Jump to content

MBAM won't update anymore - infected


Recommended Posts

MiniToolBox by Farbar Version: 23-07-2012

Ran by Moo (administrator) on 12-10-2012 at 19:09:48

Microsoft Windows 7 Ultimate (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) = Local Area Connection (Connected)

Ralink RT61 Turbo Wireless LAN Card = Wireless Network Connection (Hardware not present)

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Moo-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : nyc.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)

Physical Address. . . . . . . . . : 00-24-8C-73-E1-C6

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::153b:9bde:160c:2754%11(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.1.111(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Thursday, October 11, 2012 11:27:13 PM

Lease Expires . . . . . . . . . . : Saturday, October 13, 2012 2:16:03 PM

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DHCPv6 IAID . . . . . . . . . . . : 234890380

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-F4-15-32-00-24-8C-73-E1-C6

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.nyc.rr.com:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:41f:bb7:3f57:fe90(Preferred)

Link-local IPv6 Address . . . . . : fe80::41f:bb7:3f57:fe90%12(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: dns-cac-lb-01.rr.com

Address: 209.18.47.61

Name: google.com

Addresses: 2607:f8b0:4006:800::1003

74.125.226.198

74.125.226.199

74.125.226.200

74.125.226.201

74.125.226.206

74.125.226.192

74.125.226.193

74.125.226.194

74.125.226.195

74.125.226.196

74.125.226.197

Pinging google.com [74.125.226.197] with 32 bytes of data:

Reply from 74.125.226.197: bytes=32 time=21ms TTL=54

Reply from 74.125.226.197: bytes=32 time=19ms TTL=54

Ping statistics for 74.125.226.197:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 21ms, Average = 20ms

Server: dns-cac-lb-01.rr.com

Address: 209.18.47.61

Name: yahoo.com

Addresses: 98.139.183.24

72.30.38.140

98.138.253.109

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=427ms TTL=50

Reply from 72.30.38.140: bytes=32 time=605ms TTL=50

Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 427ms, Maximum = 605ms, Average = 516ms

Server: dns-cac-lb-01.rr.com

Address: 209.18.47.61

Name: bleepingcomputer.com

Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 2ms, Maximum = 4ms, Average = 3ms

===========================================================================

Interface List

11...00 24 8c 73 e1 c6 ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)

1...........................Software Loopback Interface 1

16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.111 20

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.1.0 255.255.255.0 On-link 192.168.1.111 276

192.168.1.111 255.255.255.255 On-link 192.168.1.111 276

192.168.1.255 255.255.255.255 On-link 192.168.1.111 276

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.1.111 276

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.1.111 276

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

12 58 ::/0 On-link

1 306 ::1/128 On-link

12 58 2001::/32 On-link

12 306 2001:0:9d38:6ab8:41f:bb7:3f57:fe90/128

On-link

11 276 fe80::/64 On-link

12 306 fe80::/64 On-link

12 306 fe80::41f:bb7:3f57:fe90/128

On-link

11 276 fe80::153b:9bde:160c:2754/128

On-link

1 306 ff00::/8 On-link

12 306 ff00::/8 On-link

11 276 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] ()

Catalog9 02 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] ()

Catalog9 03 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] ()

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 14 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] ()

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (10/12/2012 02:46:50 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/11/2012 03:54:16 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/07/2012 03:18:26 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/06/2012 03:47:20 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/05/2012 03:09:48 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/04/2012 03:40:47 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/02/2012 02:23:27 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/01/2012 00:31:18 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/29/2012 05:14:03 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/29/2012 04:29:00 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll . Error code = 0x80070005

System errors:

=============

Error: (10/11/2012 11:28:18 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (10/11/2012 11:28:15 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/11/2012 08:54:43 AM) (Source: volsnap) (User: )

Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/11/2012 03:23:46 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/08/2012 04:46:30 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/08/2012 00:34:09 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/08/2012 00:32:42 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 12:31:55 PM on ?10/?8/?2012 was unexpected.

