Page 3 of 7 FirstFirst 1234567 LastLast
Results 21 to 30 of 67

Thread: Malware problems with my PC

  1. #21
    Member
    Join Date
    Mar 2014
    Location
    Normanton,West Yorkshire,UK
    Posts
    36

    Default Malware Problems with my PC

    Hi Juliet,
    Private Firewall is Free.Previously I used comodo,but I found Private gives me more control,Plus It gives me a fresh start,so I can keep better track of what's Trying To get in and,of course out.
    I don't notice any difference in bootup time when I exit the prog.
    I have deleted Quicktime and Nero(Wireless)on a temporary basis,just to see if they have any effect on my problems.

    As requested I have completed all the scans,But Please note that I was unable to save the TDSSKiller Results.The Prog would not let me copy & paste.ComboFix 14-03-10.01 - Stephen 11/03/2014 1:54.1.4 - x86 MINIMAL
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1524 [GMT 0:00]
    Running from: c:\users\Stephen\Desktop\ComboFix.exe
    Command switches used :: c:\users\Stephen\Desktop\Combofix Instructions\CFScript.txt
    AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    FW: Privatefirewall *Disabled* {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}
    SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\system32\IObitSmartDefragExtension.dll"
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\AVG
    c:\program files\AVG\AVG2014\avg.snu
    c:\users\Stephen\AppData\Local\Avg2014
    c:\windows\system32\IObitSmartDefragExtension.dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-02-11 to 2014-03-11 )))))))))))))))))))))))))))))))
    .
    .
    2014-03-11 02:07 . 2014-03-11 02:07 -------- d-----w- c:\users\Stephen\AppData\Local\temp
    2014-03-11 02:07 . 2014-03-11 02:07 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
    2014-03-11 02:07 . 2014-03-11 02:07 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-03-10 19:33 . 2014-02-05 23:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2EF80AFF-28A4-46BB-AC54-62F77BEC0BCB}\mpengine.dll
    2014-03-09 17:50 . 2014-03-09 17:50 -------- d-----w- c:\users\Stephen\AppData\Roaming\SUPERAntiSpyware.com
    2014-03-09 16:29 . 2014-03-09 16:29 -------- d-----w- c:\programdata\ProductData
    2014-03-09 06:12 . 2014-03-09 06:12 -------- d-----w- c:\programdata\WindowsSearch
    2014-03-09 05:33 . 2014-03-09 05:33 -------- d-----w- c:\programdata\Malwarebytes
    2014-03-09 05:33 . 2014-03-09 05:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2014-03-09 00:19 . 2014-02-05 23:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2014-03-09 00:16 . 2014-03-09 00:16 -------- d-----w- c:\program files\Microsoft Security Client
    2014-03-08 16:35 . 2014-03-08 16:36 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-03-08 12:53 . 2014-03-08 12:53 -------- d-----w- c:\windows\ERUNT
    2014-03-07 23:46 . 2014-03-08 12:11 -------- d-----w- C:\FRST
    2014-03-05 00:16 . 2010-03-08 10:10 9216 ----a-w- c:\windows\system32\ffnd.exe
    2014-03-01 19:09 . 2013-11-05 14:38 274432 ----a-w- c:\windows\system32\ssleay32.dll
    2014-03-01 19:09 . 2013-11-05 14:38 1122304 ----a-w- c:\windows\system32\libeay32.dll
    2014-03-01 19:09 . 2012-12-10 11:04 81920 ----a-w- c:\windows\eSellerateControl350.dll
    2014-03-01 19:09 . 2012-12-10 11:04 356352 ----a-w- c:\windows\eSellerateEngine.dll
    2014-02-28 18:49 . 2014-02-28 18:49 -------- d-----w- c:\users\Stephen\AppData\Roaming\LavasoftStatistics
    2014-02-27 18:13 . 2014-02-27 18:13 -------- d-----w- c:\users\Stephen\Coop
