Jump to content

Recommended Posts

I'm having a problem where my firewall gets disabled on start-up every boot. I have to then go and turn it on manually every time. The other part of this problem is, when using iTunes, the Bonjour service gets disabled on start up aswell, preventing me from acessing the network features of the program, like thi iTunes store, etc.

I've run Malwarebytes scan and shown no infection.

What can I do?

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Honeybush at 10:36:57 on 2011-11-23

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.781 [GMT -10:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\taskhost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Users\Honeybush\Local Settings\Apps\F.lux\flux.exe

C:\Users\Honeybush\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\msiexec.exe

C:\windows\system32\vssvc.exe

C:\windows\System32\svchost.exe -k swprv

C:\Windows\system32\MsiExec.exe

C:\windows\system32\consent.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "C:\Users\Honeybush\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [F.lux] "C:\Users\Honeybush\Local Settings\Apps\F.lux\flux.exe" /noshow

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

StartupFolder: C:\Users\HONEYB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

TCP: DhcpNameServer = 192.168.200.1

TCP: Interfaces\{8F83ED9B-13B2-41FC-AE95-94074D647522} : DhcpNameServer = 192.168.200.1

TCP: Interfaces\{8F83ED9B-13B2-41FC-AE95-94074D647522}\2616976627F6E64796E6E623 : DhcpNameServer = 192.168.5.1

TCP: Interfaces\{8F83ED9B-13B2-41FC-AE95-94074D647522}\341627D656C602D496373796F6E60294E6E6 : DhcpNameServer = 12.127.17.72 12.127.16.67 4.2.2.2

TCP: Interfaces\{8F83ED9B-13B2-41FC-AE95-94074D647522}\94E666F627D616E45647 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{8F83ED9B-13B2-41FC-AE95-94074D647522}\A456666602845697375627723702E4564777F627B6 : DhcpNameServer = 10.1.10.1

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun-x64: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Honeybush\AppData\Roaming\Mozilla\Firefox\Profiles\eqh8e6k3.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Honeybush\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]

R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2011-9-27 20480]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-3-9 5352960]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2011-9-25 103792]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2011-9-25 126392]

R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atipmdag.sys --> C:\windows\system32\DRIVERS\atipmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]

R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-9-25 54136]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-25 135664]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-25 135664]

S3 HDJCtrl;Hercules DJ Control MP3 Service;C:\windows\system32\Drivers\HDJCtrl.sys --> C:\windows\system32\Drivers\HDJCtrl.sys [?]

S3 HDJMidi;Hercules DJ Control MP3 MIDI;C:\windows\system32\DRIVERS\HDJMidi.sys --> C:\windows\system32\DRIVERS\HDJMidi.sys [?]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]

S3 NMRKUSBA;Numark USB2 WDM;C:\windows\system32\drivers\nmrkusba.sys --> C:\windows\system32\drivers\nmrkusba.sys [?]

S3 NMRKUSBU;Numark USB2 driver;C:\windows\system32\Drivers\nmrkusbu.sys --> C:\windows\system32\Drivers\nmrkusbu.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-11-23 18:07:51 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4388EFA4-967B-4F83-81CC-827458B8EECF}\offreg.dll

2011-11-23 17:01:43 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4388EFA4-967B-4F83-81CC-827458B8EECF}\mpengine.dll

2011-11-22 07:16:21 -------- d-----w- C:\Program Files\iPod

2011-11-22 07:16:20 -------- d-----w- C:\Program Files\iTunes

2011-11-22 07:16:20 -------- d-----w- C:\Program Files (x86)\iTunes

2011-11-22 07:14:01 -------- d-----w- C:\Program Files\Bonjour

2011-11-22 07:14:01 -------- d-----w- C:\Program Files (x86)\Bonjour

2011-11-22 05:54:01 -------- d-----w- C:\Users\Honeybush\AppData\Local\ElevatedDiagnostics

2011-11-18 21:50:01 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop

2011-11-17 08:16:18 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\UDC Profiles

2011-11-17 08:15:50 30656 ----a-w- C:\windows\System32\udcpm.dll

2011-11-17 08:15:41 -------- d-----w- C:\Program Files (x86)\Universal Document Converter

2011-11-17 07:56:35 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\TreasureUPXPSImage

2011-11-17 07:56:35 -------- d-----w- C:\temp

2011-11-17 07:30:28 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\calibre

2011-11-17 07:29:52 -------- d-----w- C:\Program Files (x86)\Calibre2

2011-11-17 07:15:13 -------- d-----w- C:\Program Files (x86)\infogridpacific

2011-11-17 07:11:36 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\pdftoepub

2011-11-17 06:44:10 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\eCub

2011-11-16 02:31:03 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\Malwarebytes

2011-11-16 02:30:56 -------- d-----w- C:\ProgramData\Malwarebytes

2011-11-16 02:30:52 25416 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-11-16 02:30:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-11-09 21:31:27 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-09 21:31:25 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-09 21:31:23 1923952 ----a-w- C:\windows\System32\drivers\tcpip.sys

2011-11-09 21:31:21 3144704 ----a-w- C:\windows\System32\win32k.sys

2011-11-09 21:31:18 1139200 ----a-w- C:\windows\System32\FntCache.dll

2011-11-09 21:31:17 902656 ----a-w- C:\windows\System32\d2d1.dll

2011-11-09 21:31:17 1544192 ----a-w- C:\windows\System32\DWrite.dll

2011-11-09 21:31:17 1076736 ----a-w- C:\windows\SysWow64\DWrite.dll

2011-11-09 21:31:16 739840 ----a-w- C:\windows\SysWow64\d2d1.dll

2011-11-08 18:15:19 -------- d-----w- C:\Program Files\CCleaner

2011-11-06 22:03:49 -------- d-----w- C:\Users\Honeybush\AppData\Local\NP3

2011-11-06 21:53:48 -------- d-----w- C:\Users\Honeybush\AppData\Roaming\NeuroProgrammer3

2011-11-06 21:53:43 -------- d-----w- C:\Users\Honeybush\AppData\Local\Xenocode

2011-11-06 21:44:11 -------- d-----w- C:\Program Files (x86)\Neuro-Programmer 3

2011-11-02 18:02:21 -------- d-----w- C:\Program Files (x86)\HP

2011-11-02 18:02:18 -------- d-----w- C:\Program Files\HP

2011-11-02 18:00:22 -------- d-----w- C:\Users\Honeybush\AppData\Local\HP

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2011-10-27 05:19:24 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2011-10-24 21:29:02 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx

2011-10-24 21:29:02 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts

.

==================== Find3M ====================

.

2011-11-22 05:38:52 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-28 18:11:59 49664 ----a-w- C:\windows\System32\imgutil.dll

2011-09-28 17:33:10 152576 ----a-w- C:\windows\SysWow64\msclmd.dll

2011-09-28 17:33:09 175616 ----a-w- C:\windows\System32\msclmd.dll

2011-09-28 02:55:01 164352 ----a-w- C:\windows\SysWow64\SpoonUninstall.exe

2011-09-27 20:30:10 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

2011-09-27 20:30:09 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll

2011-09-25 23:26:59 0 ----a-w- C:\windows\ativpsrm.bin

2011-09-01 05:24:07 2309120 ----a-w- C:\windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2011-08-31 09:05:32 96104 ----a-w- C:\windows\System32\dns-sd.exe

2011-08-31 09:05:32 85864 ----a-w- C:\windows\System32\dnssd.dll

2011-08-31 09:05:32 61288 ----a-w- C:\windows\System32\jdns_sd.dll

2011-08-31 09:05:32 212840 ----a-w- C:\windows\System32\dnssdX.dll

2011-08-31 09:05:04 83816 ----a-w- C:\windows\SysWow64\dns-sd.exe

2011-08-31 09:05:04 73064 ----a-w- C:\windows\SysWow64\dnssd.dll

2011-08-31 09:05:04 50536 ----a-w- C:\windows\SysWow64\jdns_sd.dll

2011-08-31 09:05:04 178536 ----a-w- C:\windows\SysWow64\dnssdX.dll

2011-08-27 05:37:49 861696 ----a-w- C:\windows\System32\oleaut32.dll

2011-08-27 05:37:48 331776 ----a-w- C:\windows\System32\oleacc.dll

2011-08-27 04:26:27 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll

2011-08-27 04:26:27 233472 ----a-w- C:\windows\SysWow64\oleacc.dll

.

============= FINISH: 10:38:48.26 ===============

ATTACH:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 9/25/2011 5:04:07 PM

System Uptime: 11/23/2011 8:07:35 AM (2 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: AMD V120 Processor | Socket S1G4 | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 288 GiB total, 224.763 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is FIXED (FAT) - 0 GiB total, 0.011 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP57: 11/18/2011 7:07:30 AM - Windows Update

RP58: 11/21/2011 4:32:53 PM - Windows Update

RP59: 11/21/2011 8:42:03 PM - Removed iTunes

RP60: 11/21/2011 8:46:44 PM - Removed Apple Mobile Device Support

RP61: 11/21/2011 8:51:33 PM - Removed iTunes

RP62: 11/21/2011 9:04:09 PM - Removed Bonjour

RP63: 11/21/2011 9:14:42 PM - Installed iTunes

RP64: 11/23/2011 10:36:03 AM - Removed iTunes

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

AbiWord 2.8.6

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Photoshop CS

Adobe Reader 9.4.6

Adobe® CreatePDF Desktop

Amazon Links

AmpliTube X-GEAR

Any Video Converter 3.2.7

Apple Application Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Atheros Driver Installation Program

Audio Creator LE 1.5

Bejeweled 2 Deluxe

calibre

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Compatibility Pack for the 2007 Office system

dBpowerAMP Music Converter

Dropbox

Escape Rosecliff Island

F.lux

FATE - The Traitor Soul

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Hercules DJ Products Series drivers

Hotfix for Office (KB975927)

HP Deskjet 2050 J510 series Help

iRemote

Java 6 Update 17

Jewel Quest 3

Junk Mail filter update

Label@Once 1.0

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional Edition 2003

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

MIDI Yoke

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

Music Creator 5

Native Instruments Controller Editor

Native Instruments Service Center

Native Instruments Traktor 2

Neuro-Programmer 3 Visualizations Pack 1.0

Neuro-Programmer 3.1.1

Penguins!

Polar Bowler

Quickbooks Financial Center

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Safari

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype Launcher

TOSHIBA Application Installer

TOSHIBA Assist

TOSHIBA Bulletin Board

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

ToshibaRegistration

Universal Document Converter (Demo)

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Virtual Families

Virtual Villagers - The Secret City

WD Discovery Software

WildTangent Games

WildTangent ORB Game Console

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

WinX DVD Ripper Platinum 6.0.0

WinX HD Video Converter Deluxe 3.10.2

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

11/23/2011 8:08:24 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

11/23/2011 8:08:16 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/23/2011 6:51:45 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/22/2011 7:58:35 AM, Error: Service Control Manager [7034] - The NIHardwareService service terminated unexpectedly. It has done this 1 time(s).

11/22/2011 7:01:49 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/22/2011 11:34:55 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/21/2011 8:48:06 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/21/2011 7:36:09 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/21/2011 6:45:44 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/20/2011 7:08:30 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/19/2011 6:59:17 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/18/2011 3:39:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

11/18/2011 10:35:42 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/17/2011 9:55:52 AM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.

11/17/2011 7:21:54 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/16/2011 7:02:04 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/16/2011 3:53:36 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

.

==== End Of File ===========================

Link to post
Share on other sites

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:


  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the
General Malwarebytes' Anti-Malware Forum
, you need to start a topic in the

Malware Removal forum
so a qualified helper can help you fix any malware related problems/infections you may have.


  • Please read and follow the
    , skipping any steps you are unable to complete.

  • After posting your new post, make sure under
    options
    , you select
    Track this topic
    and choose
    Immediate Email Notification
    ,

    so that you're alerted when someone has replied to your post.

NOTE:
Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.

      Or

    • You may send a Private Message to a Moderator asking for assistance.


OPTION 2

Alternatively, as a paying customer, you can contact the help desk at
or
.

OPTION 3

If you would like to use our
Malwarebytes Premium Services
, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our
support site.

Please be patient, someone will assist you as soon as possible.

PS: Please use the "Add Reply" Add-Reply.png button not the Reply button when you start replying.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.