Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91600 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Persistent SearchConduit, ReadingFanatic, and/or Adware infection [Sol


  • This topic is locked This topic is locked
79 replies to this topic

#61 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 07 January 2014 - 05:31 PM

Dean,

 

Lets do this, I have never been a big fan of IE, download and install Firefox, make it your default browser, take it for  a spin, its easier to use and more secure than IE

 

http://www.mozilla.o...US/firefox/new/


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.

    Advertisements

Register to Remove


#62 Dean N

Dean N

    Authentic Member

  • Authentic Member
  • PipPip
  • 152 posts

Posted 07 January 2014 - 08:47 PM

You sold me with "more secure".  I never really loved IE either.

 

Unfortunately, I'm getting AdChoices garbage in Firefox too.  *cue sad trombone



#63 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 07 January 2014 - 09:23 PM

Try Adblock for Firefox

 

https://addons.mozil...n/adblock-plus/

 

 

Do you have a Yahoo account, start page or use there mail.  If you do log out of any or all yahoo accounts 


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#64 Dean N

Dean N

    Authentic Member

  • Authentic Member
  • PipPip
  • 152 posts

Posted 07 January 2014 - 09:37 PM

Yeah, that was obvious.  And it was 100% effective.

 

No ads.



#65 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 07 January 2014 - 09:53 PM

Good, was it Adblock or logging out of Yahoo or both ?

 

Lets keep an eye on this, dont go away.  Hoping for more info on this to get rid of this pest for good


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#66 Dean N

Dean N

    Authentic Member

  • Authentic Member
  • PipPip
  • 152 posts

Posted 07 January 2014 - 10:11 PM

It was definitely Adblock. 

 

I know that blocked does not equal removed.  I'll actively keep an eye on this; I'm 100% on board with helping you beat this thing.  Let me know how I can help.

 

Should I remove that Pokki program?  Its program name is "Toshiba Start".  Publisher is Pokki.  It did not come installed on the machine.


Edited by Dean N, 07 January 2014 - 10:12 PM.


#67 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 07 January 2014 - 10:18 PM

Pokki, just leave it be if its related to Toshiba


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#68 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 08 January 2014 - 11:04 AM

Dean,

 

I am sure this is ok but lets check

 

Plug these into SystemLook

 

:folderfind
pokki
:filefind
pokki

Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#69 Dean N

Dean N

    Authentic Member

  • Authentic Member
  • PipPip
  • 152 posts

Posted 08 January 2014 - 07:58 PM

Looks ok:

 

 

 

SystemLook 30.07.11 by jpshortstuff
Log created at 20:55 on 08/01/2014 by Dean
Administrator - Elevation successful

========== folderfind ==========

Searching for "pokki"
C:\Users\Default\AppData\Local\Pokki    d------    [05:43 20/09/2013]

========== filefind ==========

Searching for "pokki"
No files found.

-= EOF =-



#70 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 08 January 2014 - 08:50 PM

Lets just leave it be


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.

    Advertisements

Register to Remove


#71 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 12 January 2014 - 09:58 AM

Dean, new tool out from Malwarebytes, download and run it please and post the log, actually there is no scan, it will just protect your browsers from exploits, let me know how it went

 

http://downloads.mal...file/mbae_beta/


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#72 Dean N

Dean N

    Authentic Member

  • Authentic Member
  • PipPip
  • 152 posts

Posted 12 January 2014 - 11:25 AM

Hi Ken,

 

Here's a bit of an update:  After a couple days of smooth sailing on Firefox, I updated to 8.1.  Still no problems.  I went to download Flash from CNet, and guess what, prior to download, when I was unchecking all the extra junk they were "suggesting", I see that Conduit garbage being suggested to me (on CNet!  Ugh.); of course I unchecked it, but I'm sure I blew through those menus before and that's how it ended up on my machine.  Shame on CNet.