    2014-02-26 08:53 . 2014-03-01 09:28 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\CrashDumps
    2014-02-25 18:15 . 2014-03-09 19:55 -------- d-----w- c:\users\Stephen\AbiSuite
    2014-02-25 18:14 . 2014-02-27 12:51 -------- d-----w- c:\program files\AbiWord
    2014-02-25 16:23 . 2014-02-25 16:35 -------- d-----w- c:\users\Stephen\AppData\Roaming\1H1Q
    2014-02-25 09:40 . 2014-02-25 10:41 -------- d-----w- c:\users\Stephen\AppData\Local\CrashDumps
    2014-02-24 03:13 . 2014-03-08 12:36 -------- d-----w- C:\AdwCleaner
    2014-02-23 15:34 . 2010-05-13 17:34 14232 ----a-w- c:\windows\system32\sh4native.exe
    2014-02-22 06:43 . 2013-04-04 14:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-02-22 06:08 . 2014-02-22 06:08 -------- d-----w- c:\users\Stephen\AppData\Local\Privatefirewall
    2014-02-22 06:04 . 2014-02-22 06:04 -------- d-----w- c:\users\Stephen\AppData\Local\MFAData
    2014-02-22 04:44 . 2013-09-29 21:24 130568 ----a-w- c:\windows\system32\drivers\pwipf6.sys
    2014-02-22 04:43 . 2014-02-22 04:43 -------- d-----w- c:\programdata\Privacyware
    2014-02-22 04:43 . 2014-02-22 04:43 -------- d-----w- c:\program files\Privacyware
    2014-02-22 03:49 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6F44954-D839-4401-A1D9-9517F6A307DD}\mpengine.dll
    2014-02-22 01:45 . 2014-02-22 01:45 -------- d-----w- c:\users\Stephen\AppData\Roaming\SecureSearch
    2014-02-18 23:26 . 2014-02-18 23:26 110080 ----a-r- c:\users\Stephen\AppData\Roaming\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
    2014-02-18 23:26 . 2014-02-18 23:26 110080 ----a-r- c:\users\Stephen\AppData\Roaming\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
    2014-02-18 23:26 . 2014-02-18 23:26 110080 ----a-r- c:\users\Stephen\AppData\Roaming\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
    2014-02-18 23:24 . 2014-02-27 16:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2014-02-12 07:52 . 2014-02-12 07:55 -------- d-----w- c:\users\Stephen\Blank Cd's
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-02-21 09:42 . 2012-05-10 17:11 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-02-21 09:42 . 2011-06-10 08:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-01-19 07:32 . 2009-10-03 14:50 231584 ------w- c:\windows\system32\MpSigStub.exe
    2014-01-17 16:24 . 2014-01-17 16:24 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2014-01-17 16:24 . 2014-01-17 16:24 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2014-01-17 03:14 . 2014-01-17 03:14 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2014-01-03 10:00 . 2013-09-27 00:59 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
    2014-01-01 16:49 . 2008-03-08 19:56 317240 ----a-w- c:\windows\system32\Prounstl.exe
    2014-01-01 16:49 . 2014-01-01 16:49 83808 ----a-w- c:\windows\system32\NicInE6.dll
    2014-01-01 16:49 . 2014-01-01 16:49 28272 ----a-w- c:\windows\system32\NicCo26.dll
    2014-01-01 16:49 . 2014-01-01 16:49 232296 ----a-w- c:\windows\system32\drivers\e1e6032.sys
    2014-01-01 16:49 . 2014-01-01 16:49 121440 ----a-w- c:\windows\system32\e1000msg.dll
    2014-01-01 16:12 . 2014-01-01 16:12 319456 ----a-w- c:\windows\system32\Difxapi.dll
    2014-01-01 16:12 . 2014-01-01 16:12 58368 ----a-w- c:\windows\system32\coinst_8.97.100.11.dll
    2014-01-01 16:12 . 2014-01-01 16:12 48544 ----a-w- c:\windows\system32\atiuxpag.dll
    2014-01-01 16:12 . 2008-03-08 19:56 4782960 ----a-w- c:\windows\system32\atiumdva.dll
