Malwarebytes and Chameleon won't run or update

[ianfrancisryan]

I have having issues on my computer and, despite a clean bill of health from both Microsoft Security Essentials and Avast, I suspect I may have trojans/malware.

I have attached both attach.txt and dds.txt.

Any help would be much appreciated.

attach.txt

dds.txt

[Maniac]

Hello ianfrancisryan! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

Please uninstall the following applications:

Ask Toolbar - Bundled with many third party applications - also see this note

BitTorrent

LimeWire 5.5.7 - They are against our policy. Take a look here.

In your next reply, post a new fresh HiJackThis log file.

[ianfrancisryan]

Hi

I have now disabled Teatimer, uninstalled the Ask Toolbar, Limewirew and Bittorrent. Here follows my latest HijackThis log file:-

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:40:08, on 23/03/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\Ati2evxx.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\system32\spoolsv.exe

H:\WINDOWS\System32\svchost.exe

H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

H:\WINDOWS\system32\astsrv.exe

H:\Program Files\Microsoft\BingBar\SeaPort.EXE

H:\Program Files\Bonjour\mDNSResponder.exe

H:\Program Files\Allway Sync\Bin\SyncService.exe

H:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

H:\Program Files\Java\jre6\bin\jqs.exe

H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

H:\WINDOWS\Explorer.EXE

H:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

H:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

H:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

H:\Program Files\Pure Networks\Network Magic\nmapp.exe

H:\Program Files\Pure Networks\Speed Meter Pro\smp.exe

H:\Program Files\Microsoft Security Client\msseces.exe

H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

H:\WINDOWS\system32\svchost.exe

H:\DOCUME~1\IANRYA~1\LOCALS~1\Temp\tmp.exe

H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

H:\Program Files\LiveZilla\LiveZilla.exe

H:\Program Files\Google\Google Talk\googletalk.exe

H:\Program Files\Samsung\Kies\KiesTrayAgent.exe

H:\WINDOWS\system32\ctfmon.exe

H:\Documents and Settings\Ian Ryan\Local Settings\Application Data\Akamai\netsession_win.exe

H:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

H:\Documents and Settings\Ian Ryan\Local Settings\Application Data\Akamai\netsession_win.exe

H:\Program Files\Skype\Phone\Skype.exe

H:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

H:\Program Files\PamelaPCR\PamelaPCR.exe

H:\Program Files\SetPoint\SetPoint.exe

H:\WINDOWS\system32\wuauclt.exe

H:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE

H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

H:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

H:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

H:\Program Files\Mozilla Firefox\firefox.exe

H:\Program Files\Mozilla Firefox\plugin-container.exe

H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.179.72.132:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>

R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program

Files\BitTorrentBar\tbBit0.dll

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - H:\Program Files\TechSmith\SnagIt

8\SnagItBHO.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - H:\Program Files\Adobe\Adobe Contribute

CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngin1.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - H:\Program Files\Core

Services\DebugBar\DebugInfoBar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -

H:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "H:\Program Files\Microsoft\BingBar\BingExt.dll"

(file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program

Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program

Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - H:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - H:\Program Files\Adobe\Adobe Contribute

CS5\Plugins\IEPlugin\contributeieplugin.dll

O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program

Files\BitTorrentBar\tbBit0.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program

Files\ConduitEngine\ConduitEngin1.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "H:\Program Files\Microsoft\BingBar\BingExt.dll"

(file missing)

O3 - Toolbar: DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - H:\Program Files\Core

Services\DebugBar\DebugToolBar.dll

O4 - HKLM\..\Run: [iAAnotif] H:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [nmctxth] "H:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "H:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [smp.exe] "H:\Program Files\Pure Networks\Speed Meter Pro\smp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [signIn] "H:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [MSC] "H:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [AppleSyncNotifier] H:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [bCSSync] "H:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [LiveZilla] "H:\Program Files\LiveZilla\LiveZilla.exe" -minimize