Error: (10/07/2012 11:32:17 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/07/2012 11:24:44 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/06/2012 06:09:45 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office Sessions:

=========================

Error: (10/12/2012 02:46:50 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/11/2012 03:54:16 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/07/2012 03:18:26 PM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/06/2012 03:47:20 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/05/2012 03:09:48 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/04/2012 03:40:47 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/02/2012 02:23:27 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/01/2012 00:31:18 AM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/29/2012 05:14:03 PM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/29/2012 04:29:00 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll . Error code = 0x80070005

C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll

**** End of log ****

And yes, i have the Trial set of MBAM, did not purchase the license.

Link to post
Share on other sites

Spybot S & D seems to have a lot of exceptions. Now, I do not believe it is the source of your MBAM issue, but..... Uninstall Spybot S & D and then restart the system fresh.

Next:

I do not believe that you have an infection.....however, let's have you do a online scan at ESET:

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

  • Accept the Terms of Use and press Start button;
  • Approve the install of the required ActiveX Control, then follow on-screen instructions;
  • Enable (check) the Remove found threats option, and run the scan.
  • After the scan completes, the Details tab in the Results window will display what was found and removed.
    • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

    Look at contents of this file using Notepad.

    The Frequently Asked Questions for ESET Online Scanner can be viewed here

    http://go.eset.com/u...ine-scanner/faq

    • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
      (And the prompt re-enabling when finished.)
    • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    • Do not use the system while the scan is running. Once the full scan is underway, go take a long break popcorn.gifpepsi.gif

Re-enable the antivirus program.

Reply with copy of the Eset scan log

Link to post
Share on other sites

If you do (or have already) install Spybot S & D, make VERY sure that Tea Timer is NOT on. It will interfere with any fixes forthcoming.

AND if you are not familiar with what Tea Timer does ---- again, do not have it on.

Start Spybot-S&D, switch to the Advanced mode via the menu bar item Mode

then select Advanced Mode

On the left hand side, slect Tools

Then click on the Resident icon in the list

Uncheck Resident TeaTimer and OK any prompts.

Now Logoff & Restart your computer fresh.

Link to post
Share on other sites

Hello Blankz13,

Please do this:

1. Open Internet Explorer.

2. Click "Tools," and then click "Internet Options."

3. Click "Connections," and then click "LAN Settings."

4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected.

5. Make sure Proxy servers block is not selected (not checkmarked).

6. Apply changes & OK

Step 2

Using Internet Explorer (only!) go to http://support.microsoft.com/kb/923737

[ignore any DOES NOT APPLY warning as well as the APPLIES TO section],

run the Fix It and then reboot.

Tip: For optimal results, enable the Delete personal settings option.

Step 3

Please copy/paste the lines in bold below to Notepad:

@Echo on

pushd\windows\system32\drivers\etc

attrib -h -s -r hosts

echo 127.0.0.1 localhost>HOSTS

attrib +r +h +s hosts

popd

ipconfig /release

ipconfig /renew

ipconfig /flushdns

netsh winsock reset all

netsh int ip reset resetlog.log

shutdown -r -t 1

del %0

Save as flush.bat to your desktop.

Double-click flush.bat file to run it. Your computer will reboot.

Step 4

Did ESET online scan run and finish ? yes/no ?

Please tell me since that is not very clear from your prior response.

If you did not run the scan, I need for you to do it.

IF it did finish the scan, I'd like to get the actual ESET log. It should be located at

C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt

Link to post
Share on other sites

Hi Maurice, I've followed every step of the instructions you provided and I also let ESET finish its scanning process which took about 1hr and a half. The scan concluded without finding any threats, and the log.txt at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt did not contain anything else but "ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK" I found it weird that it didn't show anything else. I'll run it again and post the results when possible. I hope this clarifies anything that may have been unclear.