    2014-01-01 16:11 . 2014-01-01 16:11 38768 ----a-w- c:\windows\system32\atiu9pag.dll
    2014-01-01 16:11 . 2014-01-01 16:11 37376 ----a-w- c:\windows\system32\atitmpxx.dll
    2014-01-01 16:11 . 2014-01-01 16:11 1978240 ----a-w- c:\windows\system32\atiumdmv.dll
    2014-01-01 16:11 . 2008-03-08 19:56 6288832 ----a-w- c:\windows\system32\atiumdag.dll
    2014-01-01 16:11 . 2014-01-01 16:11 45056 ----a-w- c:\windows\system32\ATIODCLI.exe
    2014-01-01 16:11 . 2014-01-01 16:11 294912 ----a-w- c:\windows\system32\ATIODE.exe
    2014-01-01 16:11 . 2014-01-01 16:11 20992 ----a-w- c:\windows\system32\atimuixx.dll
    2014-01-01 16:11 . 2014-01-01 16:11 19584512 ----a-w- c:\windows\system32\atioglxx.dll
    2014-01-01 16:11 . 2008-03-08 19:56 163840 ----a-w- c:\windows\system32\atitmmxx.dll
    2014-01-01 16:11 . 2014-01-01 16:11 62976 ----a-w- c:\windows\system32\atimpc32.dll
    2014-01-01 16:11 . 2014-01-01 16:11 62976 ----a-w- c:\windows\system32\amdpcom32.dll
    2014-01-01 16:11 . 2014-01-01 16:11 453632 ----a-w- c:\windows\system32\atieclxx.exe
    2014-01-01 16:11 . 2014-01-01 16:11 33280 ----a-w- c:\windows\system32\atigktxx.dll
    2014-01-01 16:11 . 2014-01-01 16:11 290304 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2014-01-01 16:11 . 2014-01-01 16:11 217088 ----a-w- c:\windows\system32\atiesrxx.exe
    2014-01-01 16:11 . 2014-01-01 16:11 14848 ----a-w- c:\windows\system32\atiglpxx.dll
    2014-01-01 16:11 . 2014-01-01 16:11 10070016 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2014-01-01 16:11 . 2014-01-01 16:11 929736 ----a-w- c:\windows\system32\aticfx32.dll
    2014-01-01 16:11 . 2014-01-01 16:11 6857392 ----a-w- c:\windows\system32\atidxx32.dll
    2014-01-01 16:11 . 2014-01-01 16:11 46080 ----a-w- c:\windows\system32\aticalrt.dll
    2014-01-01 16:11 . 2014-01-01 16:11 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
    2014-01-01 16:11 . 2014-01-01 16:11 13402112 ----a-w- c:\windows\system32\aticaldd.dll
    2014-01-01 16:11 . 2014-01-01 16:11 44544 ----a-w- c:\windows\system32\aticalcl.dll
    2014-01-01 16:11 . 2014-01-01 16:11 118784 ----a-w- c:\windows\system32\atibtmon.exe
    2014-01-01 16:11 . 2014-01-01 16:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2014-01-01 16:11 . 2014-01-01 16:11 364544 ----a-w- c:\windows\system32\atiadlxx.dll
    2014-01-01 16:11 . 2014-01-01 16:11 159744 ----a-w- c:\windows\system32\atiapfxx.exe
    2014-01-01 16:11 . 2008-03-08 19:56 43520 ----a-w- c:\windows\system32\ati2edxx.dll
    2013-12-24 10:40 . 2014-01-23 06:43 18624 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
    2013-12-12 16:58 . 2013-12-12 16:58 82432 ----a-w- c:\users\Stephen\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
    2013-12-12 16:58 . 2013-12-12 16:58 44544 ----a-w- c:\users\Stephen\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
    2013-12-12 16:58 . 2013-12-12 16:58 1275392 ----a-w- c:\users\Stephen\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2014-01-30 15:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
    2014-01-30 15:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
    2014-01-30 15:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
    2014-01-30 15:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2014-01-30 15:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2014-01-30 15:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "Nero MediaHome 4"="c:\program files\NERO\NERO MEDIAHOME 4\NEROMEDIAHOME.EXE" [2010-03-08 5174568]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-06 43848]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]