O4 - HKLM\..\Run: [googletalk] H:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [KiesTrayAgent] H:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "H:\Documents and Settings\Ian Ryan\Local Settings\Application

Data\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [KiesHelper] H:\Program Files\Samsung\Kies\KiesHelper.exe /s

O4 - HKCU\..\Run: [KiesPDLR] H:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [pamelaPCR.exe] "H:\Program Files\PamelaPCR\PamelaPCR.exe"

O4 - HKLM\..\Policies\Explorer\Run: [DarkPlus] H:\DOCUME~1\IANRYA~1\LOCALS~1\Temp\tmp.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: SetPoint.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://H:\Program

Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://H:\Program

Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://H:\Program

Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://H:\Program

Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Se&nd to OneNote - res://H:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Sothink SWF Catcher - H:\Program Files\Common Files\SourceTec\SWF

Catcher\InternetExplorer.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program

Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft

Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft

Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft

Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program

Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - H:\Program Files\Common

Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - H:\Program Files\Common

Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network

Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program

Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1266787328531

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - H:\Program Files\Intuit\QuickBooks

2010\HelpAsyncPluggableProtocol.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: acaptuser32.dll

O20 - Winlogon Notify: avgrsstarter - Invalid registry found

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

H:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} -

H:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe

O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - H:\WINDOWS\system32\astsrv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - H:\Program Files\Allway

Sync\Bin\SyncService.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\Program

Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - H:\Program Files\Common Files\Macrovision

Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Unknown owner -

H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - H:\Program

Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - H:\Program

Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - H:\Program Files\Intel\Intel

Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program

Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Unknown owner - H:\Program Files\Common

Files\Logitech\Bluetooth\LBTSERV.EXE (file missing)

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - H:\Program Files\Common Files\Pure

Networks Shared\Platform\nmsrvc.exe

O23 - Service: NovaStor NovaBACKUP Backup/Copy Engine (nsService) - Unknown owner - H:\Program

Files\NovaStor\NovaStor NovaBACKUP\nsService.exe (file missing)

O23 - Service: QBCFMonitorService - Intuit - H:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - H:\Program Files\Common

Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: ServiceLayer - Nokia - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - H:\Program Files\Common

Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - H:\Program Files\TuneUp Utilities

2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - H:\Program Files\TuneUp Utilities

2010\TuneUpUtilitiesService32.exe

--

End of file - 18694 bytes

[Maniac]

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are seven different versions. If one of them won't run then download and try to run the other one.

Vista and Windows 7 users need to right-click and choose Run as Administrator

You only need to get one of them to run, not all of them.

1. rkill.exe
   
2. rkill.com
   
3. rkill.scr
   
4. eXplorer.exe - This renamed copy may trigger an alert from MBAM. It can be ignored and is safe.
   
5. iExplore.exe
   
6. WiNlOgOn.exe
   
7. uSeRiNiT.exe
   

Once you've gotten one of them to run then try to immediately run the following:

http://forums.malwarebytes.org/index.php?showtopic=85715&view=findpost&p=434002

[ianfrancisryan]

I was followed these instructions and still cannot get Malwarebytes to update and/or run. I have also tried all of the options in the FAQ without success. I now attach my latest attach.txt and dds.txt. Here follows my latest HiJackThis log file:-

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:46:42, on 24/03/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\Ati2evxx.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\system32\spoolsv.exe

H:\WINDOWS\System32\svchost.exe

H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

H:\WINDOWS\system32\astsrv.exe

H:\Program Files\Microsoft\BingBar\SeaPort.EXE

H:\Program Files\Bonjour\mDNSResponder.exe

H:\Program Files\Allway Sync\Bin\SyncService.exe

H:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

H:\Program Files\Java\jre6\bin\jqs.exe

H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

H:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

H:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

H:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

H:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

H:\Program Files\Pure Networks\Network Magic\nmapp.exe

H:\Program Files\Pure Networks\Speed Meter Pro\smp.exe

H:\Program Files\Microsoft Security Client\msseces.exe

H:\Program Files\LiveZilla\LiveZilla.exe

H:\Program Files\Google\Google Talk\googletalk.exe

H:\Program Files\Samsung\Kies\KiesTrayAgent.exe

H:\WINDOWS\system32\ctfmon.exe

H:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

H:\Program Files\Skype\Phone\Skype.exe

H:\Program Files\PamelaPCR\PamelaPCR.exe

H:\Program Files\SetPoint\SetPoint.exe

H:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE

H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

H:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

H:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

H:\Program Files\Mozilla Firefox\firefox.exe

H:\Program Files\Mozilla Firefox\plugin-container.exe

H:\WINDOWS\explorer.exe

H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.179.72.132:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>

R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - H:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - H:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngin1.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - H:\Program Files\Core Services\DebugBar\DebugInfoBar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "H:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - H:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - H:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngin1.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "H:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - H:\Program Files\Core Services\DebugBar\DebugToolBar.dll

O4 - HKLM\..\Run: [iAAnotif] H:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [nmctxth] "H:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "H:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [smp.exe] "H:\Program Files\Pure Networks\Speed Meter Pro\smp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [signIn] "H:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [MSC] "H:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [AppleSyncNotifier] H:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [bCSSync] "H:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [LiveZilla] "H:\Program Files\LiveZilla\LiveZilla.exe" -minimize

O4 - HKLM\..\Run: [googletalk] H:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [KiesTrayAgent] H:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "H:\Documents and Settings\Ian Ryan\Local Settings\Application Data\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [KiesHelper] H:\Program Files\Samsung\Kies\KiesHelper.exe /s

O4 - HKCU\..\Run: [KiesPDLR] H:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [pamelaPCR.exe] "H:\Program Files\PamelaPCR\PamelaPCR.exe"

O4 - HKLM\..\Policies\Explorer\Run: [DarkPlus] H:\DOCUME~1\IANRYA~1\LOCALS~1\Temp\tmp.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: SetPoint.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Se&nd to OneNote - res://H:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Sothink SWF Catcher - H:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - H:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - H:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1266787328531

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - H:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: acaptuser32.dll

O20 - Winlogon Notify: avgrsstarter - Invalid registry found

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - H:\WINDOWS\system32\astsrv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - H:\Program Files\Allway Sync\Bin\SyncService.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Unknown owner - H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - H:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Unknown owner - H:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (file missing)

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - H:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: NovaStor NovaBACKUP Backup/Copy Engine (nsService) - Unknown owner - H:\Program Files\NovaStor\NovaStor NovaBACKUP\nsService.exe (file missing)

O23 - Service: QBCFMonitorService - Intuit - H:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - H:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: ServiceLayer - Nokia - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - H:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - H:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--

End of file - 18429 bytes

[Maniac]

Step 1

Open HijackThis.

Choose "Do a system scan only"

Check the boxes in front of these lines:

O4 - HKLM\..\Policies\Explorer\Run: [DarkPlus] H:\DOCUME~1\IANRYA~1\LOCALS~1\Temp\tmp.exe

Press "Fix Checked"

Close Hijack This.

Reboot.

Step 2

Try again to run Malwarebytes' Anti-Malware:

http://forums.malwarebytes.org/index.php?showtopic=85715&view=findpost&p=434002

[ianfrancisryan]

When I ran HijackThis this morning and did a system scan the line:-

O4 - HKLM\..\Policies\Explorer\Run: [DarkPlus] H:\DOCUME~1\IANRYA~1\LOCALS~1\Temp\tmp.exe

no longer appears in the log. I still cannot run and/or update MalwareBytes using any of the methods suggested.

Here follows the latest HijackThis log:-

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 09:54:48, on 25/03/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

H:\WINDOWS\System32\smss.exe

H:\WINDOWS\system32\winlogon.exe

H:\WINDOWS\system32\services.exe

H:\WINDOWS\system32\lsass.exe

H:\WINDOWS\system32\Ati2evxx.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\system32\svchost.exe

H:\WINDOWS\system32\spoolsv.exe

H:\WINDOWS\System32\svchost.exe

H:\WINDOWS\Explorer.EXE

H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

H:\WINDOWS\system32\astsrv.exe

H:\Program Files\Microsoft\BingBar\SeaPort.EXE

H:\Program Files\Bonjour\mDNSResponder.exe

H:\Program Files\Allway Sync\Bin\SyncService.exe

H:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

H:\Program Files\Java\jre6\bin\jqs.exe

H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

H:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

H:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

H:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

H:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

H:\Program Files\Pure Networks\Network Magic\nmapp.exe

H:\Program Files\Pure Networks\Speed Meter Pro\smp.exe

H:\Program Files\Microsoft Security Client\msseces.exe

H:\Program Files\LiveZilla\LiveZilla.exe

H:\Program Files\Google\Google Talk\googletalk.exe

H:\Program Files\Samsung\Kies\KiesTrayAgent.exe

H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

H:\WINDOWS\system32\ctfmon.exe

H:\Documents and Settings\Ian Ryan\Local Settings\Application Data\Akamai\netsession_win.exe

H:\WINDOWS\system32\svchost.exe

H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

H:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

H:\Program Files\Skype\Phone\Skype.exe

H:\Documents and Settings\Ian Ryan\Local Settings\Application Data\Akamai\netsession_win.exe

H:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

H:\Program Files\PamelaPCR\PamelaPCR.exe

H:\Program Files\SetPoint\SetPoint.exe

H:\WINDOWS\system32\wuauclt.exe

H:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE

H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

H:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

H:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

H:\Program Files\Mozilla Firefox\firefox.exe

H:\Program Files\Mozilla Firefox\plugin-container.exe

H:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.179.72.132:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>

R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - H:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - H:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngin1.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - H:\Program Files\Core Services\DebugBar\DebugInfoBar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "H:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - H:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - H:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - H:\Program Files\BitTorrentBar\tbBit0.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - H:\Program Files\ConduitEngine\ConduitEngin1.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "H:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - H:\Program Files\Core Services\DebugBar\DebugToolBar.dll

O4 - HKLM\..\Run: [iAAnotif] H:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [nmctxth] "H:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "H:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [smp.exe] "H:\Program Files\Pure Networks\Speed Meter Pro\smp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [signIn] "H:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [MSC] "H:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [AppleSyncNotifier] H:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [bCSSync] "H:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [LiveZilla] "H:\Program Files\LiveZilla\LiveZilla.exe" -minimize

O4 - HKLM\..\Run: [googletalk] H:\Program Files\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [KiesTrayAgent] H:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "H:\Documents and Settings\Ian Ryan\Local Settings\Application Data\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [KiesHelper] H:\Program Files\Samsung\Kies\KiesHelper.exe /s

O4 - HKCU\..\Run: [KiesPDLR] H:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [pamelaPCR.exe] "H:\Program Files\PamelaPCR\PamelaPCR.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: SetPoint.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://H:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Se&nd to OneNote - res://H:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Sothink SWF Catcher - H:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - H:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - H:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1266787328531

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - H:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: acaptuser32.dll

O20 - Winlogon Notify: avgrsstarter - Invalid registry found

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - H:\WINDOWS\system32\astsrv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - H:\Program Files\Allway Sync\Bin\SyncService.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Unknown owner - H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - H:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Unknown owner - H:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (file missing)

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - H:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - H:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: NovaStor NovaBACKUP Backup/Copy Engine (nsService) - Unknown owner - H:\Program Files\NovaStor\NovaStor NovaBACKUP\nsService.exe (file missing)

O23 - Service: QBCFMonitorService - Intuit - H:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - H:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: ServiceLayer - Nokia - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - H:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - H:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - H:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--

End of file - 18485 bytes

[Maniac]

Follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=497675entry497675

[ianfrancisryan]

Thank you. Renaming drive letter C resolved the issue and I can now update and run Malwarebytes. I am currently run a full system scan with Malwarebytes and will let you know if there are any further problems.

Many Thanks

[Maniac]

Please post your log file when you are ready.

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!