Link to post
Share on other sites

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=ac4c86732904664c837ed6c5bf649184

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-10-16 09:59:18

# local_time=2012-10-16 05:59:18 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=5893 16776574 100 94 76914 101963682 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=217568

# found=0

# cleaned=0

# scan_time=4525

Here is the result after the ESET finished scanning the second time around.

Link to post
Share on other sites

That's more like it. Very good run of ESET: nothing detected.

Now then, please delete the DDS that you have. There's a newer version & you need to get that:

Download DDS and save it to your desktop from http://download.blee...om/sUBs/dds.com here

or http://download.blee...om/sUBs/dds.scr or

http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

Then double click dds.scr to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Then I'll do a review.

Link to post
Share on other sites

Here is the DDS:

DDS (Ver_2012-10-14.05) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385

Run by Moo at 2:05:48 on 2012-10-18

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.4804 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\AIM\aim.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Moo\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

C:\Users\Moo\AppData\Local\Akamai\netsession_win.exe

C:\Users\Moo\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\DllHost.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Steam\steam.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Windows\system32\calc.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Windows\system32\conhost.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Windows\splwow64.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Octoshape Streaming Services] "C:\Users\Moo\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun

uRun: [Akamai NetSession Interface] "C:\Users\Moo\AppData\Local\Akamai\netsession_win.exe"

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

LSP: C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{279FE8B6-33E7-44B1-A7B3-CDA3658FD8A4}\865716E676 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7F657AD3-AC3D-4285-93A6-F5A0147B9D06} : DHCPNameServer = 209.18.47.61 209.18.47.62

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Moo\AppData\Roaming\Mozilla\Firefox\Profiles\gyjzsbuj.default\

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Baidu\BaiduPlayer\1.17.0.172\npxbdyy.dll

FF - plugin: C:\Program Files (x86)\Baidu\BaiduPlayer\1.17.0.172\npxbdyyreg.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Moo\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Users\Moo\AppData\Roaming\Mozilla\plugins\npoctoshape.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-27 239616]

R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-12-15 21992]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-7 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-7 676936]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-7-22 690472]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-8-11 1153368]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-7-28 10278912]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-7-27 368640]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-7 25928]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-13 136176]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-8 250808]

S3 atillk64;atillk64;C:\Users\Moo\Desktop\PC Tools\GPU-Z\ATIWinFlash\atillk64.sys [2011-12-27 14608]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-13 136176]

S3 LVUVC64;Logitech QuickCam S5500(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-10 115168]

S3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\System32\drivers\netr6164.sys [2010-4-7 446304]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-13 1255736]

S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]

.

=============== Created Last 30 ================

.

2012-10-18 00:12:01 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{947B64C6-980E-493C-B3DD-559CBDA9FA67}\mpengine.dll

2012-10-17 00:11:47 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-10-14 18:48:05 -------- d-----w- C:\Program Files (x86)\ESET

2012-10-12 02:03:01 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe

2012-10-12 02:03:00 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

2012-10-10 20:05:18 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-10-10 20:04:55 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-10-10 20:04:55 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-10-10 20:04:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-10-10 20:04:51 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-10-10 20:04:46 714752 ----a-w- C:\Windows\System32\kerberos.dll

2012-10-10 20:04:45 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll

2012-10-10 20:04:43 1462784 ----a-w- C:\Windows\System32\crypt32.dll

2012-10-10 20:04:42 182272 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-10-10 20:04:42 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-10-10 20:04:42 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-10-10 20:04:42 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-10-10 20:04:41 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-10-08 20:52:19 -------- d-----w- C:\Users\Moo\AppData\Local\Macromedia

2012-10-08 17:07:09 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-10-08 16:35:56 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-07 15:36:34 -------- d-----w- C:\Users\Moo\AppData\Roaming\Malwarebytes

2012-10-07 15:36:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-10-07 15:36:26 -------- d-----w- C:\ProgramData\Malwarebytes