    "Privatefirewall"="c:\program files\Privacyware\Privatefirewall 7.0\PFGUI.exe" [2013-12-17 3048480]
    "Nero MediaHome 4"="c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2010-03-08 5174568]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    2011-11-02 07:51 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2014-02-06 00:52 43848 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
    2007-11-15 09:23 202544 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
    2007-11-15 09:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
    2007-05-25 06:03 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
    2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
    2008-03-08 12:21 1838592 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
    2007-10-03 15:44 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2014-02-21 03:54 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
    2010-03-08 09:38 5174568 ----a-w- c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2014-01-17 16:24 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
    2007-09-12 08:40 405504 ----a-w- c:\program files\Sigmatel\C-Major Audio\WDM\sttray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2013-07-02 08:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ECACHE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-03-04 08:12 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 09:42]
    .
    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 19:03]
    .
    2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 19:03]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.co.uk/
    mStart Page = hxxp://www.google.com
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
    FF - ProfilePath - c:\users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\op65iw1g.default-1359464117396\
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2014-03-11 02:07
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}"=hex:51,66,7a,6c,4c,1d,38,12,50,ad,9c,
    47,dd,f3,bd,01,d4,9d,4f,3c,86,0e,9b,4d
    "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}"=hex:51,66,7a,6c,4c,1d,38,12,8b,c7,39,
    ea,82,fe,a8,0b,f7,bf,ff,e1,a6,74,f5,13
    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
    "{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}"=hex:51,66,7a,6c,4c,1d,38,12,14,1c,97,
    2e,26,ee,cb,08,c9,cf,c8,d1,38,a5,3e,98
    "{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
    57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
    "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
    72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
    "{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}"=hex:51,66,7a,6c,4c,1d,38,12,ac,35,59,
    8e,07,4b,42,08,c2,2b,0a,2c,b2,b0,92,f7
    "{CA6319C0-31B7-401E-A518-A07C3DB8F777}"=hex:51,66,7a,6c,4c,1d,38,12,ae,1a,70,
    ce,85,7f,70,05,da,0e,e3,3c,38,e6,b3,63
    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:3c,38,f2,0f,7a,b6,cd,01
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,0d,2f,9d,4e,f3,91,4b,86,94,b0,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,0d,2f,9d,4e,f3,91,4b,86,94,b0,\
    .
    Completion time: 2014-03-11 02:11:08
    ComboFix-quarantined-files.txt 2014-03-11 02:11
    ComboFix2.txt 2014-03-10 19:27
    ComboFix3.txt 2014-03-10 19:01
    .
    Pre-Run: 236,579,205,120 bytes free
    Post-Run: 236,506,599,424 bytes free
    .
    - - End Of File - - 3AE33764BAA52833FFAEB980827E136E
    5C616939100B85E558DA92B899A0FC36