 

I ran the new MB thingy.  Wasn't very user-friendly.. I didn't receive any feedback that it ran and it didn't open a logfile.  I did find it in the Programs folder though.  Seems to be all good.  Here it is:

 

 

 

 

2014-01-12 12:15:16 - Checking OS .....
2014-01-12 12:15:16 - Windows 8.0
2014-01-12 12:15:16 - Standard x64 Edition
2014-01-12 12:15:17 - The Malwarebytes Anti-Exploit task scheduler has been successfully created
2014-01-12 12:15:17 - Malwarebytes Anti-Exploit Driver Installed successfuly
2014-01-12 12:15:17 - Malwarebytes Anti-Exploit Driver is running
2014-01-12 12:15:17 - Starting Injection with: C:\Program Files\Malwarebytes Anti-Exploit\MBAE.dll
2014-01-12 12:15:18 - DLL Injection has been successfully started  C:\Program Files\Malwarebytes Anti-Exploit\MBAE.dll
2014-01-12 12:15:18 - Starting Injection with: C:\Program Files\Malwarebytes Anti-Exploit\MBAE64.dll
2014-01-12 12:15:18 - DLL Injection has been successfully started  C:\Program Files\Malwarebytes Anti-Exploit\MBAE64.dll
2014-01-12 12:15:20 - The application (7096)Firefox is now protected
2014-01-12 12:15:20 - Process Info: Pid: 7096 Process Name: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Address: 0x00000000
2014-01-12 12:15:20 - LoadedModule: plugin-container.exe Address: 0x00D70000:0x00D76000
2014-01-12 12:15:20 - LoadedModule: ntdll.dll Address: 0xA9880000:0xA9A29000
2014-01-12 12:15:20 - LoadedModule: wow64.dll Address: 0x77BE0000:0x77C29000
2014-01-12 12:15:20 - LoadedModule: wow64win.dll Address: 0x77C40000:0x77CA8000
2014-01-12 12:15:20 - LoadedModule: wow64cpu.dll Address: 0x77C30000:0x77C39000
2014-01-12 12:15:20 - LoadedModule: plugin-container.exe Address: 0x00D70000:0x00D76000
2014-01-12 12:15:20 - LoadedModule: ntdll.dll Address: 0x77CB0000:0x77E18000
2014-01-12 12:15:20 - LoadedModule: KERNEL32.DLL Address: 0x77A60000:0x77BA0000
2014-01-12 12:15:20 - LoadedModule: KERNELBASE.dll Address: 0x76BC0000:0x76C8F000
2014-01-12 12:15:20 - LoadedModule: xul.dll Address: 0x69A70000:0x6B10A000
2014-01-12 12:15:20 - LoadedModule: mozalloc.dll Address: 0x72CC0000:0x72CC6000
2014-01-12 12:15:20 - LoadedModule: MSVCR100.dll Address: 0x6D050000:0x6D10E000
2014-01-12 12:15:20 - LoadedModule: mozjs.dll Address: 0x6CA10000:0x6CD7E000
2014-01-12 12:15:20 - LoadedModule: nss3.dll Address: 0x6CD80000:0x6CF35000
2014-01-12 12:15:20 - LoadedModule: gkmedias.dll Address: 0x6C6A0000:0x6CA01000
2014-01-12 12:15:20 - LoadedModule: USER32.dll Address: 0x77910000:0x77A5F000
2014-01-12 12:15:20 - LoadedModule: GDI32.dll Address: 0x77420000:0x77528000
2014-01-12 12:15:20 - LoadedModule: WINMM.dll Address: 0x75080000:0x750A0000
2014-01-12 12:15:20 - LoadedModule: WSOCK32.dll Address: 0x750A0000:0x750A8000
2014-01-12 12:15:20 - LoadedModule: ADVAPI32.dll Address: 0x770B0000:0x77127000
2014-01-12 12:15:20 - LoadedModule: NETAPI32.dll Address: 0x73910000:0x73922000
2014-01-12 12:15:20 - LoadedModule: IPHLPAPI.DLL Address: 0x74750000:0x7476E000
2014-01-12 12:15:20 - LoadedModule: SHELL32.dll Address: 0x75A10000:0x76BB3000
2014-01-12 12:15:20 - LoadedModule: ole32.dll Address: 0x75790000:0x7589B000
2014-01-12 12:15:20 - LoadedModule: VERSION.dll Address: 0x75460000:0x75468000
2014-01-12 12:15:20 - LoadedModule: IMM32.dll Address: 0x758E0000:0x75905000
2014-01-12 12:15:20 - LoadedModule: MSIMG32.dll Address: 0x73B70000:0x73B76000
2014-01-12 12:15:20 - LoadedModule: SHLWAPI.dll Address: 0x771B0000:0x771F1000
2014-01-12 12:15:20 - LoadedModule: WS2_32.dll Address: 0x77040000:0x7708D000
2014-01-12 12:15:20 - LoadedModule: UxTheme.dll Address: 0x73200000:0x732DC000
2014-01-12 12:15:20 - LoadedModule: SETUPAPI.dll Address: 0x77760000:0x7790C000
2014-01-12 12:15:20 - LoadedModule: USP10.dll Address: 0x6F2D0000:0x6F2E4000
2014-01-12 12:15:20 - LoadedModule: OLEAUT32.dll Address: 0x75920000:0x759A7000
2014-01-12 12:15:20 - LoadedModule: mozglue.dll Address: 0x6FCA0000:0x6FCC2000
2014-01-12 12:15:20 - LoadedModule: MSVCP100.dll Address: 0x6D2C0000:0x6D329000
2014-01-12 12:15:20 - LoadedModule: PSAPI.DLL Address: 0x77690000:0x77696000
2014-01-12 12:15:20 - LoadedModule: WINMMBASE.dll Address: 0x75060000:0x75080000
2014-01-12 12:15:20 - LoadedModule: msvcrt.dll Address: 0x776A0000:0x7775E000
2014-01-12 12:15:20 - LoadedModule: sechost.dll Address: 0x758A0000:0x758DE000
2014-01-12 12:15:20 - LoadedModule: RPCRT4.dll Address: 0x76CD0000:0x76D81000
2014-01-12 12:15:20 - LoadedModule: netutils.dll Address: 0x738A0000:0x738AA000
2014-01-12 12:15:20 - LoadedModule: srvcli.dll Address: 0x737F0000:0x7380B000
2014-01-12 12:15:20 - LoadedModule: wkscli.dll Address: 0x73740000:0x73750000
2014-01-12 12:15:20 - LoadedModule: NSI.dll Address: 0x75910000:0x75917000
2014-01-12 12:15:20 - LoadedModule: WINNSI.DLL Address: 0x74590000:0x74598000
2014-01-12 12:15:20 - The application (5472)Firefox is now protected
2014-01-12 12:15:20 - LoadedModule: MSCTF.dll Address: 0x76D90000:0x76E87000
2014-01-12 12:15:20 - LoadedModule: CFGMGR32.dll Address: 0x77BA0000:0x77BDA000
2014-01-12 12:15:20 - LoadedModule: DEVOBJ.dll Address: 0x75040000:0x7505F000
2014-01-12 12:15:20 - Process Info: Pid: 5472 Process Name: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Address: 0x00000000
2014-01-12 12:15:20 - LoadedModule: firefox.exe Address: 0x00130000:0x00174000
2014-01-12 12:15:20 - LoadedModule: dwmapi.dll Address: 0x731C0000:0x731D9000
2014-01-12 12:15:20 - LoadedModule: wow64.dll Address: 0x77BE0000:0x77C29000
2014-01-12 12:15:20 - LoadedModule: kernel.appcore.dll Address: 0x755B0000:0x755B9000
2014-01-12 12:15:20 - LoadedModule: wow64cpu.dll Address: 0x77C30000:0x77C39000
2014-01-12 12:15:20 - LoadedModule: WININET.dll Address: 0x74C10000:0x74DD4000
2014-01-12 12:15:20 - LoadedModule: ntdll.dll Address: 0x77CB0000:0x77E18000
2014-01-12 12:15:20 - LoadedModule: urlmon.dll Address: 0x73090000:0x731B5000
2014-01-12 12:15:20 - LoadedModule: USER32.dll Address: 0x77910000:0x77A5F000
2014-01-12 12:15:20 - LoadedModule: DINPUT8.dll Address: 0x6B260000:0x6B295000
2014-01-12 12:15:20 - LoadedModule: GDI32.dll Address: 0x77420000:0x77528000
2014-01-12 12:15:20 - LoadedModule: mscms.dll Address: 0x6CF80000:0x6CFF7000
2014-01-12 12:15:20 - LoadedModule: MSCTF.dll Address: 0x76D90000:0x76E87000
2014-01-12 12:15:20 - LoadedModule: iertutil.dll Address: 0x74770000:0x74985000
2014-01-12 12:15:20 - LoadedModule: MSVCP100.dll Address: 0x6D2C0000:0x6D329000
2014-01-12 12:15:20 - LoadedModule: POWRPROF.dll Address: 0x72EF0000:0x72F2E000
2014-01-12 12:15:20 - LoadedModule: nss3.dll Address: 0x6CD80000:0x6CF35000
2014-01-12 12:15:20 - LoadedModule: USERENV.dll Address: 0x74F50000:0x74F69000
2014-01-12 12:15:20 - LoadedModule: WSOCK32.dll Address: 0x750A0000:0x750A8000
2014-01-12 12:15:20 - LoadedModule: clbcatq.dll Address: 0x77130000:0x771AD000
2014-01-12 12:15:20 - LoadedModule: WINMMBASE.dll Address: 0x75060000:0x75080000
2014-01-12 12:15:20 - LoadedModule: AUDIOSES.DLL Address: 0x6B5D0000:0x6B625000
2014-01-12 12:15:20 - LoadedModule: sechost.dll Address: 0x758A0000:0x758DE000
2014-01-12 12:15:20 - LoadedModule: MBAE.dll Address: 0x67AF0000:0x67B2F000
2014-01-12 12:15:20 - LoadedModule: cfgmgr32.dll Address: 0x77BA0000:0x77BDA000
2014-01-12 12:15:20 - LoadedModule: ntmarta.dll Address: 0x71C00000:0x71C25000
2014-01-12 12:15:20 - LoadedModule: NSI.dll Address: 0x75910000:0x75917000
2014-01-12 12:15:20 - LoadedModule: SspiCli.dll Address: 0x756E0000:0x756FD000
2014-01-12 12:15:20 - LoadedModule: CRYPTBASE.dll Address: 0x756D0000:0x756D9000
2014-01-12 12:15:20 - LoadedModule: bcryptPrimitives.dll Address: 0x75670000:0x756C1000
2014-01-12 12:15:20 - LoadedModule: mozjs.dll Address: 0x6CA10000:0x6CD7E000
2014-01-12 12:15:20 - LoadedModule: PSAPI.DLL Address: 0x77690000:0x77696000
2014-01-12 12:15:20 - LoadedModule: mozalloc.dll Address: 0x72CC0000:0x72CC6000
2014-01-12 12:15:20 - LoadedModule: gkmedias.dll Address: 0x6C6A0000:0x6CA01000
2014-01-12 12:15:20 - LoadedModule: USP10.dll Address: 0x6F2D0000:0x6F2E4000
2014-01-12 12:15:20 - LoadedModule: ole32.dll Address: 0x75790000:0x7589B000
2014-01-12 12:15:20 - LoadedModule: MSIMG32.dll Address: 0x73B70000:0x73B76000
2014-01-12 12:15:20 - LoadedModule: combase.dll Address: 0x76EF0000:0x7703E000
2014-01-12 12:15:20 - LoadedModule: xul.dll Address: 0x69A70000:0x6B10A000
2014-01-12 12:15:20 - LoadedModule: NETAPI32.dll Address: 0x73910000:0x73922000
2014-01-12 12:15:20 - LoadedModule: IPHLPAPI.DLL Address: 0x74750000:0x7476E000
2014-01-12 12:15:20 - LoadedModule: SHELL32.dll Address: 0x75A10000:0x76BB3000
2014-01-12 12:15:20 - LoadedModule: VERSION.dll Address: 0x75460000:0x75468000
2014-01-12 12:15:20 - LoadedModule: SHLWAPI.dll Address: 0x771B0000:0x771F1000
2014-01-12 12:15:20 - LoadedModule: UxTheme.dll Address: 0x73200000:0x732DC000
2014-01-12 12:15:20 - LoadedModule: SETUPAPI.dll Address: 0x77760000:0x7790C000
2014-01-12 12:15:20 - LoadedModule: OLEAUT32.dll Address: 0x75920000:0x759A7000
2014-01-12 12:15:20 - LoadedModule: netutils.dll Address: 0x738A0000:0x738AA000
2014-01-12 12:15:20 - LoadedModule: srvcli.dll Address: 0x737F0000:0x7380B000
2014-01-12 12:15:20 - LoadedModule: wkscli.dll Address: 0x73740000:0x73750000
2014-01-12 12:15:20 - LoadedModule: WINNSI.DLL Address: 0x74590000:0x74598000
2014-01-12 12:15:20 - LoadedModule: SAMCLI.DLL Address: 0x73710000:0x73722000
2014-01-12 12:15:20 - LoadedModule: dwmapi.dll Address: 0x731C0000:0x731D9000
2014-01-12 12:15:20 - LoadedModule: dwrite.dll Address: 0x6F100000:0x6F272000
2014-01-12 12:15:20 - LoadedModule: dbghelp.dll Address: 0x74020000:0x74168000
2014-01-12 12:15:20 - LoadedModule: SHCORE.dll Address: 0x74FC0000:0x75037000
2014-01-12 12:15:20 - LoadedModule: kernel.appcore.dll Address: 0x755B0000:0x755B9000
2014-01-12 12:15:20 - LoadedModule: clbcatq.dll Address: 0x77130000:0x771AD000
2014-01-12 12:15:20 - LoadedModule: propsys.dll Address: 0x71C30000:0x71D54000
2014-01-12 12:15:20 - LoadedModule: profapi.dll Address: 0x74FB0000:0x74FBE000
2014-01-12 12:15:20 - LoadedModule: mswsock.dll Address: 0x74ED0000:0x74F15000
2014-01-12 12:15:20 - LoadedModule: browsercomps.dll Address: 0x6D000000:0x6D046000
2014-01-12 12:15:20 - LoadedModule: WINTRUST.dll Address: 0x76C90000:0x76CC9000
2014-01-12 12:15:20 - LoadedModule: CRYPT32.dll Address: 0x772A0000:0x7741F000
2014-01-12 12:15:20 - LoadedModule: MSASN1.dll Address: 0x77680000:0x7768E000
2014-01-12 12:15:20 - LoadedModule: dxgi.dll Address: 0x6F030000:0x6F092000
2014-01-12 12:15:20 - LoadedModule: d3d10_1.dll Address: 0x6F2F0000:0x6F319000
2014-01-12 12:15:20 - LoadedModule: d3d10_1core.dll Address: 0x6F0A0000:0x6F0F1000
2014-01-12 12:15:20 - LoadedModule: d3d11.dll Address: 0x6EDC0000:0x6EF6D000
2014-01-12 12:15:20 - LoadedModule: igd10iumd32.dll Address: 0x6B9F0000:0x6C697000
2014-01-12 12:15:20 - LoadedModule: bcrypt.dll Address: 0x73C40000:0x73C5D000
2014-01-12 12:15:20 - LoadedModule: ncrypt.dll Address: 0x73BB0000:0x73BCC000
2014-01-12 12:15:20 - LoadedModule: NTASN1.dll Address: 0x73B80000:0x73BAB000
2014-01-12 12:15:20 - LoadedModule: igdusc32.dll Address: 0x6B680000:0x6B9E3000
2014-01-12 12:15:20 - LoadedModule: d2d1.dll Address: 0x6DB70000:0x6DF34000
2014-01-12 12:15:20 - LoadedModule: mscms.dll Address: 0x6CF80000:0x6CFF7000
2014-01-12 12:15:20 - LoadedModule: USERENV.dll Address: 0x74F50000:0x74F69000
2014-01-12 12:15:20 - LoadedModule: CRYPTSP.dll Address: 0x73F40000:0x73F58000
2014-01-12 12:15:20 - LoadedModule: rsaenh.dll Address: 0x73F10000:0x73F3F000
2014-01-12 12:15:20 - LoadedModule: MMDevApi.dll Address: 0x6B630000:0x6B678000
2014-01-12 12:15:20 - LoadedModule: AUDIOSES.DLL Address: 0x6B5D0000:0x6B625000
2014-01-12 12:15:20 - LoadedModule: powrprof.dll Address: 0x72EF0000:0x72F2E000
2014-01-12 12:15:20 - LoadedModule: napinsp.dll Address: 0x6F2C0000:0x6F2D0000
2014-01-12 12:15:20 - LoadedModule: pnrpnsp.dll Address: 0x6B5B0000:0x6B5C4000
2014-01-12 12:15:20 - LoadedModule: NLAapi.dll Address: 0x6B590000:0x6B5A2000
2014-01-12 12:15:20 - LoadedModule: DNSAPI.dll Address: 0x743E0000:0x7445C000
2014-01-12 12:15:20 - LoadedModule: winrnr.dll Address: 0x6B580000:0x6B589000
2014-01-12 12:15:20 - LoadedModule: mdnsNSP.dll Address: 0x743B0000:0x743D1000
2014-01-12 12:15:20 - LoadedModule: softokn3.dll Address: 0x6B550000:0x6B577000
2014-01-12 12:15:20 - LoadedModule: nssdbm3.dll Address: 0x6B530000:0x6B547000
2014-01-12 12:15:20 - LoadedModule: freebl3.dll Address: 0x6B4E0000:0x6B52F000
2014-01-12 12:15:20 - LoadedModule: nssckbi.dll Address: 0x6B470000:0x6B4D2000
2014-01-12 12:15:20 - LoadedModule: WININET.dll Address: 0x74C10000:0x74DD4000
2014-01-12 12:15:20 - LoadedModule: iertutil.dll Address: 0x74770000:0x74985000
2014-01-12 12:15:20 - LoadedModule: Secur32.dll Address: 0x73730000:0x73739000
2014-01-12 12:15:20 - LoadedModule: ondemandconnroutehelper.dll Address: 0x73540000:0x7354A000
2014-01-12 12:15:20 - LoadedModule: winhttp.dll Address: 0x73750000:0x737E4000
2014-01-12 12:15:20 - LoadedModule: explorerframe.dll Address: 0x72690000:0x728E3000
2014-01-12 12:15:20 - LoadedModule: DUser.dll Address: 0x72B20000:0x72B96000
2014-01-12 12:15:20 - LoadedModule: DUI70.dll Address: 0x723A0000:0x724EB000
2014-01-12 12:15:20 - LoadedModule: rasadhlp.dll Address: 0x743A0000:0x743A7000
2014-01-12 12:15:20 - LoadedModule: ntmarta.dll Address: 0x71C00000:0x71C25000
2014-01-12 12:15:20 - LoadedModule: dhcpcsvc6.DLL Address: 0x71950000:0x71962000
2014-01-12 12:15:20 - LoadedModule: dhcpcsvc.DLL Address: 0x71360000:0x71373000
2014-01-12 12:15:20 - LoadedModule: fwpuclnt.dll Address: 0x74350000:0x74394000
2014-01-12 12:15:20 - LoadedModule: mfplat.dll Address: 0x6B350000:0x6B3F9000
2014-01-12 12:15:20 - LoadedModule: RTWorkQ.DLL Address: 0x6B330000:0x6B34B000
2014-01-12 12:15:20 - LoadedModule: AVRT.dll Address: 0x6B320000:0x6B329000
2014-01-12 12:15:20 - LoadedModule: mfreadwrite.dll Address: 0x6B2C0000:0x6B317000
2014-01-12 12:15:20 - LoadedModule: mf.dll Address: 0x699F0000:0x69A70000
2014-01-12 12:15:20 - LoadedModule: dxva2.dll Address: 0x6B2A0000:0x6B2BA000
2014-01-12 12:15:20 - LoadedModule: icm32.dll Address: 0x68870000:0x688AB000
2014-01-12 12:15:20 - LoadedModule: twinapi.dll Address: 0x6E3F0000:0x6E47B000
2014-01-12 12:15:20 - LoadedModule: Bcp47Langs.dll Address: 0x68820000:0x68867000
2014-01-12 12:15:20 - LoadedModule: LINKINFO.dll Address: 0x70450000:0x7045A000
2014-01-12 12:15:20 - LoadedModule: ntshrui.dll Address: 0x71A60000:0x71B00000
2014-01-12 12:15:20 - LoadedModule: cscapi.dll Address: 0x70440000:0x7044D000
2014-01-12 12:15:20 - LoadedModule: comctl32.dll Address: 0x73960000:0x73B45000
2014-01-12 12:15:20 - LoadedModule: WindowsCodecs.dll Address: 0x6EB70000:0x6ECBD000
2014-01-12 12:15:20 - LoadedModule: thumbcache.dll Address: 0x6B450000:0x6B46F000
2014-01-12 12:15:20 - LoadedModule: comdlg32.dll Address: 0x75700000:0x75787000
2014-01-12 12:15:20 - LoadedModule: Windows.Globalization.dll Address: 0x68350000:0x68419000
2014-01-12 12:15:20 - LoadedModule: globinputhost.dll Address: 0x68800000:0x6881F000
2014-01-12 12:15:20 - LoadedModule: tiptsf.dll Address: 0x682E0000:0x6834B000
2014-01-12 12:15:20 - LoadedModule: xmllite.dll Address: 0x6F830000:0x6F85C000
2014-01-12 12:15:20 - LoadedModule: StructuredQuery.dll Address: 0x68270000:0x682DC000
2014-01-12 12:15:20 - LoadedModule: actxprxy.dll Address: 0x71B00000:0x71BFC000
2014-01-12 12:15:20 - LoadedModule: SearchFolder.dll Address: 0x681A0000:0x6826F000
2014-01-12 12:15:20 - LoadedModule: oleacc.dll Address: 0x735A0000:0x735E8000
2014-01-12 12:15:20 - LoadedModule: apphelp.dll Address: 0x73F80000:0x7401A000
2014-01-12 12:15:20 - LoadedModule: NetworkExplorer.dll Address: 0x68000000:0x68199000
2014-01-12 12:15:20 - LoadedModule: twinapi.appcore.dll Address: 0x67F90000:0x67FFC000
2014-01-12 12:15:20 - LoadedModule: urlmon.dll Address: 0x73090000:0x731B5000
2014-01-12 12:15:20 - LoadedModule: IDStore.dll Address: 0x6B430000:0x6B44E000
2014-01-12 12:15:20 - LoadedModule: SAMLIB.dll Address: 0x70460000:0x70473000
2014-01-12 12:15:20 - LoadedModule: wlidprov.dll Address: 0x67F30000:0x67F83000
2014-01-12 12:15:20 - LoadedModule: mssprxy.dll Address: 0x6B420000:0x6B42F000
2014-01-12 12:15:20 - LoadedModule: provsvc.dll Address: 0x67ED0000:0x67F21000
2014-01-12 12:15:20 - LoadedModule: Wpc.dll Address: 0x68470000:0x68692000
2014-01-12 12:15:20 - LoadedModule: wevtapi.dll Address: 0x68420000:0x6846C000
2014-01-12 12:15:20 - LoadedModule: MBAE.dll Address: 0x67AF0000:0x67B2F000
2014-01-12 12:15:20 - LoadedModule: MSVCR100D.dll Address: 0x67970000:0x67AE2000
2014-01-12 12:15:26 - Checking OS .....
2014-01-12 12:15:26 - Windows 8.0
2014-01-12 12:15:26 - Standard x64 Edition
2014-01-12 12:16:22 - Checking OS .....
2014-01-12 12:16:22 - Windows 8.0
2014-01-12 12:16:22 - Standard x64 Edition
2014-01-12 12:16:39 - Checking OS .....
2014-01-12 12:16:39 - Windows 8.0
2014-01-12 12:16:39 - Standard x64 Edition
2014-01-12 12:17:50 - Checking OS .....
2014-01-12 12:17:50 - Windows 8.0
2014-01-12 12:17:50 - Standard x64 Edition
 



#73 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 12 January 2014 - 11:39 AM

Thanks Dean for your input.  A lot of helpers on these forums are starting to experience the same thing, the consensus is that its associated with Adobe Flash Player so if you can get by without it uninstall the darn thing.


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#74 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,203 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 14 January 2014 - 10:21 PM

Dean,

 

As far as Malwarebytes Anti Exploit, no scan to run, just sits in the background doing its thing protecting your system.

https://forums.malwa...howtopic=136424

 

 

 

There is a test application (Exploit-Test). By running this application, users can verify that their installation of MBAE is working correctly.

The mbae-test.exe utility is available for download from here https://forums.malwa...howtopic=139368


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#75 Dean N

Dean N

    Authentic Member

  • Authentic Member
  • PipPip
  • 152 posts

Posted 15 January 2014 - 08:46 PM

Ken,

 

Thanks for the link...  it's running correctly.


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users