2012-10-07 15:36:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-10-06 22:08:50 -------- d-sh--w- C:\$RECYCLE.BIN

2012-10-06 21:22:19 98816 ----a-w- C:\Windows\sed.exe

2012-10-06 21:22:19 256000 ----a-w- C:\Windows\PEV.exe

2012-10-06 21:22:19 208896 ----a-w- C:\Windows\MBR.exe

2012-10-06 16:20:42 -------- d-----w- C:\Users\Moo\AppData\Local\{BC66F34C-2587-4E0F-9912-21501EFAF14C}

2012-10-05 15:42:07 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AB04F3C-68CA-44E8-8ED1-77A69E4DCEB9}\gapaengine.dll

2012-10-05 15:40:03 -------- d-----w- C:\Users\Moo\AppData\Local\{7C2CB488-79EF-46DB-88F8-F2C3058C0D48}

2012-10-05 15:37:11 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2012-10-05 15:36:59 -------- d-----w- C:\Program Files\Microsoft Security Client

2012-10-05 15:36:35 374664 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-10-05 06:15:25 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ED977251-6C38-40A7-A31C-9A3543481081}\mpengine.dll

2012-10-04 18:20:12 -------- d-----w- C:\Users\Moo\AppData\Local\{82A88B75-CC49-4BCE-9CFC-5DCB9099A6D8}

2012-10-04 06:19:38 -------- d-----w- C:\Users\Moo\AppData\Local\{F80719D3-6459-4150-8A04-6788082AF32E}

2012-10-01 16:33:48 -------- d-----w- C:\Users\Moo\AppData\Local\{037B723B-C5E2-4D87-B6FC-72E2C4AE9D64}

2012-09-29 20:34:16 -------- d-----w- C:\Windows\AutoKMS

2012-09-29 20:25:13 -------- d-----w- C:\Windows\PCHEALTH

2012-09-29 20:23:09 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2012-09-29 19:18:27 -------- d-----w- C:\Users\Moo\AppData\Local\{2A49C49E-EF7B-43DF-A2ED-7FD31692DE12}

2012-09-28 20:39:59 0 ----a-w- C:\Windows\ativpsrm.bin

2012-09-28 20:34:29 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2012-09-28 20:34:23 -------- d-----w- C:\Program Files\ATI

2012-09-28 20:34:05 -------- d-----w- C:\Program Files\ATI Technologies

2012-09-28 20:33:11 -------- d-----w- C:\AMD

2012-09-28 20:30:16 -------- d-----w- C:\Users\Moo\AppData\Local\{E83B316D-A754-45EA-B3AC-D575093D29BB}

2012-09-23 07:21:23 -------- d-----w- C:\Users\Moo\AppData\Local\{CFE4BC51-868C-428C-A4BE-EB8C0D9A4586}

2012-09-21 05:07:14 -------- d-----w- C:\Users\Moo\AppData\Local\{F1FAFB52-A3F8-4309-B6AE-41B15EEC5511}

2012-09-21 05:01:42 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-09-21 05:01:24 -------- d-----w- C:\Program Files\iPod

2012-09-21 05:01:23 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-21 05:01:23 -------- d-----w- C:\Program Files\iTunes

2012-09-21 05:01:23 -------- d-----w- C:\Program Files (x86)\iTunes

2012-09-20 21:43:33 -------- d-----w- C:\Users\Moo\AppData\Local\Runic Games

2012-09-19 07:00:46 -------- d-----r- C:\Program Files (x86)\Skype

.

==================== Find3M ====================

.