    TDSSkiller threats=0,objects=0
    Hijack this log to follow in next post

  2. #22
    Member
    Join Date
    Mar 2014
    Location
    Normanton,West Yorkshire,UK
    Posts
    36

    Default Malware Problems with my PC

    HijackThis Log:-


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 04:25:44, on 11/03/2014
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wuauclt.exe
    C:\Users\Stephen\Desktop\Assort. Virus Progs Etc\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Privatefirewall] C:\Program Files\Privacyware\Privatefirewall 7.0\PFGUI.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\PROGRAM FILES\NERO\NERO MEDIAHOME 4\NEROMEDIAHOME.EXE" /AUTORUN
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/soft...02/CTSUEng.cab
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/soft...3/CTPIDPDE.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/soft...0321/CTPID.cab
    O18 - Protocol: linkscanner - (no CLSID) - (no file)
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate (LiveUpdateSvc) - Unknown owner - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe (file missing)
    O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Privacyware network service (PFNet) - Privacyware/PWI, Inc. - C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe
    O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe

    --
    End of file - 6930 bytes

  3. #23
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

    Open Windows Defender.
    Click on Tools, General Settings.
    Scroll down and uncheck Turn on real-time protection (recommended).
    After you uncheck this, click on the Save button and close Windows Defender.

    After all of the fixes are complete it is very important that you enable Real-time Protection again.


    The below are optional fixes, by removing them from your start ups list this can improve boot up time and open up resources.
    All these items can researched here http://www.bleepingcomputer.com/startups/

    Open HijackThis, Click Do a system scan only, checkmark these. Then close all other windows and browsers except HijackThis and press fix checked.

    O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (file missing)
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\PROGRAM FILES\NERO\NERO MEDIAHOME 4\NEROMEDIAHOME.EXE" /AUTORUN
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe


    Now please reboot your computer to set the registry.

    Please post back and let me know if there is any improvements.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  4. #24
    Member
    Join Date
    Mar 2014
    Location
    Normanton,West Yorkshire,UK
    Posts
    36

    Default Malware Problems with my PC

    Thanks Again for your Post,I appreciate your help.
    I have deleted the Items with HIjack this,so we'll see how it goes.
    One thing I did forget to mention,is that Windows updater will not stay on automatic,despite reseting it numerous times.I have no choice but to do the updating manually and I get a lot of errors eg 80070490,despite using the windows Hotfix.
    Will report back soon.
    Best Regards.
    Laudorum

  5. #25
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    See if any of these items can help.


    Is this the hotfix you used?
    http://support.microsoft.com/mats/windows_update/

    System Update Readiness Tool for Windows Vista
    http://www.microsoft.com/en-us/downl...ls.aspx?id=504


    Run the System Update Readiness tool
    http://support.microsoft.com/kb/958044


    Try running the System File Checker

    Go to Start -> All Programs -> Accessories, then right-click "Command Prompt" and choose "Run as Administrator."
    Enter the command "sfc /scannow" when the black command prompt window appears, then hit enter.
    Let the scan complete...then restart your notebook and try running updates again.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #26
    Member
    Join Date
    Mar 2014
    Location
    Normanton,West Yorkshire,UK
    Posts
    36

    Default Malware Problems with My PC

    Hi Juliet,Sorry for not replying,But I've got the 'Flu.
    I also lost Firefox,and all my bookmarks.I have them on a backup disc somewhere,so all is not lost.
    when I'm feeling a Bit Better I will run another MBAM scan,Since I've got a lot of Pup's being installed,And a lot of Alerts popping up on my firewall.
    I have managed to delete some,but the same ones seem to keep coming back eg Bubbledock,Conduit,Search project and Plurpush.
    I'm going to bed now,so talk to you later.
    Regards laudorum

  7. #27
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    So sorry to hear your sick, please get well soon.

    When your ready to continue please let me know.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #28
    Member
    Join Date
    Mar 2014
    Location
    Normanton,West Yorkshire,UK
    Posts
    36

