Jump to content

Big_Shifty

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Big_Shifty
    I am trying to fix my sister's laptop which previously had I believe one or possibly 2 rootkits, some virus' and trojans (yeah she seems to have knack for ruining her computers). I was having a lot of trouble initially, found a topic on here which led me to using chameleon and that seemed to kick things off to get (what I believe) to be everything off. Initially any anti virus wouldn't install properly, and malwarebytes would try to run but would eventually not respond and couldn't complete the scan. It did, I ran it a few times, ran avg free a few times, and in the end uninstalled most and only have malwarebytes (pro) and commodo dragon. The issue now is unlike my pc which runs both and has malwarebytes start up with the computer using the active protection, on the laptop it will not start up. I can manually load it, and scans fine finding nothing, but once I try to click the scheduler or the enable protection module button, i get an error which reads "An error has occurred. Please report this issue to our support team (include the content of all error message(s) and code(s) in your submission) PROGRAM_ERROR_PROTECTION_MODULE (1068, 0, ProtectionEnable)" I double checked, that's the code exactly as it reads. If I click scheduler, it's the same code only with this below that same error message listed above "The dependency service or group failed to start". Before the generic comments which I've been reading over and over on this forum as suggested, yes I tried to use the MBAMclean uninstaller and reinstalled using both the installer posted on the forums, and another time using the installer given to me when I bought the licenses for the protection module. I tried running it in safe mode, I've disabled commodo while installing/uninstalling, I still get no more error messages, but still am unable to have Malwarebytes run live in the background. Any help would be greatly appreciated, thank you! Here is the DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by Kristen at 17:52:01 on 2012-07-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1979.1063 [GMT -4:00] . AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Windows\System32\StikyNot.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Logitech\Vid HD\Vid.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\AOL\1280359235\ee\aolsoftware.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\WinZip\WZQKPICK.EXE C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Users\Kristen\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\Users\Kristen\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: {01aaf6ef-e9ee-4030-a5fd-d63f1ce5106d} - C:\Users\Kristen\AppData\Local\Servicex86_x64.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [DriverFinder] C:\Program Files (x86)\DriverFinder\DriverFinder.exe uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode uRun: [Google Update] "C:\Users\Kristen\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1280359235\ee\AOLSoftware.exe mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files (x86)\WinZip\WZQKPICK.EXE mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: DhcpNameServer = 167.206.254.1 167.206.254.2 TCP: Interfaces\{F19EA1D7-803A-4B44-B142-1BA0BAACFDCE} : NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{F677AB83-37FC-40EF-B7CC-EBA4D8AF551B} : NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{F677AB83-37FC-40EF-B7CC-EBA4D8AF551B} : DhcpNameServer = 167.206.254.1 167.206.254.2 TCP: Interfaces\{F677AB83-37FC-40EF-B7CC-EBA4D8AF551B}\B4C45475 : DhcpNameServer = 192.168.2.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL C:\Users\Kristen\AppData\Local\Servicex86_x64.dll BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1280359235\ee\AOLSoftware.exe mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide mRun-x64: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\system32\DRIVERS\cmderd.sys --> C:\Windows\system32\DRIVERS\cmderd.sys [?] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-7-3 469136] R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992] R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-4-30 190488] R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-1 227896] R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 !SASCORE;SAS Core Service;"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" --> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-7 654408] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] S3 LVUVC64;Logitech QuickCam E3500(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-07-07 21:04:22 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7E452D9-1188-434D-8FF0-0506248C5BF1}\offreg.dll 2012-07-07 19:48:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-07-07 08:52:21 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-07-07 08:52:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-07-07 08:52:21 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-07-07 08:52:21 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-07-07 08:52:21 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-07-07 08:52:21 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-07-07 08:52:21 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-07-07 08:47:47 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-07-07 08:47:47 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-07-07 08:47:47 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-07-07 08:47:46 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-07-07 08:47:46 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-07-07 08:47:46 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-07-07 08:40:01 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-07-07 08:39:43 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-07-07 08:39:42 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-07-07 06:34:41 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-07-07 06:34:15 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-07-07 06:33:59 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-07-07 06:33:59 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-07-07 06:06:37 7199568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-07-07 06:06:30 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7E452D9-1188-434D-8FF0-0506248C5BF1}\mpengine.dll 2012-07-06 21:31:57 -------- d-----w- C:\Users\Kristen\AppData\Roaming\Malwarebytes 2012-07-06 21:31:45 -------- d-----w- C:\ProgramData\Malwarebytes 2012-07-06 17:45:24 -------- d-----w- C:\ProgramData\CPA_VA 2012-07-06 17:36:44 -------- d-----w- C:\ProgramData\Comodo 2012-07-06 17:36:34 -------- d-----w- C:\Program Files\COMODO 2012-07-06 17:36:20 -------- d-----w- C:\Users\Kristen\AppData\Local\Comodo 2012-07-06 17:36:08 -------- d-----w- C:\Program Files (x86)\Comodo 2012-07-06 17:35:45 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2012-07-06 17:35:45 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll 2012-07-06 16:28:04 -------- d-----w- C:\Users\Kristen\AppData\Roaming\AVG 2012-07-06 15:32:58 -------- d-----w- C:\ProgramData\MFAData 2012-07-06 06:42:58 -------- d-----w- C:\Program Files\iPod 2012-07-06 06:42:57 -------- d-----w- C:\Program Files\iTunes 2012-07-06 06:42:57 -------- d-----w- C:\Program Files (x86)\iTunes 2012-07-06 06:39:08 -------- d-----w- C:\Program Files\Bonjour 2012-07-06 06:39:08 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-07-06 06:23:23 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-07-06 06:01:13 -------- d-----w- C:\Users\Kristen\AppData\Local\Google 2012-07-06 06:00:53 -------- d-----w- C:\Users\Kristen\AppData\Local\Apps 2012-07-06 06:00:52 -------- d-----w- C:\Users\Kristen\AppData\Local\Deployment . ==================== Find3M ==================== . 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-20 03:45:41 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-04-20 03:16:44 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts . ============= FINISH: 18:02:33.28 =============== Attach.txt
  2. Big_Shifty
    I am trying to fix my sister's laptop which previously had I believe one or possibly 2 rootkits, some virus' and trojans (yeah she seems to have knack for ruining her computers). I was having a lot of trouble initially, found a topic on here which led me to using chameleon and that seemed to kick things off to get (what I believe) to be everything off. Initially any anti virus wouldn't install properly, and malwarebytes would try to run but would eventually not respond and couldn't complete the scan. It did, I ran it a few times, ran avg free a few times, and in the end uninstalled most and only have malwarebytes (pro) and commodo dragon. The issue now is unlike my pc which runs both and has malwarebytes start up with the computer using the active protection, on the laptop it will not start up. I can manually load it, and scans fine finding nothing, but once I try to click the scheduler or the enable protection module button, i get an error which reads "An error has occurred. Please report this issue to our support team (include the content of all error message(s) and code(s) in your submission) PROGRAM_ERROR_PROTECTION_MODULE (1068, 0, ProtectionEnable)" I double checked, that's the code exactly as it reads. If I click scheduler, it's the same code only with this below that same error message listed above "The dependency service or group failed to start". Before the generic comments which I've been reading over and over on this forum as suggested, yes I tried to use the MBAMclean uninstaller and reinstalled using both the installer posted on the forums, and another time using the installer given to me when I bought the licenses for the protection module. I tried running it in safe mode, I've disabled commodo while installing/uninstalling, I still get no more error messages, but still am unable to have Malwarebytes run live in the background. Any help would be greatly appreciated, thank you! ---Sean
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.