2012-10-12 18:23:05 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-10-12 18:23:05 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-10-12 03:39:09 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-10-08 19:07:18 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-31 02:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2012-08-31 02:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:27 1197568 ----a-w- C:\Windows\System32\wininet.dll

2012-08-24 18:02:20 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2012-08-24 17:10:47 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-08-24 17:08:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2012-08-24 16:45:23 482816 ----a-w- C:\Windows\System32\html.iec

2012-08-24 16:02:45 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-08-24 16:01:45 386048 ----a-w- C:\Windows\SysWow64\html.iec

2012-08-24 15:27:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll

2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-08-02 17:55:04 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-08-02 17:05:42 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2012-07-28 04:09:20 5538984 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-07-28 04:07:44 10278912 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-07-28 03:43:12 70144 ----a-w- C:\Windows\System32\coinst_8.982.dll

2012-07-28 03:19:34 24935424 ----a-w- C:\Windows\System32\atio6axx.dll

2012-07-28 02:50:10 20546560 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-07-28 02:15:50 163840 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-07-28 02:15:42 931328 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-07-28 02:13:56 1100288 ----a-w- C:\Windows\System32\aticfx64.dll

2012-07-28 02:10:40 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2012-07-28 02:10:34 534528 ----a-w- C:\Windows\System32\atieclxx.exe

2012-07-28 02:09:44 239616 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-07-28 02:08:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-07-28 02:08:04 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-07-28 02:07:58 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-07-28 02:07:52 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-07-28 02:07:10 6430208 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-07-28 01:51:12 7052288 ----a-w- C:\Windows\System32\atidxx64.dll

2012-07-28 01:41:32 4266496 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-07-28 01:35:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-07-28 01:35:08 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-07-28 01:35:02 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-07-28 01:35:00 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-07-28 01:34:48 16034304 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-07-28 01:32:32 4751872 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-07-28 01:30:10 13605888 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-07-28 01:25:52 6676480 ----a-w- C:\Windows\System32\atiumd64.dll

2012-07-28 01:15:32 540160 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-07-28 01:15:22 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-07-28 01:15:12 17920 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-07-28 01:15:08 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-07-28 01:15:08 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-07-28 01:15:04 41984 ----a-w- C:\Windows\System32\atig6txx.dll

2012-07-28 01:14:56 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-07-28 01:14:46 368640 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-07-28 01:13:54 129536 ----a-w- C:\Windows\System32\atiuxp64.dll

2012-07-28 01:13:48 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2012-07-28 01:13:40 103936 ----a-w- C:\Windows\System32\atiu9p64.dll

2012-07-28 01:13:32 83456 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2012-07-28 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll

2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

.

============= FINISH: 2:06:16.36 ===============

Link to post
Share on other sites

And here is the attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-10-14.05)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 8/11/2010 1:23:32 AM

System Uptime: 10/15/2012 8:00:12 PM (54 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO

Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | LGA 775 | 3194/356mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 14.842 GiB free.

D: is CDROM ()

F: is FIXED (NTFS) - 75 GiB total, 36.566 GiB free.

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Ralink RT61 Turbo Wireless LAN Card

Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&1B359D48&0&00F0

Manufacturer: Ralink Technology Corp.

Name: Ralink RT61 Turbo Wireless LAN Card

PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&1B359D48&0&00F0

Service: rt61x64

.

==== System Restore Points ===================

.

RP326: 10/15/2012 7:50:14 PM - Installed Microsoft Fix it 50195

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

Adobe Digital Editions

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

AIM 7

Akamai NetSession Interface

AMD Catalyst Install Manager

Apple Application Support

Apple Mobile Device Support

Apple Software Update

BaiduPlayer1.17.0.172

Bandisoft MPEG-1 Decoder

Battlefield 3™

Battlelog Web Plugins

Bonjour

BS.Player FREE

Canon MP495 series MP Drivers

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Combined Community Codec Pack 2009-09-09

Core Temp 1.0 RC2

Counter-Strike

CPUID CPU-Z 1.59

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Diablo III

DivX Setup

Dota 2

Driver Sweeper version 2.7.5

ERUNT 1.1j

ESET Online Scanner v3

ESN Sonar

Geeks3D.com FurMark 1.9.1

Google Chrome

Google Earth Plug-in

Google Update Helper

Heroes of Newerth

High-Definition Video Playback

HP Update

iTunes

Malwarebytes Anti-Malware version 1.65.0.1400

Maple 15

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 15.0 (x86 en-US)