    Default Malware Problems with My PC

    Hi Juliet,
    Back again in the land of the living,to get some more help Please.
    I've tried all the fixes in your post of 12 03 14 and am still can't get Updates,for windows.
    The HotFix I used is the one specifically for Vista.When I run it, I get a runtime error code 80070005.
    The system update readiness tool I used was for the 32bit system(KB947821),and this ran for2 hours or so and reported that the updates had been installed.However I still get notifications telling me that updates cannot be installed automatically, despite the Auto update setting in the control panel.
    The troubleshooting tool(KB958044),when run,reported that it could not continue because an error had occured(code 80070005).
    I also tried the the system file checker,following your instructions,and got a dialog box telling me"The System cannot find the path specified",so all in all,not a good result.
    I cannot open MBAM,to run a scan,despite this being the latest version with the chameleon update,which is supposed to stop MBAM being Hijacked by malware.The dialog box reported that:-"windows cannot access the specified device,path or file-you may not have the appropriate permissions to access this item".I attempted to delete the program,in order to reinstall,but no luck! a dialog box advised me "error 5 unable to create a temp file- access is denied".
    So I thought I'd try MSE,but guess what,The Prog was unable to instal updates,Error code 0x80070002,which directs you to the fixit gizmo which won't run!
    The only Programs I have added is Advanced Uninstaller Pro,which I used to get rid of the IObit uninstaller,which had also stopped working,and to delete some PUPS ie nosibay,bubbledock etc,and to reinstall Quicktime.
    The strange thing is that my son uses this PC a lot,and has not reported anything amiss,other than The PC being a little slow and taking longer to boot up.I should mention that my son knows about the problems I'm having,and is quite PC savvy.he used to work on PC's for a Living,ie Data Input and word processing.
    On top of the other problems I can't get My PC to see my expansion drive.
    I Would Really Appreciate some help,as I still feel that I've got something nasty lurking on my PC.
    Almost forgot I Downloaded the Microsoft Malicious Software Removal Tool,and to my surprise No Infection
    look forward to your reply.
    Regards,Laudorum

  9. #29
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    When you ran TDSSKiller, can you recall if it had found anything?

    What happens if you boot into safe mode to run tools, are they stopped here as well?

    http://www.bleepingcomputer.com/foru...ns-to-default/
    Reset All User Permissions To Default

    Please download Farbar Service Scanner and run it on the computer.

    Make sure the following options are checked:[*]Internet Services
    Windows Firewall
    System Restore
    Security Center
    Windows Update
    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.

    ~~~~~~~~~~~~~~~

    Please download Malwarebytes AntiRootkit and save it to your desktop.

    Full instructions how to use MBAR
    Please note: This is a beta version so please be sure to read the disclaimer and note of it.

    • Unzip/unrar MBAR in a folder to your Desktop and MBAM shall run ...

    • Click on Next > then on Update button to download fresh definitions.


    • When database updates click Next

    • In the following window ensure "Targets" scan for Drivers; Sectors; System are ticked. Then select "Scan button"


    • If an infection/s are found ensure "Create Restore Point" is checked, then select the "Cleanup Button" to remove threats.
    Or if you are sure any entries should be kept, just untick them. A list of infected files will be listed.


    • The Clean up procedure will be Scheduled for process.
    • When complete pop-up will show you. Select the Yes button and the system should re-boot to complete the cleaning process.

    >> Please copy and paste the two following logs from the mbar folder:

    system-log.txt
    and
    mbar-log-year-month-day (hour-minute-second).txt.

    If you cannot do this in normal mode, please try to run the tool in safe mode.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #30
    Member
    Join Date
    Mar 2014
    Location
    Normanton,West Yorkshire,UK
    Posts
    36

    Default Malware Problems with My PC

    Juliet,thanks for speedy reply,but just a point,Today I have been having internet connection problems,and had to contact my ISP.
    I was trying to update MSE again and got to the Install section,90% finished when a dialog box opened,saying error 0x80072efd, and at the same time,the Internet connection stopped.I repaired the connection and tried again,and the same thing happened,but this time i could not get the internet connection established,and had to contact my ISP.
    Internet Connection Is fine now,but I wonder if this may have been something to do with the problems I have been experiencing recently?
    I have just checked MBAM and it opens fine and is running.
    I Will wait till I hear from You,before I do anything else.
    Regards

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •