Jump to content

Search the Community

Showing results for tags 'Website blocking'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hi there, Something odd appears to be happening here with the site www.discogs.com This is a site which I use constantly to buy and sell music on. I have been using the site for years now and have never encountered a problem - until recently. Some time last week I logged into my Discogs account and Malwarebytes immediately flagged it up and blocked it. This has never happened before so I was puzzled. Malwarebytes flagged up the following: cdn.discogs.com static.discogs.com and www.discogs.com I found that the site i.p was 70.103.226.22 I added all the above to the whitelist section but it seems they're all still blocked, unless I turn OFF 'website blocking' then it allows me on the site. The strange thing is, if I turm website blocking off then turn it back on again, it momentarily allows me to enter the Discogs site but after a minute or so returns to blocking it - despite being whitelisted. Anyone any ideas about this? It's very frustrating as it's stopping me seeling my items on the site unless I turm off my website blocking, which I don't like to do. Any help / comments would be greatly appreciated. Thanks in advance: Quercus.
  2. 195.191.25.60 http://datasource.codetiburon.com/ and http://instagram-showcase.codetiburon.com I have two websites for my Wordpress Plugins presentation. Sites were published about a month ago. Today some customers report, that they couldn't reach these websites, without disabling Malwarebytes' Malicious Website Protection. Popup shows: Detection, 11.06.2015 19:39:28, SYSTEM, DNKO, Protection, Malicious Website Protection, IP, 195.191.25.60, datasource.codetiburon.com, 59329, Outbound, C:\Program Files\Google\Chrome\Application\chrome.exe, Can you please unblock my websites? Thank you.
  3. 167.114.118.63 hxxp://psnprofiles.com/ It's a website for the Playstation community (PS4 / PS3 / PSVita / etc.), providing trophy hunters with trophy tracking, statistics, walkthrough guides and forums. There are over 2,161,655 gamers tracked and 142,058 members, including me. And, as of yesterday afternoon, I couldn't reach this site (that I keep as a permanent tab in my browser) without disabling Malwarebytes' Malicious Website Protection. (And it took me MANY hours and Google searches to finally figure out where the block was, since adding the website domain to my web exclusions list didn't unblock it.) Please, PLEASE unblock this site so I can re-enable the website protection module. Thank you.
  4. Please unblock this website, this is an unwanted block and is losing us business, the site has been up for years? server IP 81.169.145.163
  5. Looks like the malicious web blocker is preventing OpenVPN from connecting to 93.115.83.250 of FreeVPN. It will connect after disabling the web blocker.
  6. Hi! I am the owner of a website called thenannypages.com Recently I was told that your malwarebytes users have been getting a message that my website is coming up as malicious. What can I do to rectify this. I messaged you a few weeks ago, however Malwarebytes responded to me thinking that i was a user not the owner of the site. They told me how to reinstall the newest version of malware. I think they misunderstood my first message. Looking forward to hearing from you. Rachel Adler
  7. Hi! Our nanny website is being blocked by Malware. Are you able to look into it for us? Our website is called thenannypages.com Rachel Adler
  8. Hello, I found a site I regularly use (it is my site) blocked this morning. The URL is http://addbalance.com [64.71.34.51] If there is malware on this site, I need to know. I know I didn't put any there. I've added it to my exception list, but that does not mean others will not be blocked.
  9. I just found my own site blocked. addbalance.com 64.71.34.51 I do not know why. How can I find out? Cross-posted in error to File Detections because that is where I was directed. I am ending that thread.
  10. About 48 hours ago I failed to access the 'adventuresportnq.info' website, webmail, cpanel or wordpress dashboard. I am the site owner and administrator. Response on attempting to access the website was 'Network acess denied' I had disabled both the hardware (Windows 8.1) firewall and AVAST firewall - still no access I lodged a ticket with my host and asked my ISP if they were blocking the site -neither could give me an explanation as to why Access was being denied. I turned off 'enable malicious website blocking' in Malwarebytes and , Hey Presto, all access is restored. Turn it back on again and no access. I've tried to enter a URL In the exclusions but help reveals that I cannot add a URL to the exclusion / whitelist!! Guys, what gives - why are you blocking access to a sporting club website? I need to get this fixed pronto as I've had dozens of phone calls/ texts asking what the probem is - all from Malwarebytes users. regards Mike PS - No file attached as it is not relevant to the problem
  11. Hi! Possibly I've gone blind or something, but I cannot find any obvious way to add ip addresses to the Anti-Malware "Website Blocking" feature. Is there a way for the user to add an ip address (or host name) to the "Website Blocking" feature so it will be blocked, or are we stuck with the list supplied by MalwareBytes? Thanks!
  12. Per suggestion of shadowwar, https://forums.malwarebytes.org/index.php?showtopic=140451&page=2, concerning the 192.168.1.255 outgoing blocked IP today, the following is the dds.txt, the attach.txt, and quick scan...just to be sure there is no malware. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2Run by nowfaith at 15:02:44 on 2014-01-15Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4189 [GMT -5:00].AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\rundll32.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXEC:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXEC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Windows\SysWOW64\RunDll32.exeC:\Windows\system32\SearchIndexer.exeQ:\140066.enu\Office14\MSOSYNC.EXEC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\taskeng.exeC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\splwow64.exeC:\Windows\SysWOW64\ctfmon.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\nowfaith\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeuRun: [OfficeSyncProcess] "C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 9014006604090000"mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguimRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTCP: NameServer = 192.168.1.254TCP: Interfaces\{31BC9210-B550-44B7-ADEE-8EB042D73988}\14454523030343 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{31BC9210-B550-44B7-ADEE-8EB042D73988}\14454534F4449523 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{45DAE3E7-5A7B-41EB-9840-9DAD36F3EF7A} : NameServer = 208.67.222.222,208.67.220.220TCP: Interfaces\{45DAE3E7-5A7B-41EB-9840-9DAD36F3EF7A} : DHCPNameServer = 192.168.1.254Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dllmASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qnx64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn.============= SERVICES / DRIVERS ===============.R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-16 65776]R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-4-16 207904]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-4-16 1034464]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-4-16 422216]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-4-16 78648]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-12 50344]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-12 13592]R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-12 2425960]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 701512]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-12 2656280]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-26 317440]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-4-22 25928]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-12 565352]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-12 79672]S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2011-12-12 133672]S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2011-12-12 620584]S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2011-12-12 89640]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-12-12 39976]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-12 339048]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-23 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2014-01-15 14:52:26 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2014-01-15 13:29:29 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2014-01-15 13:29:28 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2014-01-15 13:29:28 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2014-01-15 13:29:28 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2014-01-15 13:29:28 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2014-01-15 13:29:28 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2014-01-15 13:29:28 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2014-01-15 13:29:26 3156480 ----a-w- C:\Windows\System32\win32k.sys2014-01-15 13:29:24 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2014-01-14 20:52:30 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA25AFB5-FF73-490F-A599-E0467769A152}\offreg.dll2014-01-14 20:51:41 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA25AFB5-FF73-490F-A599-E0467769A152}\mpengine.dll2014-01-12 17:12:00 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys2013-12-26 00:33:09 304128 ----a-w- C:\Windows\IsUninst.exe2013-12-23 23:18:11 -------- d-----w- C:\Program Files (x86)\Audacity.==================== Find3M ====================.2014-01-15 15:36:44 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2014-01-15 15:36:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-01-12 17:11:58 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2014-01-12 17:11:58 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2014-01-12 17:11:58 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2014-01-12 17:11:57 43152 ----a-w- C:\Windows\avastSS.scr2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-23 01:20:09 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe2013-11-23 01:20:09 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll2013-11-19 08:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll2013-10-22 13:12:18 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-10-22 13:12:18 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll.============= FINISH: 15:03:17.43 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 4/22/2012 2:32:54 PMSystem Uptime: 1/15/2014 10:45:55 AM (5 hours ago).Motherboard: Hewlett-Packard | | 1671Processor: Intel® Core i3-2350M CPU @ 2.30GHz | CPU1 | 782/1333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 674 GiB total, 346.834 GiB free.D: is FIXED (NTFS) - 20 GiB total, 2.171 GiB free.E: is FIXED (FAT32) - 4 GiB total, 1.073 GiB free.F: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: Officejet 4500 G510n-zDevice ID: ROOT\IMAGE\0000Manufacturer: HPName: Officejet 4500 G510n-zPNP Device ID: ROOT\IMAGE\0000Service: StillCam.Class GUID: Description: Officejet 4500 G510n-zDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: Name: Officejet 4500 G510n-zPNP Device ID: ROOT\MULTIFUNCTION\0000Service: .Class GUID: Description: Officejet 4500 G510n-zDevice ID: ROOT\MULTIFUNCTION\0001Manufacturer: Name: Officejet 4500 G510n-zPNP Device ID: ROOT\MULTIFUNCTION\0001Service: .Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Officejet 4500 G510n-zDevice ID: ROOT\MULTIFUNCTION\0002Manufacturer: HPName: Officejet 4500 G510n-zPNP Device ID: ROOT\MULTIFUNCTION\0002Service: .==== System Restore Points ===================.RP231: 7/30/2013 3:40:34 PM - Windows UpdateRP232: 7/30/2013 9:58:44 PM - Installed Network64RP233: 8/6/2013 6:39:31 AM - Windows UpdateRP234: 8/9/2013 9:18:27 AM - Windows UpdateRP235: 8/13/2013 9:45:30 AM - Windows UpdateRP236: 8/14/2013 7:18:16 AM - Windows UpdateRP237: 8/20/2013 9:14:34 AM - Windows UpdateRP238: 8/20/2013 11:11:57 AM - Restore OperationRP239: 8/20/2013 11:51:00 AM - Windows UpdateRP240: 8/27/2013 11:56:52 AM - Scheduled CheckpointRP241: 8/27/2013 4:16:07 PM - Windows UpdateRP242: 9/3/2013 8:14:44 AM - Windows UpdateRP243: 9/10/2013 8:00:00 AM - Windows UpdateRP244: 9/12/2013 10:30:23 AM - Windows UpdateRP245: 9/12/2013 2:50:01 PM - Windows UpdateRP246: 9/13/2013 12:31:49 PM - Restore OperationRP247: 9/13/2013 12:42:39 PM - Windows UpdateRP248: 9/13/2013 1:00:12 PM - Restore OperationRP249: 9/13/2013 10:53:37 PM - Windows UpdateRP250: 9/16/2013 11:09:16 PM - Installed Java 7 Update 40RP251: 9/17/2013 7:30:55 AM - Windows UpdateRP252: 9/20/2013 9:42:15 AM - Windows UpdateRP253: 9/24/2013 11:22:19 AM - Windows UpdateRP254: 9/27/2013 2:02:33 PM - Windows UpdateRP255: 10/1/2013 3:33:09 PM - Windows UpdateRP256: 10/8/2013 6:14:18 PM - Windows UpdateRP257: 10/8/2013 10:22:51 PM - Windows UpdateRP258: 10/15/2013 4:58:44 PM - Windows UpdateRP259: 10/17/2013 11:51:55 AM - Installed Java 7 Update 45RP260: 10/22/2013 8:20:35 AM - Windows UpdateRP261: 10/22/2013 9:06:24 AM - avast! antivirus system restore pointRP262: 10/25/2013 9:33:36 AM - Windows UpdateRP263: 10/29/2013 8:59:13 AM - Windows UpdateRP264: 11/1/2013 9:28:45 AM - Windows UpdateRP265: 11/5/2013 6:31:33 AM - Windows UpdateRP266: 11/8/2013 7:14:07 AM - Windows UpdateRP267: 11/12/2013 11:14:40 PM - Windows UpdateRP268: 11/16/2013 11:01:09 PM - Windows UpdateRP269: 11/22/2013 8:11:15 PM - Windows UpdateRP270: 11/22/2013 8:16:22 PM - Windows UpdateRP271: 11/26/2013 8:05:15 AM - Windows UpdateRP272: 11/29/2013 8:57:07 AM - Windows UpdateRP273: 12/3/2013 7:41:27 AM - Windows UpdateRP274: 12/6/2013 11:12:31 AM - Windows UpdateRP275: 12/7/2013 2:12:14 PM - Windows BackupRP276: 12/9/2013 2:01:05 PM - Windows BackupRP277: 12/10/2013 6:42:27 AM - Windows UpdateRP278: 12/11/2013 11:17:55 AM - Windows UpdateRP279: 12/15/2013 11:00:42 AM - Windows BackupRP280: 12/17/2013 7:18:28 AM - Windows UpdateRP281: 12/20/2013 10:02:52 AM - Windows UpdateRP282: 12/24/2013 7:40:28 AM - Windows UpdateRP283: 12/27/2013 2:09:18 PM - Windows UpdateRP284: 12/28/2013 7:04:43 PM - Windows BackupRP285: 12/31/2013 6:43:46 AM - Windows UpdateRP286: 1/3/2014 8:42:13 AM - Windows UpdateRP287: 1/6/2014 12:02:31 PM - Windows BackupRP288: 1/7/2014 9:44:47 AM - Windows UpdateRP289: 1/10/2014 2:01:03 PM - Windows UpdateRP290: 1/12/2014 12:10:32 PM - avast! antivirus system restore pointRP291: 1/14/2014 3:50:46 PM - Windows UpdateRP292: 1/15/2014 9:18:36 AM - Windows UpdateRP293: 1/15/2014 9:50:32 AM - Installed Java 7 Update 51RP294: 1/15/2014 12:30:39 PM - Windows Backup.==== Installed Programs ======================.4500_G510nz_Help4500G510nz4500G510nz_Software_Min64 Bit HP CIO Components InstallerAdobe Flash Player 12 ActiveXAdobe Reader XI (11.0.06)Adobe Shockwave Player 12.0Apple Application SupportApple Software UpdateAudacity 2.0.5AuthenTec TrueAPIavast! Free AntivirusBejeweled 3Blackhawk Striker 2BlioBroadcom 802.11 Wireless LAN AdapterBroadcom Bluetooth SoftwareBroadcom InConcert MaestroBufferChmChuzzle DeluxeCradle of Rome 2CyberLink YouCamD3DX10DocMgrDocProcDora's World AdventureESU for Microsoft Windows 7 SP1Evernote v. 4.2.3Farm FrenzyFarmscapesFATEFinal Drive FuryGoogle ChromeGoogle Update HelperHoyle Card GamesHP Application AssistantHP AutoHP Client ServicesHP Customer Experience EnhancementsHP Customer Participation Program 13.0HP Document Manager 2.0HP DocumentationHP GamesHP MovieStoreHP Officejet 4500 G510n-zHP On Screen DisplayHP Power ManagerHP Quick LaunchHP QuickWebHP Recovery ManagerHP Security AssistantHP SetupHP Setup ManagerHP Smart Web Printing 4.5HP Software FrameworkHP UpdateIDT AudioIntel® Control CenterIntel® Identity Protection Technology 1.2.22.0Intel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyJava 7 Update 51Java Auto UpdaterJavaFX 2.1.1Jewel Match 3Jewel Quest Mysteries: The Seventh Gate Collector's EditionJohn Deere Drive GreenJunk Mail filter updateLetters from Nowhere 2Luxor HDMah Jong MedleyMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMesh RuntimeMicrosoft .NET Framework 4.5.1Microsoft Application Error ReportingMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WSE 3.0 RuntimeMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Network64OCR Software by I.R.I.S. 13.0opensourcePenguins!Plants vs. Zombies - Game of the YearPlayReady PC Runtime x86Poker Superstars IIIPolar BowlerPolar GolferRealtek Ethernet Controller DriverRealtek PCIE Card ReaderRollerCoaster Tycoon 3: PlatinumScanSmartWebPrintingSUPERAntiSpywareswMSMSynaptics TouchPad DriverThe Treasures of Mystery Island: The Ghost ShipToolboxTorchlightUpdate Installer for WildTangent Games AppVIP Access SDK (1.1.0.4) Virtual Villagers 4 - The Tree of LifeWebRegWildTangent Games App (HP Games)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZuma's Revenge.==== Event Viewer Messages From Past Week ========.1/15/2014 12:29:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.1/15/2014 10:47:53 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.1/13/2014 5:37:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.1/12/2014 8:14:58 AM, Error: Microsoft-Windows-Bits-Client [16398] - A new BITS job could not be created. The current job count for the user nowfaith-HP\nowfaith (60) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits..==== End Of File =========================== Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2014.01.15.08 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476nowfaith :: NOWFAITH-HP [administrator] Protection: Enabled 1/15/2014 3:10:16 PMmbam-log-2014-01-15 (15-10-16).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 204471Time elapsed: 3 minute(s), 27 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)Thanks for your reply.
  13. Protection tab: (1) Enable website blocking checkbox selected (2) There is no way to list exceptions to websites that I deem safe for me that you do not think safe (3) logical conclusion: Try the Ignore List tab Ignore List tab: (1) There is not way to list websites that you consider malicious but I know to me ok for me. (2) In fact, there are no options to scanning any websites (3) Suggests to me that this tab was not meant to list any websites that I specifically do not want scanned If I select the Enable Website Blocking option under the Protection Tab, I must accept without exception what you consider to be malicious. All of the browsers I use have this type of protection or similar protection and have an exception list (White List) that I can make exceptions to their black list. Is this by design or am I missing something. It is tiresome to have to disable the option every time I used said site (never a problem with it) and then re-enable the option when I am done. If it is by design, please consider it as a future option to the software. Thanks
  14. Our site runs on 77.73.7.204 (jewelstreet.com), and we got and we got the following error message when accessing it yesterday:- 'Successfully blocked access to a potentially malicious website 77.243.177.53' This message no longer appears, so was it transient, an error or something more serious? We did install the live chat software from LiveZilla (http://www.livezilla.net) yesterday so may be related to that, or simply coincidence? Thanks, Andy.
  15. On the following thread: http://forums.malwarebytes.org/index.php?showtopic=113700 This was mentioned: I visited this link and read down to the bottom, but found nowhere you can block IP addresses from a specific process (such as Utorrent). I can only see where I can turn off the IP blocker entirely. Is there any way I can block a specific process from the IP blocker ("Website Blocking")? I tried entering the process and its folder both into the ignore list of the Malwarebytes client, but it seems that list is only for the scanner and protection module, and not the IP blocker. Thanks for your time.
  16. This is weird, bear with me while I explain. I love website blocking, I use it all the time. When I have website blocking on but I do not have Mozilla Firefox running I get a lot of lag in the system, mouse stutters and jumps, and general degradation of performance. When I launch Firefox it all goes away and everything runs normal. This does not happen with any browser but Firefox. If I have IE or Chrome running but no Firefox I get the performace hit. If I have them all running, no performance hit. If I shut them all down except Firefox no performance hit. If I shut down Firefox the degradation comes back immediately. When website blocking is active Core 0 of my 8350 Vishera octo-core is pegged at 100%. The other 7 cores operate normally. Core 0 (the first core) stays pegged at 100% no matter if a browser is running or not. Performance does not seem to be degraded noticably as long as Firefox is running even though Core 0 is maxed out. When I disable website blocking all the performance issues disappear and the system runs exactly as it should. With website blocking disabled Core 0 goes back to a normal, variable state and is no longer pegged at 100%. Another strange aspect is that nothing of MBAM or it's website blocking module shows up in Task Manager as using a lot of clock cycles. So it was a real pain to isolate the culprit and determine where the problem was coming from. With everything off (browsers and any other programs) and the computer idling Task Manager would show the system at 99% free with nothing spiking any processor clock cycles at all. Yet Core 0 would be pegged at 100% and the laggy performance degradation would still be occurring until Mozilla was launched. Then Core 0 would still be pegged but everything seemed to work as it should. It's like the website blocking module is looking for a browser to work against and not finding one it loops hard. But again, ONLY with Firefox, starting any other browser had no effect one way or the other. The system is running an ASUS Sabertooth 900FX motherboard, an AMD 8350 eight core processor and 16 GB of RAM. So it's got plenty of available resources. The OS is Win7 x64. I'm using CoreTemp and the CoreTemp desktop gadget to monitor the processor state and temperatures. I just turn off website blocking when I don't have Firefox running and turn it back on when I use any browser but I have to launch Firefox as well as whatever other browser I want to use if I want website blocking active. Usually I don't bother because I don't surf with anything but Firefox due to add-ons like ABP and No-Script. I use the other browsers for HTML controlled local nodes like routers, firewalls, cameras, etc. so they're not really a threat. It's not a big deal and as soon as I close Firefox the lag reminds me to disable website blocking. It's an easy workaround and I'm not complaining- I'm describing the situation to you to help you diagnose these lag issues that website blocking seems to be causing. If my efforts aren't helpful then feel free to ignore them.
  17. I just activated MB Pro on Win 7 Home Premium 64 bit OS. I can't enable website blocking and the icon is grey. What can I do to fix it? ------------------------------------------------------------ DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.15.2 Run by Gary at 23:55:01 on 2013-03-30 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6057.2297 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\crypserv.exe C:\Windows\system32\spool\DRIVERS\x64\3\dleeserv.exe C:\Windows\system32\dleecoms.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Windows\system32\mfevtps.exe C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe C:\Program Files (x86)\BrainBullet\Brain Bullet.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Quicken\bagent.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Users\Gary\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Users\Gary\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Users\Gary\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe C:\Program Files (x86)\BrainBullet\mblit.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Microsoft Expression\Web 4\ExpressionWeb.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Windows\system32\taskeng.exe C:\Windows\hh.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve BHO: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll BHO: {2adefb8e-b923-35e6-86e2-2b7841f5d2a2} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll BHO: {99079a25-328f-4bd4-be04-00955acaa0a7} - <orphaned> BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: {f653d037-97fa-4755-98c1-7f382eeb59a7} - <orphaned> TB: The Weather Channel Toolbar: {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWOW64\TwcToolbarIe7.dll TB: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll uRun: [iBP] <no file> mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Dell V715w] "C:\Program Files (x86)\Dell V715w\fm3032.exe" /s mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Gary\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Gary\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Gary\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: LastPass - C:\Users\Gary\AppData\LocalLow\LastPass\context.html?cmd=lastpass IE: LastPass Fill Forms - C:\Users\Gary\AppData\LocalLow\LastPass\context.html?cmd=fillforms IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB TCP: NameServer = 192.168.0.1 205.171.3.25 192.168.1.1 TCP: Interfaces\{FE327F07-E0F5-40C3-A72E-9B83A3EEA755} : DHCPNameServer = 192.168.0.1 205.171.3.25 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= ??? SSODL: WebCheck - <orphaned> x64-mWinlogon: Userinit = userinit.exe, x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet x64-Run: [dleemon.exe] .EXE" x64-Run: [EzPrint] T.EXE" x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-Run: [Windows Mobile Device Center] DOWSMOBILE\WMDC.EXE x64-Run: [igfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE x64-Run: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE x64-Run: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned> x64-Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - <orphaned> x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\vbgubumw.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\NP1cStub.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll FF - plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll FF - plugin: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Gary\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: !HIDDEN! 2012-11-18 14:47; 1cffxtbr@BringMeSports_1c.com; C:\Program Files (x86)\BringMeSports_1c\bar\1.bin FF - ExtSQL: !HIDDEN! 2012-11-18 14:54; 64ffxtbr@TelevisionFanatic.com; C:\Program Files (x86)\TelevisionFanatic\bar\1.bin . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 94a693cc000000000000c018855fc1a2 FF - user.js: extensions.BabylonToolbar_i.hardId - 94a693cc000000000000c018855fc1a2 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15459 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1719:08:22 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-7-17 771536] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-7-17 340216] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-11 55856] R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-3-16 30752] R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-3-22 168536] R2 dlee_device;dlee_device;C:\Windows\System32\dleecoms.exe -service --> C:\Windows\System32\dleecoms.exe -service [?] R2 dleeCATSCustConnectService;dleeCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\dleeserv.exe [2009-7-1 45224] R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-3-19 1070080] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-30 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-30 682344] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-1-19 201304] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-1-19 201304] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2013-1-19 241456] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-19 218760] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-1-19 182752] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2012-10-30 230416] R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2013-3-16 82160] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-11 317440] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-30 24176] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-1-19 309840] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-1-19 515968] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-11 539240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?] S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-1-19 201304] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S3 Ant App service;File1 Application service;C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [2013-2-5 504816] S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-1-19 70112] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-1-19 196440] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2013-1-19 106552] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-2 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-2 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-2 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-18 1255736] S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608] S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-4-11 1695040] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S4 Updater Service for AMZN;Updater Service for AMZN;C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2012-1-27 203776] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .reg: Regedit.Document=c:\Winnt\Regedit.exe %1 . =============== Created Last 30 ================ . 2013-03-30 21:26:27 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-30 21:26:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-30 03:09:21 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-03-30 03:09:12 -------- d-----w- C:\Program Files (x86)\Microsoft Expression 2013-03-23 21:23:21 4200304 ----a-w- C:\Windows\SysWow64\cdintf400.dll 2013-03-23 21:22:58 -------- d-----w- C:\Program Files (x86)\Quicken 2013-03-23 20:52:44 -------- d-----w- C:\Users\Gary\AppData\Local\Akamai 2013-03-22 21:00:02 5664768 ----a-w- C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktop.msi 2013-03-20 23:12:45 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys 2013-03-20 23:12:45 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-03-16 15:03:58 2155688 ----a-w- C:\Windows\System32\Incinerator64.dll 2013-03-16 15:03:57 2097472 ----a-w- C:\Windows\SysWow64\Incinerator32.dll 2013-03-16 15:03:44 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys 2013-03-16 15:03:43 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe 2013-03-16 15:03:43 26184 ----a-w- C:\Windows\System32\smrgdf.exe 2013-03-16 15:03:41 69000 ----a-w- C:\Windows\System32\offreg.dll 2013-03-16 15:03:41 56200 ----a-w- C:\Windows\SysWow64\offreg.dll 2013-03-16 15:01:07 30752 ----a-w- C:\Windows\System32\drivers\ElRawDsk.sys 2013-03-16 14:45:33 -------- d-----w- C:\Users\Gary\AppData\Roaming\iolo 2013-03-09 21:18:48 -------- d-----w- C:\Program Files (x86)\Market Samurai 2013-03-09 02:24:53 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat 2013-03-09 02:24:44 -------- d-----w- C:\ProgramData\iolo 2013-03-09 02:24:44 -------- d-----w- C:\Program Files (x86)\iolo 2013-03-04 02:44:52 -------- d-----w- C:\Users\Gary\AppData\Local\WinZip Courier 2013-03-04 02:43:32 -------- d-----w- C:\ProgramData\WinZipEC 2013-03-03 05:02:22 -------- d-----w- C:\Users\Gary\.buzzbundle . ==================== Find3M ==================== . 2013-03-13 01:58:51 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 01:58:51 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-26 22:56:07 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-26 22:56:07 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-02-26 22:56:07 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-19 19:59:06 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2013-02-19 19:56:26 340216 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2013-02-19 19:56:14 182752 ----a-w- C:\Windows\System32\mfevtps.exe 2013-02-19 19:55:26 10728 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys 2013-02-19 19:55:14 106552 ----a-w- C:\Windows\System32\drivers\mferkdet.sys 2013-02-19 19:54:32 771536 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2013-02-19 19:53:42 515968 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2013-02-19 19:53:02 309840 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2013-02-19 19:52:44 179280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys 2013-02-13 01:37:03 60864 ----a-w- C:\Users\Gary\g2mdlhlpx.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-19 01:39:08 16200 ----a-w- C:\Windows\stinger.sys 2013-01-17 07:06:12 711168 ----a-w- C:\Windows\is-ROM38.exe 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 23:55:41.30 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 4/17/2012 5:17:41 PM System Uptime: 3/30/2013 3:22:36 PM (8 hours ago) . Motherboard: Dell Inc. | | 0GDG8Y Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 917 GiB total, 601.953 GiB free. D: is CDROM () E: is Removable F: is Removable G: is FIXED (NTFS) - 466 GiB total, 172.804 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: DriverX Device ID: ROOT\LEGACY_DRIVERX\0000 Manufacturer: Name: DriverX PNP Device ID: ROOT\LEGACY_DRIVERX\0000 Service: DriverX . ==== System Restore Points =================== . RP177: 3/24/2013 1:00:46 AM - Windows Backup RP178: 3/29/2013 9:19:22 AM - Installed Microsoft Fix it 50565 RP179: 3/29/2013 10:09:36 PM - Installed DirectX . ==== Installed Programs ====================== . 7-Zip 9.20 ABBYY FineReader 6.0 Sprint Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.02) AFC Administrator Akamai NetSession Interface Amazon Browser Bar AnswerWorks 5.0 English Runtime Apple Application Support Apple Mobile Device Support Apple Software Update ARTWare Audacity 2.0.2 Auto Adsense Site Creator 1.1 Backlink Machine version 1.0 Bejeweled 2 Deluxe Bing Ads Intelligence Bing Desktop Blackhawk Striker 2 Blio Bonjour Bounce Symphony BringMeSports Toolbar Build-a-lot 2 C-Stor Lite Cake Mania calibre Camtasia Studio 8 CDBurnerXP CherryPicker Chuzzle Deluxe Conexant HD Audio Consumer In-Home Service Agreement Cozi D3DX10 Data Lifeguard Diagnostic for Windows Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Edoc Viewer Dell Getting Started Guide Dell MusicStage Dell PhotoStage Dell Stage Dell Stage Remote Dell Support Center Dell System Detect Dell Toolbar Dell V715w Dell V720 Series Uninstaller Dell VideoStage DHTML Editing Component Diner Dash 2 Restaurant Rescue DirectX 9 Runtime Domain Sniper version 1.0 Dora's World Adventure Dropbox Easy CD and DVD Cover Creator 4.12 eBay Escape Whisper Valley Evolution Farm Frenzy Fast Content Producer FATE File Type Assistant File1 Package Manager FileZilla Client 3.6.0.2 Final Drive Fury Final Drive Nitro FLV Player Free File Viewer 2012 Free Monitor for Google 2.5 Free PDF Unlocker FreeMind FuelMaster Plus Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin Lifetime Updater GIMP 2.8.2 Google AdWords Editor Google Chrome Google Drive Google Earth Plug-in Google Update Helper GoToMeeting 5.4.0.1082 High-Definition Video Playback IBP 12.0 IHMC CmapTools v5.05 Inbox Toolbar Inkscape 0.47 InstaCodecs InstallIQ Updater Intel® Processor Graphics iolo technologies' System Mechanic iSEEK AnswerWorks English Runtime iTunes Java 7 Update 15 Java Auto Updater JavaFX 2.1.1 Jewel Quest Jewel Quest Solitaire 2 Jing Junk Mail filter update Keyword Blaze Kindle eBook Generator 1.5 LastPass (uninstall only) Logitech Desktop Messenger Logitech Resource Center Luxor Malwarebytes Anti-Malware version 1.70.0.1100 Market Samurai McAfee SecurityCenter Mesh Runtime Micro Niche Finder 5.0 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Expression Web 4 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Outlook Hotmail Connector 64-bit Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Namco All-Stars PAC-MAN Nero 10 Movie ThemePack Basic Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Update NicheSponder Nitro Reader 3 Outlook Setup Tool PDF Password Remover Penguins! PhotoShowExpress Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer PrimoPDF -- brought to you by Nitro PDF Software QMA Tool QuickBooks Connection Diagnostic Tool QuickBooks Pro 2008 Quicken 2010 Quicken 2013 Rank Tracker RBVirtualFolder64Inst Reader for PC RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer RealUpgrade 1.1 Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup Samantha Swift SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Sansa Updater Sapphire Management Suite 1.11.00 10222010 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition Shared C Run-time for x64 Simple Search-Replace SimpleOCR 3.1 Skype™ 6.1 Sonic CinePlayer Decoder Pack SupportSoft Assisted Service SyncUP System Checkup 3.4 The Weather Channel App The Weather Channel Toolbar Torch Traffic Travis 4.1.0 TrustedID TrustedID IDMonitor Identity Protection Turbo Lister 2 TVUPlayer 2.5.3.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life VP6 Decoder Wedding Dash - Ready, Aim, Love! WildTangent Games WildTangent Games App (Dell Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Center WinRAR 4.20 (32-bit) WinRAR 4.20 (64-bit) WinZip Yahoo! Software Update Zinio Reader 4 Zipeg Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 3/30/2013 3:26:24 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed. 3/30/2013 3:26:16 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 3/30/2013 3:26:16 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 3/30/2013 3:24:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/30/2013 3:23:11 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 3/30/2013 3:23:10 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 3/30/2013 3:23:08 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 3/30/2013 3:23:08 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 3/30/2013 3:23:08 PM, Error: Service Control Manager [7000] - The DriverX service failed to start due to the following error: This driver has been blocked from loading 3/30/2013 3:23:08 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\driverx.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 3/29/2013 9:53:44 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 3/29/2013 10:10:17 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 3/29/2013 10:06:47 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 3/27/2013 9:05:26 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 3/25/2013 4:24:43 PM, Error: volmgr [46] - Crash dump initialization failed! 3/24/2013 4:10:30 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File =========================== CheckResults.txt
  18. I recently installed Malwarebytes Pro on my Windows XP Home desktop. I noticed that when performing an update or starting the Website Blocking (IP Protection) causes the CPU to ramp up to 100%. Upon reviewing the protection log files, it looks like it is regularly taking about 4 minutes from the the start of IP Protection until the time IP Protection is loaded. After service is up and running, everything else seems relatively normal. I don't experience any further performance issues. I'm running Avast Free v8. Any help would be much appreciated.
  19. *Sigh* I made this request months ago, but it went ignored. I'll take the squeaky wheel approach. I have other programs that do website blocking. I can also block with my host file and with dns cache poisoning on my router. I don't need or want MBAM to do it. Yet, it still turns gray when I disable that feature, even though the scanner is still running. I've gotten so accustomed to ignoring that gray icon's false alarm thing, that I've failed to notice that the scanning component has been off for days... I know you guys probably have a complicated development roadmap, but FOR THE LOVE OF ALL THINGS SACRED please use a different icon (perhaps red, or with an exclamation point sign) when this blocker is down but the scanner is *ON*! It wouldn't be tough at all!
  20. Please see attached. Thanks for all the help. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2 Run by Roberto at 20:40:26 on 2013-02-10 Microsoft Windows 7 Ultimate N 6.1.7601.1.1252.1.1033.18.957.168 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\WUDFHost.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com/?pc=ZUGO&form=ZGAPHP uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x08d7 -f video -m logitech -d 11.80.1048.0 mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{53A47B53-8574-47E6-8A71-B57CEC3DC5B8} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{EA2F6500-8944-4021-A7DF-9A49E71CC5CA} : DHCPNameServer = 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll SSODL: WebCheck - <orphaned> SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\roberto\appdata\roaming\mozilla\firefox\profiles\rjqu0jwu.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000031&locale=en_US&apn_uid=F0B5871E-9430-448C-97B2-FE1D1EFBFDC5&apn_ptnrs=TV&apn_sauid=23A0AA0A-024D-48C1-97A5-0937AAC55601&apn_dtid=YYYYYYYYUS&&q= FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-2-10 682344] R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-3-17 2296696] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-2-10 21104] R3 netr28u;Belkin USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-8-5 750592] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048] RUnknown SASKUTIL;SASKUTIL; [x] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-3-17 22504] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-3-17 1153368] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536] S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2011-6-19 1501696] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 rt70x86;Belkin Wireless G USB Network Adapter Driver for Vista;c:\windows\system32\drivers\netr70.sys [2007-10-9 291840] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-18 1343400] . =============== Created Last 30 ================ . 2013-02-11 01:32:15 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f03f9822-9845-4dc9-ba6c-11a3293d00a7}\offreg.dll 2013-02-11 01:19:09 -------- d-----r- c:\program files\Skype 2013-02-11 01:05:00 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-11 01:05:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-02-10 03:55:48 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f03f9822-9845-4dc9-ba6c-11a3293d00a7}\mpengine.dll 2013-02-09 19:20:35 -------- d-----w- c:\programdata\McAfee Security Scan 2013-02-09 19:20:21 -------- d-----w- c:\program files\McAfee Security Scan 2013-02-09 19:19:37 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-02-09 19:17:25 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll . ==================== Find3M ==================== . 2013-02-09 19:19:20 861088 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-02-09 19:19:20 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe 2012-12-27 01:03:01 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-27 01:03:01 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll 2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll 2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe 2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll 2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll 2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb . ============= FINISH: 20:41:30.19 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate N Boot Device: \Device\HarddiskVolume1 Install Date: 3/18/2011 11:50:05 AM System Uptime: 2/10/2013 4:21:23 PM (4 hours ago) . Motherboard: FOXCONN | | G41S/G41S-K Processor: Genuine Intel® CPU 2160 @ 1.80GHz | Socket775 | 1803/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 437.745 GiB free. F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318} Description: CD-ROM Drive Device ID: IDE\CDROMATAPI_IHAS224___B_______________________GL05____\5&93BC553&0&0.1.0 Manufacturer: (Standard CD-ROM drives) Name: ATAPI iHAS224 B ATA Device PNP Device ID: IDE\CDROMATAPI_IHAS224___B_______________________GL05____\5&93BC553&0&0.1.0 Service: cdrom . ==== System Restore Points =================== . RP236: 1/10/2013 3:36:19 AM - Windows Update RP237: 1/13/2013 10:49:26 PM - Windows Update RP238: 1/14/2013 8:08:03 PM - Installed Java 7 Update 11 RP239: 1/18/2013 12:12:45 AM - Windows Update RP240: 1/21/2013 2:37:34 PM - Windows Update RP241: 1/24/2013 10:51:43 PM - Windows Update RP242: 1/28/2013 11:31:30 PM - Windows Update RP243: 2/1/2013 5:05:27 PM - Windows Update RP244: 2/4/2013 10:52:54 PM - Windows Update RP245: 2/7/2013 11:27:22 PM - Windows Update RP246: 2/9/2013 2:16:52 PM - Installed Java 7 Update 13 . ==== Installed Programs ====================== . 1Click DVD Copy 5.8.3.0 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) Adobe Shockwave Player 11.6 Ask Toolbar Ask Toolbar Updater Belkin F6D4050 Enhanced Wireless USB Adapter Compatibility Pack for the 2007 Office system CPUID CPU-Z 1.57 ffdshow v1.1.3562 [2010-09-07] Java 7 Update 13 Java Auto Updater Java 6 Update 37 Malwarebytes Anti-Malware version 1.70.0.1100 McAfee Security Scan Plus Microsoft .NET Framework 4 Client Profile Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 18.0.2 (x86 en-US) Mozilla Maintenance Service Norton Internet Security Paint.NET v3.5.10 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Skype™ 6.1 SpeedFan (remove only) Spybot - Search & Destroy SpywareBlaster 4.4 swMSM TeamViewer 6 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VLC media player 1.1.7 WinRAR 4.00 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 2/9/2013 2:23:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1943.0). 2/9/2013 2:21:54 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1943.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/9/2013 2:21:48 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/9/2013 2:21:48 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/9/2013 10:57:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1969.0). 2/9/2013 10:56:17 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1969.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/9/2013 10:56:09 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/9/2013 10:56:09 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/9/2013 10:56:08 PM, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed. 2/9/2013 10:56:08 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion. 2/7/2013 11:30:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1848.0). 2/7/2013 11:28:59 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1848.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/7/2013 11:28:52 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/7/2013 11:28:52 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/6/2013 11:16:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1696.0). 2/6/2013 11:14:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1696.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/6/2013 11:14:41 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/6/2013 11:14:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/5/2013 10:51:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1636.0). 2/5/2013 10:50:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1636.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/5/2013 10:50:12 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/5/2013 10:50:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/4/2013 2:33:07 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1463.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80072f76 Error description: The requested header was not found 2/4/2013 10:56:04 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1551.0). 2/4/2013 10:54:44 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1551.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/4/2013 10:54:36 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/4/2013 10:54:36 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/3/2013 11:26:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.143.1463.0). 2/3/2013 11:25:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.1463.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80070643 Error description: Fatal error during installation. 2/3/2013 11:25:28 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: 2.0.8001.0 Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 2/3/2013 11:25:28 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 11.159.0.0 Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 2.0.8001.0 Error code: 0x8007042c Error description: The dependency service or group failed to start. 2/10/2013 4:22:20 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 2/10/2013 4:21:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 2/10/2013 4:21:50 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 2/10/2013 4:21:49 PM, Error: Service Control Manager [7023] - The Zd1211u(zydas) service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:45 PM, Error: Service Control Manager [7023] - The Nimxdfk service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:45 PM, Error: Service Control Manager [7023] - The Iviregmgr service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:45 PM, Error: Service Control Manager [7023] - The HIDSwvd service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:45 PM, Error: Service Control Manager [7023] - The Eplpdx02 service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:45 PM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed. 2/10/2013 4:21:45 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 2/10/2013 4:21:44 PM, Error: Service Control Manager [7023] - The Xfactorae1 service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:44 PM, Error: Service Control Manager [7023] - The Rupsmon service terminated with the following error: The specified module could not be found. 2/10/2013 4:21:44 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. . ==== End Of File ===========================
  21. Hi, this is my first time posting here in your forums, though I have had your product for a long time now. A while back (few months or so) I noticed that the IP module was changed from "Enabled" to "Partially Enabled" and that the malicious website blocking box was unchecked. I tried to check it but it doesn't turn back on. I have followed the FAQ section K for the Avast! 6 exclusions and rebooted, but nothing has changed. I have run numerous scans and tested my other protection software. Malwarebytes website blocking seems to be the only thing having trouble turning on. I have Windows 7 64bit. I use Avast! Internet Security 7, Spybot Search & Destroy 1.6 and sometimes clean up with CCleaner. I read somewhere about someone who had my problem and was asked to paste the scan log from RougeKiller (just the log, not to fix anything). I'll paste mine here in case that helps get the ball rolling. Please let me know what else I should use to get a scan log. RogueKiller V8.4.3 _x64_ [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Sivie [Admin rights] Mode : Scan -- Date : 01/19/2013 12:04:12 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [TASK][sUSP PATH] winupd : C:\Users\Sivie\AppData\Local\Temp:winupd.exe -> FOUND [HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowMyDocs (0) -> FOUND [HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowMyPics (0) -> FOUND [HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_TrackProgs (0) -> FOUND [HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000AAKX-001CA SCSI Disk Device +++++ --- User --- [MBR] 40b0a84d76d8d6c73ab5d025006b5d35 [bSP] 6a9d56f5cf2c5703b7c73733e02cf1ff : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2]_S_01192013_02d1204.txt >> RKreport[1]_S_11122012_02d1012.txt ; RKreport[2]_S_01192013_02d1204.txt Btw, I had to make a second scan because I recently ran a registry cleaner and there were a lot of issues to fix. I wasn't sure if this would have an affect on the log or not.
  22. When I updated to version 1.60.0.1800 of Malwarebytes Pro, I noticed that the checkbox next to "Website Blocking" (right-click on system tray icon and left click on "Website Blocking") was unchecked and no matter what I did I was unable to get it checked. This continued as long as I had that version and it's the same in the current 1.60.1.1000 version. I am NOT a computer novice and I strongly believe this is a bug that was introduced into recent versions of the software. The same complaint can be found in the forum thread here http://forums.malwarebytes.org/index.php?showtopic=104252 In that thread, one of the Admin's posted a response that said, "No, this is not a bug. The time it takes to load the IP blocker is simply to unload and load MBAM's database. On Windows 7 and Vista this is expected behavior to take a while." I have tried to "check" the box and then looked at it again many minutes/hours later, and it remains unchecked. I have restarted my computer many times, and it remains unchecked. In response to someone else in that thread, this Admin said, "How many times do you attempt to check the box after it is left unchecked? Please: Right click on the tray icon for MBAM and exit protection module. Start the main scanner and go to the protection tab. Ensure 'Start malicious website blocking when protection module start.' is checked. Check 'Enable protection module.' Within the system tray verify if the website blocking option is checked. If it is not. Please check it once. Best practice is to watch Task Manager and look for svchost process using up high CPU. Once it settles down, it's done. If it is still unchecked after that, please check it once more. After that, visit our IP test site: iptest.malwarebytes.org " I have done all of that and the test site said, "If you are able to reach this page it means that IP protection is disabled on your machine." Please tell me why "Website Blocking" is not working on my machine. Thank you!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.