Mozilla Firefox 16.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 10 Movie ThemePack Basic

Nero Audio Pack 1

Nero Core Components 10

Nero Kwik Media

Nero Update

NeroKwikMedia Help (CHM)

Nexon Game Manager

NJStar Communicator

Octoshape Streaming Services

Origin

Pando Media Booster

PunkBuster Services

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Samsung_MonSetup

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition

Skype™ 5.10

Spybot - Search & Destroy

StarCraft II

Steam

Tencent QQ

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

VC80CRTRedist - 8.0.50727.6195

Ventrilo Client for Windows x64

Winamp

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinRAR archiver

Xiph.Org Open Codecs 0.85.17777

.

==== Event Viewer Messages From Past Week ========

.

10/17/2012 10:14:05 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.

10/15/2012 9:58:22 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

10/15/2012 8:01:53 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

10/11/2012 8:54:43 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

10/11/2012 11:28:18 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================

Link to post
Share on other sites

Note that your HP system may be having issues with the HDD, as noted by these lines from your DDS log

10/17/2012 10:14:05 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.

10/15/2012 9:58:22 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

Ideally, make sure you have a recent mirror-image backup of the system to offline media (DVD, CD, or external drive).

Minimally, make sure you have backup of your personal files & documents.

BTW: Did you buy BaiduPlayer? knowingly install it?

I suspect it is another P-2-p program, and I urge you to uninstall it. Please confirm doing so.

Step 2

To address a windows service:

Download and SAVE this reg-file to a unique folder or your Desktop

http://download.bleepingcomputer.com/win-services/7/DcomLaunch.reg

When saved, then do a right-click on the reg-file and select Merge.

Step 3

This will be a batch-run .

  • Press the Windows-key on keyboard.
  • In the 10-16-2011%204-33-46%20PM.png box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo off
    sc stop wuauserv
    sc stop bits
    sc config dcomlaunch start= auto
    sc config nsi start= auto
    sc config dhcp start= auto
    sc config rpcss start= auto
    sc config winmgmt start= auto
    sc config wscsvc start= delayed-auto
    sc config bits start= delayed-auto
    sc config wuauserv start= delayed-auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    sc config eventlog start= auto
    sc config bfe start= auto
    sc config eventsystem start= auto
    sc start sdrsvc
    sc start vss
    sc start rpcss
    sc start eventsystem
    sc start bfe
    sc start bits
    sc start wuauserv
    shutdown -r -t 1
    del %0


  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the 10-16-2011%204-37-58%20PM.png box, type in Fix.bat.
  • Press 10-16-2011%204-36-39%20PM.png.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose 10-16-2011%204-40-48%20PM.png.
  • Press Yes if prompted by User Account Control.

This procedure will do its tasks and then it will Restart Windows.

Step 4

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

Step 5

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

And tell me, did your HP come with a pre-installed antivirus ? which one?

What antivirus did you have before MS Security Essentials? and did you uninstall it before installing MSE ?

Edited by Maurice Naggar
Link to post
Share on other sites

Hi Maurice, finally the culprit was the Baidu Player which is a player for streaming Asian movies and right after the uninstall MBAM was able to update it. I guess the streaming player conflicted with MBAM's update process and thus rendering it unable to update. But all is well now, and thank you for the time and dedication that you have put into my problem. I really appreciate the assistance and extremely grateful of your service!

Link to post
Share on other sites

Then one has to say that Baidu Player is a really undesirable program, to put it mildly.

I'd like for you to do rest of the steps I outlined, & post the logs for my review .....before we call this finished.

and remember, we still have closing cleanups to do.

Link to post
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.