5
    Junior Member
    Join Date
    May 2011
    Posts
    3

    Default

    nope :D i downloaded like 5 programs and one of them seemed to have worked.

  6. #6
    Security Expert shelf life's Avatar
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    5,999

    Default

    hi,

    Ok then. Here are some tips to help you stay malware free:

    10 Tips for Prevention and Avoidance of Malware:

    There is no reason why your computer can not stay malware free.
    No software can think for you. Help yourself. In no special order:


    1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update frequently or use the Windows auto-update feature. Staying updated is also essential for web based applications, browser plugins and addons like Java, Adobe Flash/Reader, iTunes etc. More and more third party applications are being targeted. Use the auto-update features available in most software. Not sure if you are using the latest version of software? Check their version status and get the updates here.



    2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this. See also the signs that you may have malware on your computer.



    3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.



    4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. Do you trust the source? See also E-mail phishing Tricks.



    5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.



    6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?



    7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista and Windows 7 attempts to address.



    8) Install and understand the *limitations* of a software firewall.



    9) A slide show how to for securing Internet Explorer 8.0 for safer surfing. How to harden FireFox. for safer surfing.



    10) Warez, cracks etc are very popular for carrying malware payloads. If you download/install files via p2p networks you will encounter malware. A file can be named anything, be nothing but malware or have malware bundled in it. Can you really trust the source of the file?

    More info/tips with pictures, links below
    Happy Safe Surfing.
    How Can I Reduce My Risk?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •