Jump to content

Recommended Posts

My laptop is acting really weird. Sometimes it won't open certain programs, windows explorer hangs and I am unable to uninstall programs etc.

I ran the quick scan and Malwarebytes did not find any infected files. When I try to update the database( it is 6 months old) it give me an error which says

PROGRAM_ERROR_UPDATING (11004, 0, No address found)

I am trying to fix whatever is wrong with it and I'm sure that getting malwarebytes to update is part of the solution.

Any help would be greatly appreciated.

Thank you!!!

Here is my DDS file. I also have attached the "attach" file created from DDS and also the log from HiJackThis.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_29

Run by Warren at 17:34:00 on 2011-12-19

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1917.971 [GMT -7:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\System32\mobsync.exe

c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/igoogle

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

uURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111211121926.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "c:\users\warren\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

TCP: Interfaces\{B8BAE792-23C1-43B9-8C1F-6978E73E80F1} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{E1691774-B3E4-41B5-A272-8713E795AF70} : DhcpNameServer = 75.75.76.76 75.75.75.75

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-10-13 464176]

R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-3-16 64880]

R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-3-16 165680]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-19 366152]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-16 214904]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-16 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-16 214904]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-3-16 214904]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-3-16 160608]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-3-16 150856]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-3-16 57600]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-19 22216]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-3-16 180816]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-3-16 338176]

R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-12-19 41272]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-18 136176]

S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-3-16 166288]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-18 136176]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-3-16 59456]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-3-16 87656]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-20 00:31:07 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-12-20 00:00:16 388096 ----a-r- c:\users\warren\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-12-20 00:00:15 -------- d-----w- c:\program files\Trend Micro

2011-12-19 22:48:24 -------- d-----w- c:\users\warren\appdata\roaming\Malwarebytes

2011-12-19 22:48:19 -------- d-----w- c:\programdata\Malwarebytes

2011-12-19 22:48:16 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-19 22:48:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-12-12 04:04:52 -------- d-----w- C:\inetpub

2011-12-10 04:56:50 -------- d-----w- c:\windows\system32\eu-ES

2011-12-10 04:56:50 -------- d-----w- c:\windows\system32\ca-ES

2011-12-10 04:56:46 -------- d-----w- c:\windows\system32\vi-VN

2011-12-02 05:12:49 -------- d-----w- c:\users\warren\appdata\local\HP

.

==================== Find3M ====================

.

2011-11-11 16:32:44 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-18 21:32:30 150856 ----a-w- c:\windows\system32\mfevtps.exe

2011-10-15 20:16:16 9608 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2011-10-15 20:16:16 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2011-10-15 20:16:16 64880 ----a-w- c:\windows\system32\drivers\mfenlfk.sys

2011-10-15 20:16:16 59456 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2011-10-15 20:16:16 57600 ----a-w- c:\windows\system32\drivers\cfwids.sys

2011-10-15 20:16:16 464176 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2011-10-15 20:16:16 338176 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2011-10-15 20:16:16 180816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2011-10-15 20:16:16 165680 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2011-10-15 20:16:16 121256 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2011-10-03 11:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 17:34:39.90 ===============

Attach.zip

hijackthis.zip

Link to post
Share on other sites

  • 1 month later...

Hello ,

Would you advise if you have resolved your issues or if you have sought help elsewhere?

If not resolved and you are not already seeking help elsewhere, I'd like for you to rerun a new (fresh) DDS and Copy & Paste the DDS.txt into a new reply.

Anyone other than original-poster who has similar issues, do not reply here. Start your own topic.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.