mathun

Thanks! that solved the problem, everything works fine now.

I've been using MBAM for years now, but suddenly today when I tried running the program it wouldn't load up so I uninstalled it and now whenever I try to re-install it I get multiple errors like this(see picture below) during the installation and when it finishes the same problem still exists. I don't know what is going on, but if anyone can help me with this, that would be really appreciated.

edit: seems to work now, strange...

So today I decided to update to windows 8.1 and now I can't connect to this particular site, utsc.utoronto.ca. It works for everyone else but It wont work for me. It worked fine before when I had windows 8. Every other site works fine, ex. google.ca, etc.

I've had this problem since time but never really bothered attempting to fix this until today. The problem is when im on the internet it sometimes just randomly disconnects. I've noticed it happens most of the time when I am on facebook, and youtube. I do not know how to fix this issue, so I'm wondering is anyone here can help me with this issue. I visited facebook few minutes ago, and got disconnected 2 times already, so I end up having to disconnect and replug and modem for it to establish connections. Also, sometimes when it randomly disconnects I get a caution symbol on the tiny computer icon near the bottom right side of the screen and all I have to do it check for solution which resets the connection and saves some time, but other times I have to actually replug the modem which is time consuming. Any idea?

Thanks for the reply, but I think everything is OK now, ran scans with MBAM PRO and MSE, both updated and nothing was detected. Also the freeze doesnt occur now, so I guess it's fine.

Oh geez I think I'm infected, after unistalling Java, everything froze, nothing will open up. I restarted my computer and after the welcome screen I just freeze. Im writing this via safe mode.

Today, after downloading the latest Java version, I went to www.java.com/en/download/help/testvm.xml to test and see if Java is working correctly on my computer. Once on the site, a run box appeared so I immediately clicked run. One second later, MSE detected 2 malicious items and quarantined them. Is this a false positive? Later, when I checked the MSE history I noticed something very strange, in the "detected item" area there was a malicious item called PWS:Win32/Fareit, I have no idea where this came from. I ran a couple scans with MalwareBytes PRO shortly afterwards, and nothing was detected. Do you suppose I am still infected, and what about those Java items that were detected, are those false positives?

Thank you once again for all your help, really appreciate it. System is now clean and safe. Going to go download Windows 7 service pack 1.

Results of screen317's Security Check version 0.99.56 Windows 7 x86 (UAC is enabled) Out of date service pack!! Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 CCleaner Java 7 Update 10 Java SE Development Kit 7 Update 10 Java version out of Date! Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````

It's seems like everything is solved, system is running faster, and didn't experience any black screens on restarts. Thank you so much for all the time and effort you put to helping me remove these infections. THANK YOU! YOU'RE THE BEST! Oh, and is it safe to remove all these files/folders that were created by these application? programdata Qoobox Recovery

Alright, here's the log AdwCleanerS1.txt

Here's the next log. AdwCleanerR1.txt

Nope, nothing matches what is requested. In the Updates folder, I can't only find: mpasbase.vdm mpasdlta.vdm mpavbase.vdm mpavdlta.vdm mpengine.dll

Regarding the first part, I can't seem to find it.

Here's the ComboFix log. ComboFix.txt

No malicious items were detected. :/ system-log.txt mbar-log-2012-12-31 (14-21-05).txt

All requested files have been attached. attach.txt dds.txt RKreport1_S_12312012_02d1403.txt

Problem encountered: When I start up windows, right after the welcome screen all I get is a black screen and only the mouse pointer is visible. So I restarted the computer like 5 times and the problem still occured, but then after like 7 trys the black screen was gone. What is causing this? Could it be a potential Virus that is undetected? Additional Information: Couple days ago I scanned with MalwareBytes Anti-Malware PRO v.1.70.0.1100 and eliminated "Stolen.Data" infection. (It Was a .png file, basically a screen capture of my whole screen), but I noticed that there were several other screen captures, so I immediately deleted them all. The last known downloaded item was MinGW and eclipse c/c++, and this was yesterday. System Information: Operating System: Windows 7 Home Premium 32-bit (6.1, Build 7600) Processor: Pentium(R)Dual-Core CPU E5500 @ 2.80Hz (2CPUS.) ~ 2.8GHZ Memory: 4096MB RAM DirectX Version: DirectX 11 Display: ATI Radeon HD 4300/4500 Series Approx. Total Memory: 2420MB Sound1: Speakers (Realtek High Definition Audio) Sound2: Realtel Digital Output (Realtek High Definition) MBAM Flash Scan log: Malwarebytes Anti-Malware (PRO) 1.70.0.1100 [url="http://www.malwarebytes.org"]www.malwarebytes.org[/url] Database version: v2012.12.31.06 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 mathun :: MATHUN-PC [administrator] Protection: Enabled 31/12/2012 12:46:58 PM mbam-log-2012-12-31 (12-46-58).txt Scan type: Flash scan Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Registry | File System | P2P Objects scanned: 163150 Time elapsed: 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) MBAM Quick Scan log: Malwarebytes Anti-Malware (PRO) 1.70.0.1100 [url="http://www.malwarebytes.org"]www.malwarebytes.org[/url] Database version: v2012.12.31.06 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 mathun :: MATHUN-PC [administrator] Protection: Enabled 31/12/2012 12:58:16 PM mbam-log-2012-12-31 (12-58-16).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 205834 Time elapsed: 2 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Hijackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:01:06 PM, on 31/12/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Lexmark 2600 Series\lxdnmon.exe C:\Program Files\Lexmark 2600 Series\ezprint.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe C:\Users\mathun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3F6WEU7\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.ca/"]http://www.google.ca/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2600 Series\ezprint.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 6181 bytes

*I apologize if this is in the wrong section. Not a problem at all, but I guess it'll look better if the background was removed from the tiny icon .

After update, MBAM protection module stopped starting up with Windows (7), even though all the tooltip under the Protection tab is checked.